View Javadoc
1   /**
2    * Copyright 2005-2016 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.service;
17  
18  import javax.servlet.http.HttpServletRequest;
19  import javax.servlet.http.HttpServletResponse;
20  
21  /**
22   * A service which performs CSRF validation and population on a given request if necessary.
23   *
24   * Whether or not CSRF is checked may be dependent on external configuration.
25   *
26   * @author Eric Westfall
27   */
28  public interface CsrfService {
29  
30      boolean validateCsrfIfNecessary(HttpServletRequest request, HttpServletResponse response);
31  
32      String getSessionToken(HttpServletRequest request);
33  
34  }