Security (Helidon 1.0.0 API)

java.lang.Object
- io.helidon.security.Security

```
public final class Security
extends Object
```
This class is used to "bootstrap" security and integrate it with other frameworks; runtime main entry point is SecurityContext.
It is possible to configure it manually using builder() or use create(Config) to initialize using configuration support.
Security is constructed from various providers SecurityProvider and a selection policy ProviderSelectionPolicy to choose the right one(s) to secure a request.

See Also:

builder(), create(Config)

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class Security.Builder
Builder pattern class for helping create Security in a convenient way.

Nested Classes
Modifier and Type	Class and Description
`static class`	`Security.Builder` Builder pattern class for helping create `Security` in a convenient way.

Field Summary

Fields
Modifier and Type Field and Description

static String HEADER_ORIG_URI
Integration should add a special header to each request.

Fields
Modifier and Type	Field and Description
`static String`	`HEADER_ORIG_URI` Integration should add a special header to each request.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static Security.Builder`	`builder()` Creates `Security.Builder` class.
`static Security.Builder`	`builder(Config config)` Creates new instance based on configuration values.
`Config`	`configFor(String child)` The configuration of security.
`SecurityContext.Builder`	`contextBuilder(String id)` Create a new security context builder to build and instance.
`static Security`	`create(Config config)` Creates new instance based on configuration values.
`SecurityContext`	`createContext(String id)` Create a new security context with the defined id and all defaults.
`Collection<Class<? extends Annotation>>`	`customAnnotations()` Get the complete set of annotations expected by (all) security providers configured.
`SecurityEnvironment.Builder`	`environmentBuilder()` Security environment builder, to be used to create environment for evaluating security in integration components.
`static Set<String>`	`getRoles(Subject subject)` Get a set of roles the subject has, based on `Role`.
`SecurityTime`	`serverTime()` Time that is decisive for the server.
`Optional<SubjectMappingProvider>`	`subjectMapper()` Subject mapping provider used to map subject(s) authenticated by `AuthenticationProvider` to a new `Subject`, e.g.
`Tracer`	`tracer()` Returns a tracer that can be used to construct new spans.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - HEADER_ORIG_URI
```
public static final String HEADER_ORIG_URI
```
    Integration should add a special header to each request. The value will contain the original URI as was issued - for HTTP this is the relative URI including query parameters.
    
    See Also:
    
    Constant Field Values
- Method Detail
  - create
```
public static Security create(Config config)
```
    Creates new instance based on configuration values.
    
    Parameters:
    
    config - Config instance located on security configuration ("providers" is an expected child)
    
    Returns:
    
    new instance.
  - builder
```
public static Security.Builder builder(Config config)
```
    Creates new instance based on configuration values.
    
    Parameters:
    
    config - Config instance located on security configuration ("providers" is an expected child)
    
    Returns:
    
    new instance.
  - builder
```
public static Security.Builder builder()
```
    Creates Security.Builder class.
    
    Returns:
    
    builder
  - getRoles
```
public static Set<String> getRoles(Subject subject)
```
    Get a set of roles the subject has, based on Role. This is the set of roles as assumed by authentication provider. Authorization providers may use a different set of roles (and context used authorization provider to check SecurityContext.isUserInRole(String)).
    
    Parameters:
    
    subject - Subject of a user/service
    
    Returns:
    
    set of roles the user/service is in
  - serverTime
```
public SecurityTime serverTime()
```
    Time that is decisive for the server. This usually returns accessor to current time in a specified time zone.
    SecurityTime may be configured to a fixed point in time, intended for testing purposes.
    
    Returns:
    
    time to access current time for security decisions
  - contextBuilder
```
public SecurityContext.Builder contextBuilder(String id)
```
    Create a new security context builder to build and instance. This is expected to be invoked for each request/response exchange that may be authenticated, authorized etc. Context holds the security subject... Once your processing is done and you no longer want to keep security context, call SecurityContext.logout() to clear subject and principals.
    
    Parameters:
    
    id - to use when logging, auditing etc. (e.g. some kind of tracing id). If none or empty, security instance UUID will be used (at least to map all audit records for a single instance of security component). If defined, security will prefix this id with security instance UUID
    
    Returns:
    
    new fluent API builder to create a SecurityContext
  - createContext
```
public SecurityContext createContext(String id)
```
    Create a new security context with the defined id and all defaults.
    
    Parameters:
    
    id - id of this context
    
    Returns:
    
    new security context
  - tracer
```
public Tracer tracer()
```
    Returns a tracer that can be used to construct new spans.
    
    Returns:
    
    Tracer, may be a no-op tracer if tracing is disabled
  - customAnnotations
```
public Collection<Class<? extends Annotation>> customAnnotations()
```
    Get the complete set of annotations expected by (all) security providers configured. This is to be used for integration with other frameworks that support annotations.
    
    Returns:
    
    Collection of annotations expected by configured providers.
  - configFor
```
public Config configFor(String child)
```
    The configuration of security.
    This method will NOT return security internal configuration:
    - provider-policy
    - providers
    - environment
    Parameters:
    
    child - the name of the child node to retrieve from config
    
    Returns:
    
    a child node of security configuration
    
    Throws:
    
    IllegalArgumentException - in case you request child in one of the forbidden trees
  - environmentBuilder
```
public SecurityEnvironment.Builder environmentBuilder()
```
    Security environment builder, to be used to create environment for evaluating security in integration components.
    
    Returns:
    
    builder to build SecurityEnvironment
  - subjectMapper
```
public Optional<SubjectMappingProvider> subjectMapper()
```
    Subject mapping provider used to map subject(s) authenticated by AuthenticationProvider to a new Subject, e.g. to add roles.
    
    Returns:
    
    subject mapping provider to use or empty if none defined

Class Security

Nested Class Summary

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

HEADER_ORIG_URI

Method Detail

create

builder

builder

getRoles

serverTime

contextBuilder

createContext

tracer

customAnnotations

configFor

environmentBuilder

subjectMapper