Module io.helidon.webserver
Package io.helidon.webserver.http

Class SecureHandler

java.lang.Object
io.helidon.webserver.http.SecureHandler
All Implemented Interfaces:
Handler, ProtocolUpgradeHandler, ServerLifecycle
public final class SecureHandler extends Object implements Handler, ProtocolUpgradeHandler
A handler that enforces authentication and/or authorization. When configured, it just validates that security was processed. If not, appropriate exception is thrown.

  • Method Details

    • authenticate

      public static SecureHandler authenticate()
      Create a security handler that enforces authentication.
      Returns:
      a new handler that requires authentication

    • authorize

      public static SecureHandler authorize(String... roleHint)
      Create a security handler that enforces authorization.
      Parameters:
      roleHint - optional role names; when specified, the built-in security feature requires the user to be in at least one of these roles
      Returns:
      a new handler that requires authorization

    • andAuthenticate

      public SecureHandler andAuthenticate()
      Add authentication requirement and create a new handler with combined setup.
      Returns:
      a new handler that combines the existing authorization requirements and adds authentication requirement

    • andAuthorize

      public SecureHandler andAuthorize(String... roleHint)
      Add authorization requirement and create a new handler with combined setup.
      Parameters:
      roleHint - optional role names; when specified, the built-in security feature requires the user to be in at least one of these roles
      Returns:
      a new handler that combines the existing authentication requirements and adds authorization requirement

    • wrap

      public Handler wrap(Handler handler)
      Creates a new handler that uses the configured security requirements and wraps an existing handler to be executed when security is checked.
      Parameters:
      handler - handler to invoke when security requirements are met
      Returns:
      a new wrapped handler

    • handle

      public void handle(ServerRequest req, ServerResponse res) throws Exception
      Description copied from interface: Handler
      Handle request. This method must not return before the response is completed. If the method does asynchronous operations, it must wait for them to complete before returning.
      Specified by:
      handle in interface Handler
      Parameters:
      req - request
      res - response
      Throws:
      Exception - may throw checked exceptions that are handled by the server, either by error handler, or by returning an internal server error (default handling)

    • handleProtocolUpgrade

      public void handleProtocolUpgrade(ServerRequest req, ServerResponse res) throws Exception
      Description copied from interface: ProtocolUpgradeHandler
      Handle an HTTP/1 protocol upgrade request before the protocol switch. The handler follows the same response contract as ordinary routing: call ServerResponse.next() to allow the protocol switch, send a response to reject the switch, or reroute the request back to ordinary HTTP routing.
      Specified by:
      handleProtocolUpgrade in interface ProtocolUpgradeHandler
      Parameters:
      req - server request
      res - server response
      Throws:
      Exception - in case of a processing error