Module io.helidon.security.providers.httpauth
Package io.helidon.security.providers.httpauth

Class ConfigUserStore

java.lang.Object
io.helidon.security.providers.httpauth.ConfigUserStore
All Implemented Interfaces:
SecureUserStore
public class ConfigUserStore extends Object implements SecureUserStore
User store loaded from configuration.

  • Constructor Details

    • ConfigUserStore

      public ConfigUserStore()

  • Method Details

    • create

      public static SecureUserStore create(Config config)
      Create an instance from config. Expects key "users" to be the current key. Example: 
       users: [
 {
   login = "jack"
   password = "${CLEAR=password}"
   roles = ["user", "admin"]
 },
 {
   login = "jill"
   # master password is "jungle", password is "password"
   password = "${AES=3XQ8A1RszE9JbXl+lUnnsX0gakuqjnTyp8YJWIAU1D3SiM2TaSnxd6U0/LjrdJYv}"
   roles = ["user"]
 }
 ]
      Parameters:
      config - to load this user store from
      Returns:
      SecureUserStore instance

    • user

      public Optional<SecureUserStore.User> user(String login)
      Description copied from interface: SecureUserStore
      Get user based on login. The returned user may not be populated - SecureUserStore.User.roles() is never called before SecureUserStore.User.isPasswordValid(char[]). Also the missing user and user with wrong password are treated the same - so if your implementation cannot decide whether a user exists until the password is checked, you can delay that decision and just return false from SecureUserStore.User.isPasswordValid(char[]) for both cases (e.g. invalid user and invalid password).
      Specified by:
      user in interface SecureUserStore
      Parameters:
      login - login of the user (as obtained from request)
      Returns:
      User information (empty if user is not found)