Package io.helidon.security
Class Security.Builder
- java.lang.Object
-
- io.helidon.security.Security.Builder
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Security.Builder
addAuditProvider(AuditProvider provider)
Add an audit provider to this security runtime.Security.Builder
addAuditProvider(Supplier<? extends AuditProvider> builder)
Add an audit provider to this security runtime.Security.Builder
addAuthenticationProvider(AuthenticationProvider provider)
Add an authentication provider.Security.Builder
addAuthenticationProvider(AuthenticationProvider provider, String name)
Add a named authentication provider.Security.Builder
addAuthenticationProvider(Supplier<? extends AuthenticationProvider> builder)
Add an authentication provider.Security.Builder
addAuthenticationProvider(Supplier<? extends AuthenticationProvider> builder, String name)
Add a named authentication provider.Security.Builder
addAuthorizationProvider(AuthorizationProvider provider)
Add authorization provider.Security.Builder
addAuthorizationProvider(AuthorizationProvider provider, String name)
Add a named authorization provider.Security.Builder
addAuthorizationProvider(Supplier<? extends AuthorizationProvider> builder)
Add authorization provider.Security.Builder
addAuthorizationProvider(Supplier<? extends AuthorizationProvider> builder, String name)
Add a named authorization provider.Security.Builder
addOutboundSecurityProvider(OutboundSecurityProvider provider)
All configured identity propagation providers are used.Security.Builder
addOutboundSecurityProvider(OutboundSecurityProvider provider, String name)
Add a named outbound security provider.Security.Builder
addOutboundSecurityProvider(Supplier<? extends OutboundSecurityProvider> builder)
All configured identity propagation providers are used.Security.Builder
addOutboundSecurityProvider(Supplier<? extends OutboundSecurityProvider> build, String name)
Add a named outbound security provider.Security.Builder
addProvider(SecurityProvider provider)
Add a provider, works asaddProvider(SecurityProvider, String)
, where the name is set toClass.getSimpleName()
.Security.Builder
addProvider(SecurityProvider provider, String name)
Adds a named provider that may implement multiple interfaces.Security.Builder
addProvider(Supplier<? extends SecurityProvider> providerBuilder)
Add a provider, works asaddProvider(SecurityProvider, String)
, where the name is set toClass.getSimpleName()
.Security.Builder
addProvider(Supplier<? extends SecurityProvider> providerBuilder, String name)
Adds a named provider that may implement multiple interfaces.Security.Builder
authenticationProvider(AuthenticationProvider provider)
Set the default authentication provider.Security.Builder
authenticationProvider(Supplier<? extends AuthenticationProvider> builder)
Set the default authentication provider.Security.Builder
authorizationProvider(AuthorizationProvider provider)
Set the default authorization provider.Security.Builder
authorizationProvider(Supplier<? extends AuthorizationProvider> builder)
Set the default authorization provider.Security
build()
Builds configured Security instance.Security.Builder
config(Config config)
Add config instance to this builder.Security.Builder
disableTracing()
Disable open tracing support in this security instance.Security.Builder
enabled(boolean enabled)
Security can be disabled using configuration, or explicitly.Security.Builder
providerSelectionPolicy(Function<ProviderSelectionPolicy.Providers,ProviderSelectionPolicy> pspFunction)
Set the provider selection policy.Security.Builder
serverTime(SecurityTime time)
Server time to use when evaluating security policies that depend on time.Security.Builder
subjectMappingProvider(SubjectMappingProvider provider)
Configure a subject mapping provider that would be used once authentication is processed.Security.Builder
tracer(Tracer tracer)
Set an open tracing tracer to use for security.Security.Builder
tracingEnabled(boolean tracingEnabled)
Whether or not tracing should be enabled.
-
-
-
Method Detail
-
providerSelectionPolicy
public Security.Builder providerSelectionPolicy(Function<ProviderSelectionPolicy.Providers,ProviderSelectionPolicy> pspFunction)
Set the provider selection policy. The function is used to provider an immutable instance of theProviderSelectionPolicy
.Default is
FirstProviderSelectionPolicy
.Alternative built-in policy is:
CompositeProviderSelectionPolicy
- you can use itsCompositeProviderSelectionPolicy.builder()
to configure it and then configure this method withCompositeProviderSelectionPolicy.Builder.build()
.You can also use custom policy.
