Module io.helidon.security
Package io.helidon.security

Class Security.Builder

    • Method Detail

      • serverTime

        public Security.Builder serverTime​(SecurityTime time)
        Server time to use when evaluating security policies that depend on time.
        Parameters:
        time - time instance with possible time shift, explicit timezone or overridden values
        Returns:
        updated builder instance

      • tracer

        public Security.Builder tracer​(Tracer tracer)
        Set an open tracing tracer to use for security.
        Parameters:
        tracer - Tracer to use. If null is set, tracing will be disabled.
        Returns:
        updated builder instance

      • tracingEnabled

        public Security.Builder tracingEnabled​(boolean tracingEnabled)
        Whether or not tracing should be enabled. If set to false, security tracer will be a no-op tracer.
        Parameters:
        tracingEnabled - true to enable tracing, false to disable
        Returns:
        updated builder instance

      • disableTracing

        public Security.Builder disableTracing()
        Disable open tracing support in this security instance. This will cause method SecurityContext.tracer() to return a no-op tracer.
        Returns:
        updated builder instance

      • addProvider

        public Security.Builder addProvider​(SecurityProvider provider,
                                    String name)
        Adds a named provider that may implement multiple interfaces. This is a helper method to allow you to invoke a builder method just once. This method will work as a chained call of add<Provider> for each provider interface your instance implements.
        Parameters:
        provider - Provider implementing multiple security provider interfaces
        name - name of the provider, if null, this provider will not be referencable from other scopes
        Returns:
        updated builder instance

      • addProvider

        public Security.Builder addProvider​(Supplier<? extends SecurityProvider> providerBuilder,
                                    String name)
        Adds a named provider that may implement multiple interfaces. This is a helper method to allow you to invoke a builder method just once. This method will work as a chained call of add<Provider> for each provider interface your instance implements.
        Parameters:
        providerBuilder - Builder of provider implementing multiple security provider interfaces
        name - name of the provider, if null, this provider will not be referencable from other scopes
        Returns:
        updated builder instance

      • authenticationProvider

        public Security.Builder authenticationProvider​(AuthenticationProvider provider)
        Set the default authentication provider.
        Parameters:
        provider - Provider instance to use as the default for this runtime.
        Returns:
        updated builder instance

      • authenticationProvider

        public Security.Builder authenticationProvider​(Supplier<? extends AuthenticationProvider> builder)
        Set the default authentication provider.
        Parameters:
        builder - Builder of provider to use as the default for this runtime.
        Returns:
        updated builder instance

      • authorizationProvider

        public Security.Builder authorizationProvider​(AuthorizationProvider provider)
        Set the default authorization provider.
        Parameters:
        provider - provider instance to use as the default for this runtime.
        Returns:
        updated builder instance

      • authorizationProvider

        public Security.Builder authorizationProvider​(Supplier<? extends AuthorizationProvider> builder)
        Set the default authorization provider.
        Parameters:
        builder - Builder of provider to use as the default for this runtime.
        Returns:
        updated builder instance

      • addAuthenticationProvider

        public Security.Builder addAuthenticationProvider​(AuthenticationProvider provider,
                                                  String name)
        Add a named authentication provider. Provider can be referenced by name e.g. from configuration.
        Parameters:
        provider - provider instance
        name - name of provider, may be null or empty, but as such will not be rerefencable by name
        Returns:
        updated builder instance

      • addAuthenticationProvider

        public Security.Builder addAuthenticationProvider​(Supplier<? extends AuthenticationProvider> builder,
                                                  String name)
        Add a named authentication provider. Provider can be referenced by name e.g. from configuration.
        Parameters:
        builder - builder of provider instance
        name - name of provider, may be null or empty, but as such will not be rerefencable by name
        Returns:
        updated builder instance

      • addAuthorizationProvider

        public Security.Builder addAuthorizationProvider​(AuthorizationProvider provider)
        Add authorization provider. If there is no default yet, it will become the default.
        Parameters:
        provider - provider instance
        Returns:
        updated builder instance

      • addAuthorizationProvider

        public Security.Builder addAuthorizationProvider​(Supplier<? extends AuthorizationProvider> builder)
        Add authorization provider. If there is no default yet, it will become the default.
        Parameters:
        builder - builder of provider instance
        Returns:
        updated builder instance

      • addAuthorizationProvider

        public Security.Builder addAuthorizationProvider​(AuthorizationProvider provider,
                                                 String name)
        Add a named authorization provider. Named authorization provider can be referenced, such as from configuration.
        Parameters:
        provider - provider instance
        name - name of provider, may be null or empty, but as such will not be referencable
        Returns:
        updated builder instance

