Module io.helidon.webserver

Package io.helidon.webserver.http

Class SecureHandler

java.lang.Object

io.helidon.webserver.http.SecureHandler

All Implemented Interfaces:

Handler, ServerLifecycle

public final class SecureHandler
extends Object
implements Handler

A handler that enforces authentication and/or authorization. When configured, it just validates that security was processed. If not, appropriate exception is thrown.

Method Summary

Modifier and Type	Method	Description
SecureHandler	andAuthenticate()	Add authentication requirement and create a new handler with combined setup.
SecureHandler	andAuthorize(String... roleHint)	Add authorization requirement and create a new handler with combined setup.
static SecureHandler	authenticate()	Create a security handler that enforces authentication.
static SecureHandler	authorize(String... roleHint)	Create a security handler that enforces authorization.
void	handle(ServerRequest req, ServerResponse res)	Handle request.
Handler	wrap(Handler handler)	Creates a new handler that uses the configured security requirements and wraps an existing handler to be executed when security is checked.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.helidon.webserver.ServerLifecycle

afterStop, beforeStart

Method Details

authenticate

public static SecureHandler authenticate()

Create a security handler that enforces authentication.

Returns:

a new handler that requires authentication

authorize

public static SecureHandler authorize(String... roleHint)

Create a security handler that enforces authorization.

Parameters:

roleHint - optional hint for role names the user is expected to be in

Returns:

a new handler that requires authorization

andAuthenticate

public SecureHandler andAuthenticate()

Add authentication requirement and create a new handler with combined setup.

Returns:

a new handler that combines the existing authorization requirements and adds authentication requirement

andAuthorize

public SecureHandler andAuthorize(String... roleHint)

Add authorization requirement and create a new handler with combined setup.

Parameters:

roleHint - optional hint for role names the user is expected to be in

Returns:

a new handler that combines the existing authentication requirements and adds authorization requirement

wrap

public Handler wrap(Handler handler)

Creates a new handler that uses the configured security requirements and wraps an existing handler to be executed when security is checked.

Parameters:

handler - handler to invoke when security requirements are met

Returns:

a new wrapped handler

handle

public void handle(ServerRequest req,
 ServerResponse res)
            throws Exception

Description copied from interface: Handler

Handle request. This method must not return before the response is completed. If the method does asynchronous operations, it must wait for them to complete before returning.

Specified by:

handle in interface Handler

Parameters:

req - request

res - response

Throws:

Exception - may throw checked exceptions that are handled by the server, either by error handler, or by returning an internal server error (default handling)