Module io.helidon.webserver.security

Package io.helidon.webserver.security

Class SecurityHandlerConfig.BuilderBase.SecurityHandlerConfigImpl

java.lang.Object

io.helidon.webserver.security.SecurityHandlerConfig.BuilderBase.SecurityHandlerConfigImpl

All Implemented Interfaces:

Prototype.Api, Prototype.Factory<SecurityHandler>, SecurityHandlerConfig, Supplier<SecurityHandler>

Enclosing class:

SecurityHandlerConfig.BuilderBase<BUILDER extends SecurityHandlerConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends SecurityHandlerConfig>

protected static class SecurityHandlerConfig.BuilderBase.SecurityHandlerConfigImpl
extends Object
implements SecurityHandlerConfig, Supplier<SecurityHandler>

Generated implementation of the prototype, can be extended by descendant prototype implementations.

Nested Class Summary

Nested classes/interfaces inherited from interface io.helidon.webserver.security.SecurityHandlerConfig

SecurityHandlerConfig.Builder, SecurityHandlerConfig.BuilderBase<BUILDER extends SecurityHandlerConfig.BuilderBase<BUILDER,PROTOTYPE>,PROTOTYPE extends SecurityHandlerConfig>

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	SecurityHandlerConfigImpl(SecurityHandlerConfig.BuilderBase<?,?> builder)	Create an instance providing a builder.

Method Summary

Modifier and Type	Method	Description
Optional<Boolean>	audit()	Whether to audit this request - defaults to false, if enabled, request is audited with event type "request".
Optional<String>	auditEventType()	Override for event-type, defaults to "request".
Optional<String>	auditMessageFormat()	Override for audit message format, defaults to "%3$s %1$s \"%2$s\" %5$s %6$s requested by %4$s".
Optional<Boolean>	authenticate()	If called, request will go through authentication process - defaults to false (even if authorize is true).
Optional<Boolean>	authenticationOptional()	If called, authentication failure will not abort request and will continue as anonymous (defaults to false).
Optional<String>	authenticator()	Use a named authenticator (as supported by security - if not defined, default authenticator is used).
Optional<Boolean>	authorize()	Enable authorization for this route.
Optional<String>	authorizer()	Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is permitted).
SecurityHandler	build()	Create a new instance of the runtime type from this config object.
boolean	combined()	Whether this is a combined handler.
Optional<Config>	config()	Configuration associated with this security handler.
Optional<ClassToInstanceStore<Object>>	customObjects()	A store of custom objects, that can be used to customize specific security providers.
boolean	equals(Object o)
SecurityHandler	get()
int	hashCode()
List<SecurityHandler.QueryParamHandler>	queryParams()	Query parameter handler(s).
Set<String>	rolesAllowed()	An array of allowed roles for this path - must have a security provider supporting roles (either authentication or authorization provider).
List<String>	sockets()	List of sockets this configuration should be applied to.
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

SecurityHandlerConfigImpl

protected SecurityHandlerConfigImpl(SecurityHandlerConfig.BuilderBase<?,?> builder)

Create an instance providing a builder.

Parameters:

builder - extending builder base of this prototype

Method Details

build

public SecurityHandler build()

Description copied from interface: Prototype.Factory

Create a new instance of the runtime type from this config object.

Specified by:

build in interface Prototype.Factory<SecurityHandler>

Returns:

new configured runtime instance

get

public SecurityHandler get()

Specified by:

get in interface Supplier<SecurityHandler>

rolesAllowed

public Set<String> rolesAllowed()

Description copied from interface: SecurityHandlerConfig

An array of allowed roles for this path - must have a security provider supporting roles (either authentication or authorization provider). This method enables authentication and authorization (you can disable them again by calling SecurityHandler.skipAuthorization() and SecurityHandlerConfig.authenticationOptional() if needed).

Specified by:

rolesAllowed in interface SecurityHandlerConfig

Returns:

if subject is any of these roles, allow access

authenticator

public Optional<String> authenticator()

Description copied from interface: SecurityHandlerConfig

Use a named authenticator (as supported by security - if not defined, default authenticator is used). Will enable authentication.

Specified by:

authenticator in interface SecurityHandlerConfig

Returns:

name of authenticator as configured in Security

authorizer

public Optional<String> authorizer()

Description copied from interface: SecurityHandlerConfig

Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is permitted). Will enable authorization.

Specified by:

authorizer in interface SecurityHandlerConfig

Returns:

name of authorizer as configured in Security

authenticate

public Optional<Boolean> authenticate()

Description copied from interface: SecurityHandlerConfig

If called, request will go through authentication process - defaults to false (even if authorize is true).

Specified by:

authenticate in interface SecurityHandlerConfig

Returns:

whether to authenticate or not

authenticationOptional

public Optional<Boolean> authenticationOptional()

Description copied from interface: SecurityHandlerConfig

If called, authentication failure will not abort request and will continue as anonymous (defaults to false).

Specified by:

authenticationOptional in interface SecurityHandlerConfig

Returns:

whether authn is optional

audit

public Optional<Boolean> audit()

Description copied from interface: SecurityHandlerConfig

Whether to audit this request - defaults to false, if enabled, request is audited with event type "request".

Specified by:

audit in interface SecurityHandlerConfig

Returns:

whether to audit

authorize

public Optional<Boolean> authorize()

Description copied from interface: SecurityHandlerConfig

Enable authorization for this route.

Specified by:

authorize in interface SecurityHandlerConfig

Returns:

whether to authorize

auditEventType

public Optional<String> auditEventType()

Description copied from interface: SecurityHandlerConfig

Override for event-type, defaults to "request".

Specified by:

auditEventType in interface SecurityHandlerConfig

Returns:

audit event type to use

auditMessageFormat

public Optional<String> auditMessageFormat()

Description copied from interface: SecurityHandlerConfig

Override for audit message format, defaults to "%3$s %1$s \"%2$s\" %5$s %6$s requested by %4$s".

Specified by:

auditMessageFormat in interface SecurityHandlerConfig

Returns:

audit message format to use

queryParams

public List<SecurityHandler.QueryParamHandler> queryParams()

Description copied from interface: SecurityHandlerConfig

Query parameter handler(s).

Specified by:

queryParams in interface SecurityHandlerConfig

Returns:

query parameters

customObjects

public Optional<ClassToInstanceStore<Object>> customObjects()

Description copied from interface: SecurityHandlerConfig

A store of custom objects, that can be used to customize specific security providers.

Specified by:

customObjects in interface SecurityHandlerConfig

Returns:

custom objects

sockets

public List<String> sockets()

Description copied from interface: SecurityHandlerConfig

List of sockets this configuration should be applied to. If empty, the configuration is applied to all configured sockets.

Specified by:

sockets in interface SecurityHandlerConfig

Returns:

list of sockets

config

public Optional<Config> config()

Description copied from interface: SecurityHandlerConfig

Configuration associated with this security handler.

Specified by:

config in interface SecurityHandlerConfig

Returns:

the configuration (if provided)

combined

public boolean combined()

Description copied from interface: SecurityHandlerConfig

Whether this is a combined handler. Internal use.

Specified by:

combined in interface SecurityHandlerConfig

Returns:

if combined handler

toString

public String toString()

Overrides:

toString in class Object

equals

public boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object