| Package | Description |
|---|---|
| io.helidon.security.webserver |
Integration library for RxServer.
|
| Modifier and Type | Method and Description |
|---|---|
static SecurityHandler |
WebSecurity.allowAnonymous()
If called, authentication failure will not abort request and will continue as anonymous (defaults to false).
|
SecurityHandler |
SecurityHandler.audit()
Audit this request for any method.
|
static SecurityHandler |
WebSecurity.audit()
Whether to audit this request - defaults to false for GET and HEAD methods, true otherwise.
|
SecurityHandler |
SecurityHandler.auditEventType(java.lang.String eventType)
Override for event-type, defaults to .
|
SecurityHandler |
SecurityHandler.auditMessageFormat(java.lang.String messageFormat)
Override for audit message format, defaults to .
|
SecurityHandler |
SecurityHandler.authenticate()
If called, request will go through authentication process - (authentication is disabled by default - it may be enabled
as a side effect of other methods, such as
rolesAllowed(String...). |
static SecurityHandler |
WebSecurity.authenticate()
If called, request will go through authentication process - defaults to false (even if authorize is true).
|
SecurityHandler |
SecurityHandler.authenticationOptional()
If called, authentication failure will not abort request and will continue as anonymous (authentication is not optional
by default).
|
SecurityHandler |
SecurityHandler.authenticator(java.lang.String explicitAuthenticator)
Use a named authenticator (as supported by security - if not defined, default authenticator is used).
|
static SecurityHandler |
WebSecurity.authenticator(java.lang.String explicitAuthenticator)
Use a named authenticator (as supported by security - if not defined, default authenticator is used).
|
SecurityHandler |
SecurityHandler.authorize()
If called, request will go through authorization process - (authorization is disabled by default - it may be enabled
as a side effect of other methods, such as
rolesAllowed(String...). |
static SecurityHandler |
WebSecurity.authorize()
Enable authorization for this route.
|
SecurityHandler |
SecurityHandler.authorizer(java.lang.String explicitAuthorizer)
Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is
permitted).
|
static SecurityHandler |
WebSecurity.authorizer(java.lang.String explicitAuthorizer)
Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is
permitted).
|
SecurityHandler |
SecurityHandler.customObject(java.lang.Object object)
Register a custom object for security request(s).
|
static SecurityHandler |
WebSecurity.enforce()
Return a default instance to create a default enforcement point (or modify the result further).
|
SecurityHandler |
SecurityHandler.queryParam(java.lang.String queryParamName,
TokenHandler headerHandler)
Add a query parameter extraction configuration.
|
SecurityHandler |
SecurityHandler.rolesAllowed(java.lang.String... roles)
An array of allowed roles for this path - must have a security provider supporting roles (either authentication
or authorization provider).
|
static SecurityHandler |
WebSecurity.rolesAllowed(java.lang.String... roles)
An array of allowed roles for this path - must have a security provider supporting roles.
|
static SecurityHandler |
WebSecurity.secure()
Secure access using authentication and authorization.
|
SecurityHandler |
SecurityHandler.skipAudit()
Disable auditing of this request.
|
SecurityHandler |
SecurityHandler.skipAuthentication()
If called, request will NOT go through authentication process.
|
SecurityHandler |
SecurityHandler.skipAuthorization()
Skip authorization for this route.
|
| Modifier and Type | Method and Description |
|---|---|
WebSecurity |
WebSecurity.securityDefaults(SecurityHandler defaultHandler)
Create a new web security instance using the default handler as base defaults for all handlers used.
|
Copyright © 2018, Oracle and/or its affiliates. All Rights Reserved. Use is subject to license terms.