Class ProviderRequest

  • All Implemented Interfaces:
    AbacSupport

    public class ProviderRequest
    extends Object
    implements AbacSupport
    A request sent to security providers. Contains all information that may be needed to authenticate or authorize a request:
    • User's subject: subject() - if user is authenticated
    • Service subject: service() - if service is authenticated
    • Environment information: env() - path, method etc.
    • Object: getObject() - target resource, if provided by user
    • Security context: securityContext() - current subjects and information about security context of this request
    • Endpoint configuration: endpointConfig() - annotations, endpoint specific configuration, custom objects, custom atttributes
    • Method Detail

      • getValue

        public static Optional<Object> getValue​(Object object,
                                                String key)
        Get a value of a property from an object. If object implements AbacSupport the value is obtained through AbacSupport.abacAttribute(String), if not, the value is obtained by reflection from a public field or a public getter method. The method name may be (for attribute called for example "audit"):
        • audit
        • getAudit
        • isAudit
        • shouldAudit
        • hasAudit
        Parameters:
        object - object to get attribute from
        key - key of the attribute
        Returns:
        value of the attribute if found
      • endpointConfig

        public EndpointConfig endpointConfig()
        Configuration of the invoked endpoint, such as annotations declared.
        Returns:
        endpoint config
      • securityContext

        public SecurityContext securityContext()
        Security context associated with current request.
        Returns:
        security context
      • subject

        public Optional<Subject> subject()
        Current user subject, if already authenticated.
        Returns:
        user subject or empty
      • service

        public Optional<Subject> service()
        Current service subject, if already authenticated.
        Returns:
        service subject or empty.
      • env

        public SecurityEnvironment env()
        Environment of current request, such as the URI invoked, time to use for security decisions etc.
        Returns:
        security environment
      • getObject

        public Optional<Object> getObject()
        The object of this request. Security request may be configured for a specific entity (e.g. if this is an entity modification request, the entity itself may be provided to help in a security task.
        Returns:
        the object or empty if not known
      • requestEntity

        @Deprecated
        public Optional<Entity> requestEntity()
        Deprecated.
        entity access is going to be removed from security
        Access request message entity.
        Returns:
        Entity of the request, if current request has entity
      • responseEntity

        @Deprecated
        public Optional<Entity> responseEntity()
        Deprecated.
        entity access is going to be removed from security
        Access response message entity.
        Returns:
        Entity of the response, if current response can have entity
      • abacAttributeRaw

        public Object abacAttributeRaw​(String key)
        Description copied from interface: AbacSupport
        Return the actual property value or null if not present. This is the only method that needs to be implemented.
        Specified by:
        abacAttributeRaw in interface AbacSupport
        Parameters:
        key - key (name) of the property
        Returns:
        value of the property or null