Class ProviderRequest

All Implemented Interfaces:

public class ProviderRequest extends Object implements AbacSupport
A request sent to security providers. Contains all information that may be needed to authenticate or authorize a request:
  • User's subject: subject() - if user is authenticated
  • Service subject: service() - if service is authenticated
  • Environment information: env() - path, method etc.
  • Object: getObject() - target resource, if provided by user
  • Security context: securityContext() - current subjects and information about security context of this request
  • Endpoint configuration: endpointConfig() - annotations, endpoint specific configuration, custom objects, custom atttributes
  • Method Details

    • getValue

      public static Optional<Object> getValue(Object object, String key)
      Get a value of a property from an object. If object implements AbacSupport the value is obtained through AbacSupport.abacAttribute(String), if not, the value is obtained by reflection from a public field or a public getter method. The method name may be (for attribute called for example "audit"):
      • audit
      • getAudit
      • isAudit
      • shouldAudit
      • hasAudit
      object - object to get attribute from
      key - key of the attribute
      value of the attribute if found
    • endpointConfig

      public EndpointConfig endpointConfig()
      Configuration of the invoked endpoint, such as annotations declared.
      endpoint config
    • securityContext

      public SecurityContext securityContext()
      Security context associated with current request.
      security context
    • subject

      public Optional<Subject> subject()
      Current user subject, if already authenticated.
      user subject or empty
    • service

      public Optional<Subject> service()
      Current service subject, if already authenticated.
      service subject or empty.
    • env

      public SecurityEnvironment env()
      Environment of current request, such as the URI invoked, time to use for security decisions etc.
      security environment
    • getObject

      public Optional<Object> getObject()
      The object of this request. Security request may be configured for a specific entity (e.g. if this is an entity modification request, the entity itself may be provided to help in a security task.
      the object or empty if not known
    • abacAttributeRaw

      public Object abacAttributeRaw(String key)
      Description copied from interface: AbacSupport
      Return the actual property value or null if not present. This is the only method that needs to be implemented.
      Specified by:
      abacAttributeRaw in interface AbacSupport
      key - key (name) of the property
      value of the property or null
    • abacAttributeNames

      public Collection<String> abacAttributeNames()
      Description copied from interface: AbacSupport
      A collection of all property names in this container.
      Specified by:
      abacAttributeNames in interface AbacSupport
      collection of keys