Class SecurityFeature.Builder
java.lang.Object
io.helidon.security.integration.jersey.SecurityFeature.Builder
- All Implemented Interfaces:
Builder<SecurityFeature.Builder,
,SecurityFeature> Supplier<SecurityFeature>
- Enclosing class:
- SecurityFeature
public static final class SecurityFeature.Builder
extends Object
implements Builder<SecurityFeature.Builder,SecurityFeature>
SecurityFeature
fluent API builder.-
Method Summary
Modifier and TypeMethodDescriptionaddQueryParamHandler
(QueryParamHandler handler) Add a new handler to extract query parameter and store it in security request header.addQueryParamHandlers
(Iterable<QueryParamHandler> handlers) Add handlers to extract query parameters and store them in security request header.authenticateAnnotatedOnly
(boolean authnOnly) Whether to authorize only annotated methods (withAuthenticated
annotation or all.authorizeAnnotatedOnly
(boolean authzOnly) Whether to authorize only annotated methods (withAuthorized
annotation) or all.build()
Build this configuration into an instance.Update this builder from configuration.debug()
Set debugging on.useAbortWith
(boolean useAbortWith) When set totrue
(which is the default behavior, the security filter would useContainerRequest.abortWith(jakarta.ws.rs.core.Response)
to abort request and configure a security response.usePrematchingAuthentication
(boolean usePrematching) Configure whether pre-matching or post-matching filter is used to authenticate requests.usePrematchingAuthorization
(boolean usePrematching) Configure whether pre-matching or post-matching filter is used to authorize requests.
-
Method Details
-
authorizeAnnotatedOnly
Whether to authorize only annotated methods (withAuthorized
annotation) or all. When usingusePrematchingAuthorization(boolean)
this method is ignored.- Parameters:
authzOnly
- if set to true, authorization will be performed on annotated methods only, defaults to false- Returns:
- updated builder instance
-
authenticateAnnotatedOnly
Whether to authorize only annotated methods (withAuthenticated
annotation or all. When usingusePrematchingAuthentication(boolean)
this method is ignored. By default only annotated methods (annotation may be also on Application class or resource class) are authenticated.- Parameters:
authnOnly
- if set to false, authentication will be performed for all requests, defaults to true- Returns:
- updated builder instance
-
addQueryParamHandler
Add a new handler to extract query parameter and store it in security request header.- Parameters:
handler
- handler to extract data- Returns:
- updated builder instance
-
addQueryParamHandlers
Add handlers to extract query parameters and store them in security request header.- Parameters:
handlers
- handlers to extract data- Returns:
- updated builder instance
-
usePrematchingAuthentication
Configure whether pre-matching or post-matching filter is used to authenticate requests. Defaults to post-matching, as we have access to information about resource class and method that is invoked, allowing us to use annotations defined on these. When switched to prematching, the security is an on/off switch - all resources are protected the same way.- Parameters:
usePrematching
- whether to use pre-matching filter instead of post-matching- Returns:
- updated builder instance
-
usePrematchingAuthorization
Configure whether pre-matching or post-matching filter is used to authorize requests. Defaults to post-matching, as we have access to information about resource class and method that is invoked, allowing us to use annotations defined on these. When switched to prematching, the security is an on/off switch - all resources are protected the same way. When set to true, authentication will be prematching as well.- Parameters:
usePrematching
- whether to use pre-matching filter instead of post-matching- Returns:
- updated builder instance
-
debug
Set debugging on. Will return description from response in entity.- Returns:
- updated builder instance
-
useAbortWith
When set totrue
(which is the default behavior, the security filter would useContainerRequest.abortWith(jakarta.ws.rs.core.Response)
to abort request and configure a security response.When set to
false
, the security filter would throw anWebApplicationException
instead. Such an exception can be handled by a custom error handler.- Parameters:
useAbortWith
- set tofalse
to use exceptions, by default uses abortWith on request- Returns:
- updated builder instance
-
config
Update this builder from configuration. Expects:- authorize-annotated-only: see
authorizeAnnotatedOnly(boolean)
- query-params: see
addQueryParamHandler(QueryParamHandler)
security: jersey: defaults: # If set to true, only annotated (@Authenticated) resources will be authorized # By default, every request is sent to authorization provider authorize-annotated-only: false # query parameters will be extracted from request # and sent to authentication and authorization providers # as headers. These will NOT be available to application # as headers. query-params: - name: "basicAuth" header: "Authorization"
- Parameters:
config
- configuration set to key "jersey" (see example above)- Returns:
- updated builder instance
- authorize-annotated-only: see
-
build
Build this configuration into an instance.- Specified by:
build
in interfaceBuilder<SecurityFeature.Builder,
SecurityFeature> - Returns:
- feature to register with Jersey
-