- Parameters:
pspFunction
- function to obtain an instance of the policy. This function will be only called once by security.- Returns:
- updated builder instance
-
serverTime
public Security.Builder serverTime(SecurityTime time)
Server time to use when evaluating security policies that depend on time.- Parameters:
time
- time instance with possible time shift, explicit timezone or overridden values- Returns:
- updated builder instance
-
tracer
public Security.Builder tracer(Tracer tracer)
Set an open tracing tracer to use for security.- Parameters:
tracer
- Tracer to use. If null is set, tracing will be disabled.- Returns:
- updated builder instance
-
tracingEnabled
public Security.Builder tracingEnabled(boolean tracingEnabled)
Whether or not tracing should be enabled. If set to false, security tracer will be a no-op tracer.- Parameters:
tracingEnabled
- true to enable tracing, false to disable- Returns:
- updated builder instance
-
disableTracing
public Security.Builder disableTracing()
Disable open tracing support in this security instance. This will cause methodSecurityContext.tracer()
to return a no-op tracer.- Returns:
- updated builder instance
-
addProvider
public Security.Builder addProvider(SecurityProvider provider)
Add a provider, works asaddProvider(SecurityProvider, String)
, where the name is set toClass.getSimpleName()
.- Parameters:
provider
- Provider implementing multiple security provider interfaces- Returns:
- updated builder instance
-
addProvider
public Security.Builder addProvider(Supplier<? extends SecurityProvider> providerBuilder)
Add a provider, works asaddProvider(SecurityProvider, String)
, where the name is set toClass.getSimpleName()
.- Parameters:
providerBuilder
- Builder of a provider, method build will be immediately called- Returns:
- updated builder instance
-
addProvider
public Security.Builder addProvider(SecurityProvider provider, String name)
Adds a named provider that may implement multiple interfaces. This is a helper method to allow you to invoke a builder method just once. This method will work as a chained call of add<Provider> for each provider interface your instance implements.- Parameters:
provider
- Provider implementing multiple security provider interfacesname
- name of the provider, if null, this provider will not be referencable from other scopes- Returns:
- updated builder instance
-
addProvider
public Security.Builder addProvider(Supplier<? extends SecurityProvider> providerBuilder, String name)
Adds a named provider that may implement multiple interfaces. This is a helper method to allow you to invoke a builder method just once. This method will work as a chained call of add<Provider> for each provider interface your instance implements.- Parameters:
providerBuilder
- Builder of provider implementing multiple security provider interfacesname
- name of the provider, if null, this provider will not be referencable from other scopes- Returns:
- updated builder instance
-
authenticationProvider
public Security.Builder authenticationProvider(AuthenticationProvider provider)
Set the default authentication provider.- Parameters:
provider
- Provider instance to use as the default for this runtime.- Returns:
- updated builder instance
-
authenticationProvider
public Security.Builder authenticationProvider(Supplier<? extends AuthenticationProvider> builder)
Set the default authentication provider.- Parameters:
builder
- Builder of provider to use as the default for this runtime.- Returns:
- updated builder instance
-
authorizationProvider
public Security.Builder authorizationProvider(AuthorizationProvider provider)
Set the default authorization provider.- Parameters:
provider
- provider instance to use as the default for this runtime.- Returns:
- updated builder instance
-
authorizationProvider
public Security.Builder authorizationProvider(Supplier<? extends AuthorizationProvider> builder)
Set the default authorization provider.- Parameters:
builder
- Builder of provider to use as the default for this runtime.- Returns:
- updated builder instance
-
addAuthenticationProvider
public Security.Builder addAuthenticationProvider(AuthenticationProvider provider)
Add an authentication provider. If default isn't set yet, sets it as default. Works asaddAuthenticationProvider(AuthenticationProvider, String)
where the name is simple class name.- Parameters:
provider
- provider instance to add- Returns:
- updated builder instance
-
addAuthenticationProvider
public Security.Builder addAuthenticationProvider(Supplier<? extends AuthenticationProvider> builder)
Add an authentication provider. If default isn't set yet, sets it as default. Works asaddAuthenticationProvider(AuthenticationProvider, String)
where the name is simple class name.- Parameters:
builder
- builder of provider to add- Returns:
- updated builder instance
-
addAuthenticationProvider
public Security.Builder addAuthenticationProvider(AuthenticationProvider provider, String name)
Add a named authentication provider. Provider can be referenced by name e.g. from configuration.- Parameters:
provider
- provider instancename