      • addAuthorizationProvider

        public Security.Builder addAuthorizationProvider​(Supplier<? extends AuthorizationProvider> builder,
                                                 String name)
        Add a named authorization provider. Named authorization provider can be referenced, such as from configuration.
        Parameters:
        builder - builder of provider instance
        name - name of provider, may be null or empty, but as such will not be referencable
        Returns:
        updated builder instance

      • addOutboundSecurityProvider

        public Security.Builder addOutboundSecurityProvider​(Supplier<? extends OutboundSecurityProvider> build,
                                                    String name)
        Add a named outbound security provider. Explicit names can be used when using secured client - see integration with Jersey.
        Parameters:
        build - Builder of provider to use
        name - name of the provider for reference from configuration
        Returns:
        updated builder instance.

      • addOutboundSecurityProvider

        public Security.Builder addOutboundSecurityProvider​(OutboundSecurityProvider provider,
                                                    String name)
        Add a named outbound security provider.
        Parameters:
        provider - Provider to use
        name - name of the provider for reference from configuration
        Returns:
        updated builder instance.

      • addSecretProvider

        public Security.Builder addSecretProvider​(SecretsProvider<?> provider,
                                          String name)
        Add a named secret provider.
        Parameters:
        provider - provider to use
        name - name of the provider for reference from configuration
        Returns:
        updated builder instance

      • addEncryptionProvider

        public Security.Builder addEncryptionProvider​(EncryptionProvider<?> provider,
                                              String name)
        Add a named encryption provider.
        Parameters:
        provider - provider to use
        name - name of the provider for reference from configuration
        Returns:
        updated builder instance

      • addDigestProvider

        public Security.Builder addDigestProvider​(DigestProvider<?> provider,
                                          String name)
        Add a named digest provider (providing signatures and possibly HMAC).
        Parameters:
        provider - provider to use
        name - name of the provider for reference from configuration
        Returns:
        updated builder instance

      • addAuditProvider

        public Security.Builder addAuditProvider​(AuditProvider provider)
        Add an audit provider to this security runtime. All configured audit providers are used.
        Parameters:
        provider - provider instance
        Returns:
        updated builder instance

      • subjectMappingProvider

        public Security.Builder subjectMappingProvider​(SubjectMappingProvider provider)
        Configure a subject mapping provider that would be used once authentication is processed. Allows you to add Grants to Subject or modify it in other ways.
        Parameters:
        provider - provider to use for subject mapping
        Returns:
        updated builder instance

      • addAuditProvider

        public Security.Builder addAuditProvider​(Supplier<? extends AuditProvider> builder)
        Add an audit provider to this security runtime. All configured audit providers are used.
        Parameters:
        builder - Builder of provider instance
        Returns:
        updated builder instance

      • config

        public Security.Builder config​(Config config)
        Add config instance to this builder. This may be later use by components initialized as a side-effect of creating an instance of security (such as security providers).
        Parameters:
        config - Config instance
        Returns:
        this instance

      • enabled

        public Security.Builder enabled​(boolean enabled)
        Security can be disabled using configuration, or explicitly. By default, security instance is enabled. Disabled security instance will not perform any checks and allow all requests.
        Parameters:
        enabled - set to false to disable security
        Returns:
        updated builder instance

      • build

        public Security build()
        Builds configured Security instance.
        Specified by:
        build in interface Builder<Security>
        Returns:
        built instance.

      • addSecret

        public <T extends ProviderConfigSecurity.Builder addSecret​(String name,
                                                             SecretsProvider<T> secretProvider,
                                                             T providerConfig)
        Add a secret to security configuration.
        Type Parameters:
        T - type of the provider specific configuration object
        Parameters:
        name - name of the secret configuration
        secretProvider - security provider handling this secret
        providerConfig - security provider configuration for this secret
        Returns:
        updated builder instance
        See Also:
        Security.secret(String), Security.secret(String, String)

      • noProvider

        public boolean noProvider​(Class<? extends SecurityProvider> providerClass)
        Check whether any provider is configured.
        Parameters:
        providerClass - type of provider of interest (can be AuthenticationProvider and other interfaces implementing SecurityProvider)
        Returns:
        true if no provider is configured, false if there is at least one provider configured

      • hasProvider

        public boolean hasProvider​(String name)
        Check whether a provider with the name is configured.
        Parameters:
        name - name of a provider
        Returns:
        true if such a provider is configured