SessionSecretComputer (SIRIUS web 19.0-rc8 API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

```
public interface SessionSecretComputer
```
Permits to compute a http session secret per user or per session.
Instead of using the same security fingerprint secret for all sessions, this can be implemented to provide a custom secret per user or session to further increase the security.

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`String`	`computeSecret(Map<String,String> currentSession)` Computes or provides a secret based on the decoded session.

- Method Detail
  - computeSecret
```
String computeSecret(Map<String,String> currentSession)
```
    Computes or provides a secret based on the decoded session.
    Note that the secret itself must not be contained in the session data, as this would disable the session security entirely. Rather the user ID or a similar session value can be used to determine a secret and safe session value.
    
    Parameters:
    
    currentSession - the decoded session data
    
    Returns:
    
    the secret to use

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2018. All rights reserved.