- All Superinterfaces:
SecurityProvider
- All Known Implementing Classes:
AbacProvider
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
Authorization security provider. Validates the request and decides whether it
should continue processing.
-
Method Summary
Modifier and TypeMethodDescriptionauthorize
(ProviderRequest context) Authorize a request based on configuration.default boolean
isUserInRole
(Subject subject, String role) Return true if current user is in the specified role.Methods inherited from interface io.helidon.security.spi.SecurityProvider
supportedAnnotations, supportedAttributes, supportedConfigKeys, supportedCustomObjects
-
Method Details
-
authorize
Authorize a request based on configuration. Authorization cannot be optional. If this method is called, it should always attempt to authorize the current request. This method will be invoked for inbound requests ONLY.- Parameters:
context
- context of this security enforcement/validation- Returns:
- response that either permits, denies or abstains from decision
- See Also:
-
isUserInRole
Return true if current user is in the specified role. Only providers that support role based access should implement this method. For others it checks the subject for the presence ofRole
grant of the specified name. This method is defined to conform with one of the most commonly spread authorization concept, as it is required for frameworks such as Servlet and JAX-RS.- Parameters:
subject
- current subjectrole
- role name- Returns:
- true if current user is in this role
-