Class AbacProvider
- java.lang.Object
-
- io.helidon.security.spi.SynchronousProvider
-
- io.helidon.security.providers.abac.AbacProvider
-
- All Implemented Interfaces:
AuthorizationProvider
,SecurityProvider
public final class AbacProvider extends SynchronousProvider implements AuthorizationProvider
Attribute based access control (ABAC) provider. This provider gathers all attributes to be validated on endpoint and makes sure they are all validated as expected during authorization process. Each attribute to be validated must have aAbacValidator
implemented.- See Also:
builder()
,create(Config)
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
AbacProvider.Builder
A fluent API builder forAbacProvider
.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static AbacProvider.Builder
builder()
Creates a fluent API builder to build new instances of this class.static AbacProvider
create()
Creates a new provider instance with default configuration.static AbacProvider
create(Config config)
Creates a new provider instance from configuration.Collection<Class<? extends Annotation>>
supportedAnnotations()
Provide extension annotations supported by this provider (e.g.protected AuthorizationResponse
syncAuthorize(ProviderRequest providerRequest)
Synchronous authorization.-
Methods inherited from class io.helidon.security.spi.SynchronousProvider
authenticate, authorize, outboundSecurity, syncAuthenticate, syncOutbound
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface io.helidon.security.spi.AuthorizationProvider
authorize, isUserInRole
-
Methods inherited from interface io.helidon.security.spi.SecurityProvider
supportedAttributes, supportedConfigKeys, supportedCustomObjects
-
-
-
-
Method Detail
-
builder
public static AbacProvider.Builder builder()
Creates a fluent API builder to build new instances of this class.- Returns:
- a new builder instance
-
create
public static AbacProvider create(Config config)
Creates a new provider instance from configuration.- Parameters:
config
- configuration- Returns:
- ABAC provider instantiated from config
-
create
public static AbacProvider create()
Creates a new provider instance with default configuration.- Returns:
- ABAC provider
-
supportedAnnotations
public Collection<Class<? extends Annotation>> supportedAnnotations()
Description copied from interface:SecurityProvider
Provide extension annotations supported by this provider (e.g.javax.annotation.security.RolesAllowed
). Annotations will be collected according to framework in use. For JAX-RS, annotations from application class, resource class and resource methods will be collected.- Specified by:
supportedAnnotations
in interfaceSecurityProvider
- Returns:
- Collection of annotations this provider expects.
- See Also:
EndpointConfig.annotations(EndpointConfig.AnnotationScope...)
,EndpointConfig.combineAnnotations(Class, EndpointConfig.AnnotationScope...)
-
syncAuthorize
protected AuthorizationResponse syncAuthorize(ProviderRequest providerRequest)
Description copied from class:SynchronousProvider
Synchronous authorization.- Overrides:
syncAuthorize
in classSynchronousProvider
- Parameters:
providerRequest
- context with environment, subject(s) etc.- Returns:
- authorization response
- See Also:
AuthorizationProvider.authorize(ProviderRequest)
-
-