Module io.helidon.webserver.security

Package io.helidon.webserver.security

package io.helidon.webserver.security

Helidon WebServer Security Support.

Example of integration (expects an instance of Security):

 // WebServer routing builder - this is our integration point
 HttpRouting routing = HttpRouting.builder()
 // register the WebSecurity to create context (shared by all routes)
 .register(SecurityHttpFeature.from(security))
 // authenticate all paths under /user and require role "user"
 .get("/user[/{*}]", WebSecurity.authenticate()
 .rolesAllowed("user"))
 // authenticate "/admin" path and require role "admin"
 .get("/admin", WebSecurity.rolesAllowed("admin")
 .authenticate()
 )
 // build a routing instance to start WebServer with.
 .build();
 

The main security methods are duplicate - first as static methods on SecurityHttpFeature and then as instance methods on SecurityHandler that is returned by the static methods above. This is to provide a single starting point for security integration (SecurityHttpFeature) and fluent API to build the "gate" to each route that is protected.

See Also:

• SecurityHttpFeature.create(io.helidon.security.Security)
• SecurityHttpFeature.create(io.helidon.config.Config)

Related Packages

Module	Package	Description
io.helidon.webserver	io.helidon.webserver	Helidon WebServer module, combining common server API, HTTP API and HTTP/1.1 API to create a server.

Classes

Class	Description
SecurityFeature	Server feature for security, to be registered with WebServerConfig.BuilderBase.addFeature(io.helidon.webserver.spi.ServerFeature).
SecurityFeatureProvider	ServiceLoader provider implementation of ServerFeatureProvider for security.
SecurityHandler	Handles security for web server.
SecurityHandler.QueryParamHandler	Handler of query parameters - extracts them and stores them in a security header, so security can access them.
SecurityHttpFeature	Integration of security into WebServer.