- name of provider, may be null or empty, but as such will not be rerefencable by name- Returns:
- updated builder instance
-
addAuthenticationProvider
public Security.Builder addAuthenticationProvider(Supplier<? extends AuthenticationProvider> builder, String name)
Add a named authentication provider. Provider can be referenced by name e.g. from configuration.- Parameters:
builder
- builder of provider instancename
- name of provider, may be null or empty, but as such will not be rerefencable by name- Returns:
- updated builder instance
-
addAuthorizationProvider
public Security.Builder addAuthorizationProvider(AuthorizationProvider provider)
Add authorization provider. If there is no default yet, it will become the default.- Parameters:
provider
- provider instance- Returns:
- updated builder instance
-
addAuthorizationProvider
public Security.Builder addAuthorizationProvider(Supplier<? extends AuthorizationProvider> builder)
Add authorization provider. If there is no default yet, it will become the default.- Parameters:
builder
- builder of provider instance- Returns:
- updated builder instance
-
addAuthorizationProvider
public Security.Builder addAuthorizationProvider(AuthorizationProvider provider, String name)
Add a named authorization provider. Named authorization provider can be referenced, such as from configuration.- Parameters:
provider
- provider instancename
- name of provider, may be null or empty, but as such will not be referencable- Returns:
- updated builder instance
-
addAuthorizationProvider
public Security.Builder addAuthorizationProvider(Supplier<? extends AuthorizationProvider> builder, String name)
Add a named authorization provider. Named authorization provider can be referenced, such as from configuration.- Parameters:
builder
- builder of provider instancename
- name of provider, may be null or empty, but as such will not be referencable- Returns:
- updated builder instance
-
addOutboundSecurityProvider
public Security.Builder addOutboundSecurityProvider(OutboundSecurityProvider provider)
All configured identity propagation providers are used. The first provider to return true toOutboundSecurityProvider.isOutboundSupported(ProviderRequest, SecurityEnvironment, EndpointConfig)
will be called to process current request. Others will be ignored.- Parameters:
provider
- Provider instance- Returns:
- updated builder instance
-
addOutboundSecurityProvider
public Security.Builder addOutboundSecurityProvider(Supplier<? extends OutboundSecurityProvider> builder)
All configured identity propagation providers are used. The first provider to return true toOutboundSecurityProvider.isOutboundSupported(ProviderRequest, SecurityEnvironment, EndpointConfig)
will be called to process current request. Others will be ignored.- Parameters:
builder
- Builder of provider instance- Returns:
- updated builder instance
-
addOutboundSecurityProvider
public Security.Builder addOutboundSecurityProvider(Supplier<? extends OutboundSecurityProvider> build, String name)
Add a named outbound security provider. Explicit names can be used when using secured client - see integration with Jersey.- Parameters:
build
- Builder of provider to usename
- name of the provider for reference from configuration- Returns:
- updated builder instance.
-
addOutboundSecurityProvider
public Security.Builder addOutboundSecurityProvider(OutboundSecurityProvider provider, String name)
Add a named outbound security provider.- Parameters:
provider
- Provider to usename
- name of the provider for reference from configuration- Returns:
- updated builder instance.
-
addAuditProvider
public Security.Builder addAuditProvider(AuditProvider provider)
Add an audit provider to this security runtime. All configured audit providers are used.- Parameters:
provider
- provider instance- Returns:
- updated builder instance
-
subjectMappingProvider
public Security.Builder subjectMappingProvider(SubjectMappingProvider provider)
Configure a subject mapping provider that would be used once authentication is processed. Allows you to addGrants
toSubject
or modify it in other ways.- Parameters:
provider
- provider to use for subject mapping- Returns:
- updated builder instance
-
addAuditProvider
public Security.Builder addAuditProvider(Supplier<? extends AuditProvider> builder)
Add an audit provider to this security runtime. All configured audit providers are used.- Parameters:
builder
- Builder of provider instance- Returns:
- updated builder instance
-
config
public Security.Builder config(Config config)
Add config instance to this builder. This may be later use by components initialized as a side-effect of creating an instance of security (such as security providers).- Parameters:
config
- Config instance- Returns:
- this instance
-
enabled
public Security.Builder enabled(boolean enabled)
Security can be disabled using configuration, or explicitly. By default, security instance is enabled. Disabled security instance will not perform any checks and allow all requests (as if it is not configured in Helidon at all).- Parameters:
enabled
- set tofalse
to disable security- Returns:
- updated builder instance
-
-