AddResponseHeadersFilter (CAS server security filter 2.0.10.4 API)

java.lang.Object
- org.apereo.cas.security.AbstractSecurityFilter
- - org.apereo.cas.security.AddResponseHeadersFilter

All Implemented Interfaces:: javax.servlet.Filter

public class AddResponseHeadersFilter
extends AbstractSecurityFilter
implements javax.servlet.Filter

Allows users to easily inject the default security headers to assist in protecting the application. The default for is to include the following headers:

 Cache-Control: no-cache, no-store, max-age=0, must-revalidate
 Pragma: no-cache
 Expires: 0
 X-Content-Type-Options: nosniff
 Strict-Transport-Security: max-age=15768000 ; includeSubDomains
 X-Frame-Options: DENY
 X-XSS-Protection: 1; mode=block

Since:: 2.0.4
Author:: Misagh Moayyed

Field Summary
- Fields inherited from class org.apereo.cas.security.AbstractSecurityFilter
  LOGGER_HANDLER_CLASS_NAME

Constructor Summary

Constructors
Constructor and Description

AddResponseHeadersFilter()

Constructors
Constructor and Description
`AddResponseHeadersFilter()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`destroy()`
`void`	`doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain filterChain)`
`void`	`init(javax.servlet.FilterConfig filterConfig)`
`void`	`setHeadersMap(Map<String,String> headersMap)`
`void`	`setLoggerHandlerClassName(String loggerHandlerClassName)`

Methods inherited from class org.apereo.cas.security.AbstractSecurityFilter
getLoggerHandlerClassName

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- AddResponseHeadersFilter
```
public AddResponseHeadersFilter()
```

Method Detail

setHeadersMap

public void setHeadersMap(Map<String,String> headersMap)

setLoggerHandlerClassName
```
public void setLoggerHandlerClassName(String loggerHandlerClassName)
```
Overrides:

setLoggerHandlerClassName in class AbstractSecurityFilter

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException

Specified by:: init in interface javax.servlet.Filter
Throws:: javax.servlet.ServletException

doFilter

public void doFilter(javax.servlet.ServletRequest servletRequest,
                     javax.servlet.ServletResponse servletResponse,
                     javax.servlet.FilterChain filterChain)
              throws IOException,
                     javax.servlet.ServletException

Specified by:: doFilter in interface javax.servlet.Filter
Throws:: IOException; javax.servlet.ServletException

destroy
```
public void destroy()
```
Specified by:

destroy in interface javax.servlet.Filter

Class AddResponseHeadersFilter

Field Summary

Fields inherited from class org.apereo.cas.security.AbstractSecurityFilter

Constructor Summary

Method Summary

Methods inherited from class org.apereo.cas.security.AbstractSecurityFilter

Methods inherited from class java.lang.Object

Constructor Detail

AddResponseHeadersFilter

Method Detail

setHeadersMap

setLoggerHandlerClassName

init

doFilter

destroy