Interface SecurityProvider

All Known Subinterfaces:
AuditProvider, AuthenticationProvider, AuthorizationProvider, DigestProvider<T>, EncryptionProvider<T>, OutboundSecurityProvider, SecretsProvider<T>, SubjectMappingProvider
All Known Implementing Classes:
AbacProvider, ConfigVaultProvider, CubbyholeSecurityProvider, GoogleTokenProvider, HeaderAtnProvider, HttpBasicAuthProvider, HttpDigestAuthProvider, HttpSignProvider, IdcsMtRoleMapperProvider, IdcsMtRoleMapperRxProvider, IdcsRoleMapperProvider, IdcsRoleMapperProviderBase, IdcsRoleMapperRxProvider, IdcsRoleMapperRxProviderBase, JwtAuthProvider, JwtProvider, Kv1SecurityProvider, Kv2SecurityProvider, OidcProvider, SynchronousProvider, TransitSecurityProvider

public interface SecurityProvider
Base interface for all security providers.
See Also:
  • Method Details

    • supportedAnnotations

      default Collection<Class<? extends Annotation>> supportedAnnotations()
      Provide extension annotations supported by this provider (e.g. jakarta.annotation.security.RolesAllowed). Annotations will be collected according to framework in use. For JAX-RS, annotations from application class, resource class and resource methods will be collected.
      Returns:
      Collection of annotations this provider expects.
    • supportedConfigKeys

      default Collection<String> supportedConfigKeys()
      Keys expected in configuration. This may be used in integrations that can be fully configured through a file (e.g. integration with web server). This is a configuration of a specific resource access (e.g. GET on /my/resource) and is to be used by this provider to evaluate security.
      Returns:
      name of the configuration key or empty (default)
      See Also:
    • supportedCustomObjects

      default Collection<Class<? extends ProviderConfig>> supportedCustomObjects()
      Class of the configuration type. The provider may use a POJO implementing a ProviderConfig to configure it. When configuring security, you user can provide an instance of such a class to configure that provider.
      Returns:
      class of the type or empty (default)
      See Also:
    • supportedAttributes

      default Collection<String> supportedAttributes()
      A collection of attribute names expected by this provider to override endpoint configuration.
      Returns:
      collection of supported attribute names
      See Also: