org.apache.spark.ui.HttpSecurityFilter

All Implemented Interfaces:: javax.servlet.Filter

public class HttpSecurityFilter extends Object implements javax.servlet.Filter

A servlet filter that implements HTTP security features. The following actions are taken for every request:

- perform access control of authenticated requests. - check request data for disallowed content (e.g. things that could be used to create XSS attacks). - set response headers to prevent certain kinds of attacks.

Request parameters are sanitized so that HTML content is escaped, and disallowed content is removed.

Constructor Summary

Constructors

Constructor

Description

HttpSecurityFilter(SparkConf conf, org.apache.spark.SecurityManager securityMgr)
Method Summary

Modifier and Type

Method

Description

void

destroy()

void

doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain)

void

init(javax.servlet.FilterConfig config)

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- HttpSecurityFilter
  
  public HttpSecurityFilter(SparkConf conf, org.apache.spark.SecurityManager securityMgr)
Method Details
- destroy
  
  public void destroy()
  
  Specified by:
  
  destroy in interface javax.servlet.Filter
- doFilter
  
  public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain)
  
  Specified by:
  
  doFilter in interface javax.servlet.Filter
- init
  
  public void init(javax.servlet.FilterConfig config)
  
  Specified by:
  
  init in interface javax.servlet.Filter

Class HttpSecurityFilter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

HttpSecurityFilter

Method Details

destroy

doFilter

init