Module io.helidon.webserver.security
Package io.helidon.webserver.security

Class SecurityHandlerConfig.BuilderBase<BUILDER extends SecurityHandlerConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends SecurityHandlerConfig>

java.lang.Object
io.helidon.webserver.security.SecurityHandlerConfig.BuilderBase<BUILDER,PROTOTYPE>
Type Parameters:
BUILDER - type of the builder extending this abstract builder
PROTOTYPE - type of the prototype interface that would be built by Prototype.Builder.buildPrototype()
All Implemented Interfaces:
Prototype.Builder<BUILDER,PROTOTYPE>, Prototype.ConfiguredBuilder<BUILDER,PROTOTYPE>
Direct Known Subclasses:
SecurityHandlerConfig.Builder
Enclosing interface:
SecurityHandlerConfig
public abstract static class SecurityHandlerConfig.BuilderBase<BUILDER extends SecurityHandlerConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends SecurityHandlerConfig> extends Object implements Prototype.ConfiguredBuilder<BUILDER,PROTOTYPE>
Fluent API builder base for SecurityHandler.

  • Constructor Details

    • BuilderBase

      protected BuilderBase()
      Protected to support extensibility.

  • Method Details

    • from

      public BUILDER from(SecurityHandlerConfig prototype)
      Update this builder from an existing prototype instance. This method disables automatic service discovery.
      Parameters:
      prototype - existing prototype to update this builder from
      Returns:
      updated builder instance

    • from

      public BUILDER from(SecurityHandlerConfig.BuilderBase<?,?> builder)
      Update this builder from an existing prototype builder instance.
      Parameters:
      builder - existing builder prototype to update this builder from
      Returns:
      updated builder instance

    • addObject

      public BUILDER addObject(Object object)
      Register a custom object for security request(s). This creates a hard dependency on a specific security provider, so use with care.
      Parameters:
      object - An object expected by security provider
      Returns:
      updated builder instance

    • addObject

      public BUILDER addObject(Class<?> objectType, Object object)
      Register a custom object for security request(s). This creates a hard dependency on a specific security provider, so use with care.
      Parameters:
      object - An object expected by security provider
      Returns:
      updated builder instance

    • config

      public BUILDER config(Config config)
      Update builder from configuration (node of this type). If a value is present in configuration, it would override currently configured values.
      Specified by:
      config in interface Prototype.ConfiguredBuilder<BUILDER extends SecurityHandlerConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends SecurityHandlerConfig>
      Parameters:
      config - configuration instance used to obtain values to update this builder
      Returns:
      updated builder instance

    • rolesAllowed

      public BUILDER rolesAllowed(Set<? extends String> rolesAllowed)
      An array of allowed roles for this path - must have a security provider supporting roles (either authentication or authorization provider). This method enables authentication and authorization (you can disable them again by calling SecurityHandler.skipAuthorization() and authenticationOptional() if needed).
      Parameters:
      rolesAllowed - if subject is any of these roles, allow access
      Returns:
      updated builder instance
      See Also:

    • addRolesAllowed

      public BUILDER addRolesAllowed(Set<? extends String> rolesAllowed)
      An array of allowed roles for this path - must have a security provider supporting roles (either authentication or authorization provider). This method enables authentication and authorization (you can disable them again by calling SecurityHandler.skipAuthorization() and authenticationOptional() if needed).
      Parameters:
      rolesAllowed - if subject is any of these roles, allow access
      Returns:
      updated builder instance
      See Also:

    • addRoleAllowed

      public BUILDER addRoleAllowed(String roleAllowed)
      An array of allowed roles for this path - must have a security provider supporting roles (either authentication or authorization provider). This method enables authentication and authorization (you can disable them again by calling SecurityHandler.skipAuthorization() and authenticationOptional() if needed).
      Parameters:
      roleAllowed - if subject is any of these roles, allow access
      Returns:
      updated builder instance
      See Also:

    • clearAuthenticator

      public BUILDER clearAuthenticator()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • authenticator

      public BUILDER authenticator(String authenticator)
      Use a named authenticator (as supported by security - if not defined, default authenticator is used). Will enable authentication.
      Parameters:
      authenticator - name of authenticator as configured in Security
      Returns:
      updated builder instance
      See Also:

    • clearAuthorizer

      public BUILDER clearAuthorizer()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • authorizer

      public BUILDER authorizer(String authorizer)
      Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is permitted). Will enable authorization.
      Parameters:
      authorizer - name of authorizer as configured in Security
      Returns:
      updated builder instance
      See Also:

    • clearAuthenticate

      public BUILDER clearAuthenticate()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • authenticate

      public BUILDER authenticate(boolean authenticate)
      If called, request will go through authentication process - defaults to false (even if authorize is true).
      Parameters:
      authenticate - whether to authenticate or not
      Returns:
      updated builder instance
      See Also:

    • clearAuthenticationOptional

      public BUILDER clearAuthenticationOptional()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • authenticationOptional

      public BUILDER authenticationOptional(boolean authenticationOptional)
      If called, authentication failure will not abort request and will continue as anonymous (defaults to false).
      Parameters:
      authenticationOptional - whether authn is optional
      Returns:
      updated builder instance
      See Also:

    • clearAudit

      public BUILDER clearAudit()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • audit

      public BUILDER audit(boolean audit)
      Whether to audit this request - defaults to false, if enabled, request is audited with event type "request".
      Parameters:
      audit - whether to audit
      Returns:
      updated builder instance
      See Also:

