public interface AccessReferenceMap<K> extends Serializable
Indirect references are handled as strings, to facilitate their use in HTML. Implementations can generate simple integers or more complicated random character strings as indirect references. Implementations should probably add a constructor that takes a list of direct references.
Note that in addition to defeating all forms of parameter tampering attacks, there is a side benefit of the AccessReferenceMap. Using random strings as indirect object references, as opposed to simple integers makes it impossible for an attacker to guess valid identifiers. So if per-user AccessReferenceMaps are used, then request forgery (CSRF) attacks will also be prevented.
Set fileSet = new HashSet(); fileSet.addAll(...); // add direct references (e.g. File objects) AccessReferenceMap map = new AccessReferenceMap( fileSet ); // store the map somewhere safe - like the session! String indRef = map.getIndirectReference( file1 ); String href = "http://www.aspectsecurity.com/esapi?file=" + indRef ); ... // if the indirect reference doesn't exist, it's likely an attack // getDirectReference throws an AccessControlException // you should handle as appropriate String indref = request.getParameter( "file" ); File file = (File)map.getDirectReference( indref );
Modifier and Type | Method and Description |
---|---|
<T> K |
addDirectReference(T direct)
Adds a direct reference to the AccessReferenceMap, then generates and returns
an associated indirect reference.
|
<T> T |
getDirectReference(K indirectReference)
Get the original direct object reference from an indirect reference.
|
<T> K |
getIndirectReference(T directReference)
Get a safe indirect reference to use in place of a potentially sensitive
direct object reference.
|
Iterator |
iterator()
Get an iterator through the direct object references.
|
<T> K |
removeDirectReference(T direct)
Removes a direct reference and its associated indirect reference from the AccessReferenceMap.
|
void |
update(Set directReferences)
Updates the access reference map with a new set of direct references, maintaining
any existing indirect references associated with items that are in the new list.
|
Iterator iterator()
<T> K getIndirectReference(T directReference)
directReference
- the direct reference<T> T getDirectReference(K indirectReference) throws AccessControlException
UserProfile profile = arm.getDirectReference( indirectRef );Will throw a AccessControlException if the object stored in memory is not of type UserProfile. However,
Object uncastObject = arm.getDirectReference( indirectRef );Will never throw a AccessControlException as long as the object exists. If you are unsure of the object type of that an indirect reference references you should get the uncast object and test for type in the calling code.
Object uncastProfile = arm.getDirectReference( indirectRef ); if ( uncastProfile instanceof UserProfile ) { UserProfile userProfile = (UserProfile) uncastProfile; // ... } else { EmployeeProfile employeeProfile = (EmployeeProfile) uncastProfile; // ... }
indirectReference
- the indirect referenceAccessControlException
- if no direct reference exists for the specified indirect referenceClassCastException
- if the implied type is not the same as the referenced object type<T> K addDirectReference(T direct)
direct
- the direct reference<T> K removeDirectReference(T direct) throws AccessControlException
direct
- the direct reference to removeAccessControlException
- if the reference does not exist.void update(Set directReferences)
directReferences
- a Set of direct references to addCopyright © 2019 The Open Web Application Security Project (OWASP). All rights reserved.