Package io.helidon.security.providers.abac

Class AbacProvider

java.lang.Object

io.helidon.security.spi.SynchronousProvider

io.helidon.security.providers.abac.AbacProvider

All Implemented Interfaces:

AuthorizationProvider, SecurityProvider

public final class AbacProvider
extends SynchronousProvider
implements AuthorizationProvider

Attribute based access control (ABAC) provider. This provider gathers all attributes to be validated on endpoint and makes sure they are all validated as expected during authorization process. Each attribute to be validated must have a AbacValidator implemented.

See Also:

builder(), create(Config)

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AbacProvider.Builder	A fluent API builder for AbacProvider.

Method Summary

Modifier and Type	Method	Description
static AbacProvider.Builder	builder()	Creates a fluent API builder to build new instances of this class.
static AbacProvider	create()	Creates a new provider instance with default configuration.
static AbacProvider	create(Config config)	Creates a new provider instance from configuration.
Collection<Class<? extends Annotation>>	supportedAnnotations()	Provide extension annotations supported by this provider (e.g.
protected AuthorizationResponse	syncAuthorize(ProviderRequest providerRequest)	Synchronous authorization.

Methods inherited from class io.helidon.security.spi.SynchronousProvider

authenticate, authorize, outboundSecurity, syncAuthenticate, syncOutbound

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.helidon.security.spi.AuthorizationProvider

authorize, isUserInRole

Methods inherited from interface io.helidon.security.spi.SecurityProvider

supportedAttributes, supportedConfigKeys, supportedCustomObjects

Method Detail

builder

public static AbacProvider.Builder builder()

Creates a fluent API builder to build new instances of this class.

Returns:

a new builder instance

create

public static AbacProvider create(Config config)

Creates a new provider instance from configuration.

Parameters:

config - configuration

Returns:

ABAC provider instantiated from config

create

public static AbacProvider create()

Creates a new provider instance with default configuration.

Returns:

ABAC provider

supportedAnnotations

public Collection<Class<? extends Annotation>> supportedAnnotations()

Description copied from interface: SecurityProvider

Provide extension annotations supported by this provider (e.g. javax.annotation.security.RolesAllowed). Annotations will be collected according to framework in use. For JAX-RS, annotations from application class, resource class and resource methods will be collected.

Specified by:

supportedAnnotations in interface SecurityProvider

Returns:

Collection of annotations this provider expects.

See Also:

EndpointConfig.annotations(EndpointConfig.AnnotationScope...), EndpointConfig.combineAnnotations(Class, EndpointConfig.AnnotationScope...)

syncAuthorize

protected AuthorizationResponse syncAuthorize(ProviderRequest providerRequest)

Description copied from class: SynchronousProvider

Synchronous authorization.

Overrides:

syncAuthorize in class SynchronousProvider

Parameters:

providerRequest - context with environment, subject(s) etc.

Returns:

authorization response

See Also:

AuthorizationProvider.authorize(ProviderRequest)