    • clearAuthorize

      public BUILDER clearAuthorize()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • authorize

      public BUILDER authorize(boolean authorize)
      Enable authorization for this route.
      Parameters:
      authorize - whether to authorize
      Returns:
      updated builder instance
      See Also:

    • clearAuditEventType

      public BUILDER clearAuditEventType()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • auditEventType

      public BUILDER auditEventType(String auditEventType)
      Override for event-type, defaults to "request".
      Parameters:
      auditEventType - audit event type to use
      Returns:
      updated builder instance
      See Also:

    • clearAuditMessageFormat

      public BUILDER clearAuditMessageFormat()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • auditMessageFormat

      public BUILDER auditMessageFormat(String auditMessageFormat)
      Override for audit message format, defaults to "%3$s %1$s \"%2$s\" %5$s %6$s requested by %4$s".
      Parameters:
      auditMessageFormat - audit message format to use
      Returns:
      updated builder instance
      See Also:

    • queryParams

      public BUILDER queryParams(List<? extends SecurityHandler.QueryParamHandler> queryParams)
      Query parameter handler(s).
      Parameters:
      queryParams - query parameters
      Returns:
      updated builder instance
      See Also:

    • addQueryParams

      public BUILDER addQueryParams(List<? extends SecurityHandler.QueryParamHandler> queryParams)
      Query parameter handler(s).
      Parameters:
      queryParams - query parameters
      Returns:
      updated builder instance
      See Also:

    • addQueryParam

      public BUILDER addQueryParam(SecurityHandler.QueryParamHandler queryParam)
      Query parameter handler(s).
      Parameters:
      queryParam - query parameters
      Returns:
      updated builder instance
      See Also:

    • clearCustomObjects

      public BUILDER clearCustomObjects()
      Clear existing value of this property.
      Returns:
      updated builder instance
      See Also:

    • customObjects

      public BUILDER customObjects(ClassToInstanceStore<Object> customObjects)
      A store of custom objects, that can be used to customize specific security providers.
      Parameters:
      customObjects - custom objects
      Returns:
      updated builder instance
      See Also:

    • sockets

      public BUILDER sockets(List<? extends String> sockets)
      List of sockets this configuration should be applied to. If empty, the configuration is applied to all configured sockets.
      Parameters:
      sockets - list of sockets
      Returns:
      updated builder instance
      See Also:

    • addSockets

      public BUILDER addSockets(List<? extends String> sockets)
      List of sockets this configuration should be applied to. If empty, the configuration is applied to all configured sockets.
      Parameters:
      sockets - list of sockets
      Returns:
      updated builder instance
      See Also:

    • combined

      public BUILDER combined(boolean combined)
      Whether this is a combined handler. Internal use.
      Parameters:
      combined - if combined handler
      Returns:
      updated builder instance
      See Also:

    • rolesAllowed

      public Set<String> rolesAllowed()
      An array of allowed roles for this path - must have a security provider supporting roles (either authentication or authorization provider). This method enables authentication and authorization (you can disable them again by calling SecurityHandler.skipAuthorization() and authenticationOptional() if needed).
      Returns:
      the roles allowed

    • authenticator

      public Optional<String> authenticator()
      Use a named authenticator (as supported by security - if not defined, default authenticator is used). Will enable authentication.
      Returns:
      the authenticator

    • authorizer

      public Optional<String> authorizer()
      Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is permitted). Will enable authorization.
      Returns:
      the authorizer

    • authenticate

      public Optional<Boolean> authenticate()
      If called, request will go through authentication process - defaults to false (even if authorize is true).
      Returns:
      the authenticate

    • authenticationOptional

      public Optional<Boolean> authenticationOptional()
      If called, authentication failure will not abort request and will continue as anonymous (defaults to false).
      Returns:
      the authentication optional

    • audit

      public Optional<Boolean> audit()
      Whether to audit this request - defaults to false, if enabled, request is audited with event type "request".
      Returns:
      the audit

    • authorize

      public Optional<Boolean> authorize()
      Enable authorization for this route.
      Returns:
      the authorize

    • auditEventType

      public Optional<String> auditEventType()
      Override for event-type, defaults to "request".
      Returns:
      the audit event type

    • auditMessageFormat

      public Optional<String> auditMessageFormat()
      Override for audit message format, defaults to "%3$s %1$s \"%2$s\" %5$s %6$s requested by %4$s".
      Returns:
      the audit message format

    • queryParams

      public List<SecurityHandler.QueryParamHandler> queryParams()
      Query parameter handler(s).
      Returns:
      the query params

    • customObjects

      public Optional<ClassToInstanceStore<Object>> customObjects()
      A store of custom objects, that can be used to customize specific security providers.
      Returns:
      the custom objects

    • sockets

      public List<String> sockets()
      List of sockets this configuration should be applied to. If empty, the configuration is applied to all configured sockets.
      Returns:
      the sockets

    • combined

      public boolean combined()
      Whether this is a combined handler. Internal use.
      Returns:
      the combined

    • config

      public Optional<Config> config()
      If this instance was configured, this would be the config instance used.
      Returns:
      config node used to configure this builder, or empty if not configured

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • preBuildPrototype

      protected void preBuildPrototype()
      Handles providers and decorators.

    • validatePrototype

      protected void validatePrototype()
      Validates required properties.