Class HttpSecurityFilter

Object
org.apache.spark.ui.HttpSecurityFilter
All Implemented Interfaces:
javax.servlet.Filter

public class HttpSecurityFilter extends Object implements javax.servlet.Filter
A servlet filter that implements HTTP security features. The following actions are taken for every request:

- perform access control of authenticated requests. - check request data for disallowed content (e.g. things that could be used to create XSS attacks). - set response headers to prevent certain kinds of attacks.

Request parameters are sanitized so that HTML content is escaped, and disallowed content is removed.

  • Constructor Summary

    Constructors
    Constructor
    Description
    HttpSecurityFilter(SparkConf conf, org.apache.spark.SecurityManager securityMgr)
     
  • Method Summary

    Modifier and Type
    Method
    Description
    void
     
    void
    doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain)
     
    void
    init(javax.servlet.FilterConfig config)
     

    Methods inherited from class java.lang.Object

    equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Constructor Details

    • HttpSecurityFilter

      public HttpSecurityFilter(SparkConf conf, org.apache.spark.SecurityManager securityMgr)
  • Method Details

    • destroy

      public void destroy()
      Specified by:
      destroy in interface javax.servlet.Filter
    • doFilter

      public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain)
      Specified by:
      doFilter in interface javax.servlet.Filter
    • init

      public void init(javax.servlet.FilterConfig config)
      Specified by:
      init in interface javax.servlet.Filter