Package io.helidon.security.integration.jersey

Class SecurityFeature.Builder

java.lang.Object

io.helidon.security.integration.jersey.SecurityFeature.Builder

All Implemented Interfaces:

Builder<SecurityFeature>, Supplier<SecurityFeature>

Enclosing class:

SecurityFeature

public static final class SecurityFeature.Builder
extends Object
implements Builder<SecurityFeature>

SecurityFeature fluent API builder.

Method Summary

Modifier and Type	Method and Description
SecurityFeature.Builder	addQueryParamHandler(QueryParamHandler handler) Add a new handler to extract query parameter and store it in security request header.
SecurityFeature.Builder	addQueryParamHandlers(Iterable<QueryParamHandler> handlers) Add handlers to extract query parameters and store them in security request header.
SecurityFeature.Builder	authenticateAnnotatedOnly(boolean authnOnly) Whether to authorize only annotated methods (with Authenticated annotation or all.
SecurityFeature.Builder	authorizeAnnotatedOnly(boolean authzOnly) Whether to authorize only annotated methods (with Authorized annotation) or all.
SecurityFeature	build() Build this configuration into an instance.
SecurityFeature.Builder	config(Config config) Update this builder from configuration.
SecurityFeature.Builder	debug() Set debugging on.
SecurityFeature.Builder	usePrematchingAuthentication(boolean usePrematching) Configure whether pre-matching or post-matching filter is used to authenticate requests.
SecurityFeature.Builder	usePrematchingAuthorization(boolean usePrematching) Configure whether pre-matching or post-matching filter is used to authorize requests.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.helidon.common.Builder

get

Method Detail

authorizeAnnotatedOnly

public SecurityFeature.Builder authorizeAnnotatedOnly(boolean authzOnly)

Whether to authorize only annotated methods (with Authorized annotation) or all. When using usePrematchingAuthorization(boolean) this method is ignored.

Parameters:

authzOnly - if set to true, authorization will be performed on annotated methods only, defaults to false

Returns:

updated builder instance

authenticateAnnotatedOnly

public SecurityFeature.Builder authenticateAnnotatedOnly(boolean authnOnly)

Whether to authorize only annotated methods (with Authenticated annotation or all. When using usePrematchingAuthentication(boolean) this method is ignored. By default only annotated methods (annotation may be also on Application class or resource class) are authenticated.

Parameters:

authnOnly - if set to false, authentication will be performed for all requests, defaults to true

Returns:

updated builder instance

addQueryParamHandler

public SecurityFeature.Builder addQueryParamHandler(QueryParamHandler handler)

Add a new handler to extract query parameter and store it in security request header.

Parameters:

handler - handler to extract data

Returns:

updated builder instance

addQueryParamHandlers

public SecurityFeature.Builder addQueryParamHandlers(Iterable<QueryParamHandler> handlers)

Add handlers to extract query parameters and store them in security request header.

Parameters:

handlers - handlers to extract data

Returns:

updated builder instance

usePrematchingAuthentication

public SecurityFeature.Builder usePrematchingAuthentication(boolean usePrematching)

Configure whether pre-matching or post-matching filter is used to authenticate requests. Defaults to post-matching, as we have access to information about resource class and method that is invoked, allowing us to use annotations defined on these. When switched to prematching, the security is an on/off switch - all resources are protected the same way.

Parameters:

usePrematching - whether to use pre-matching filter instead of post-matching

Returns:

updated builder instance

usePrematchingAuthorization

public SecurityFeature.Builder usePrematchingAuthorization(boolean usePrematching)

Configure whether pre-matching or post-matching filter is used to authorize requests. Defaults to post-matching, as we have access to information about resource class and method that is invoked, allowing us to use annotations defined on these. When switched to prematching, the security is an on/off switch - all resources are protected the same way. When set to true, authentication will be prematching as well.

Parameters:

usePrematching - whether to use pre-matching filter instead of post-matching

Returns:

updated builder instance

debug

public SecurityFeature.Builder debug()

Set debugging on. Will return description from response in entity.

Returns:

updated builder instance

config

public SecurityFeature.Builder config(Config config)

Update this builder from configuration. Expects:

• authorize-annotated-only: see authorizeAnnotatedOnly(boolean)
• query-params: see addQueryParamHandler(QueryParamHandler)

Example:

  security:
    jersey:
      defaults:
      # If set to true, only annotated (@Authenticated) resources will be authorized
      # By default, every request is sent to authorization provider
      authorize-annotated-only: false
      # query parameters will be extracted from request
      # and sent to authentication and authorization providers
      # as headers. These will NOT be available to application
      # as headers.
      query-params:
        - name: "basicAuth"
          header: "Authorization"
 

Parameters:

config - configuration set to key "jersey" (see example above)

Returns:

updated builder instance

build

public SecurityFeature build()

Build this configuration into an instance.

Specified by:

build in interface Builder<SecurityFeature>

Returns:

feature to register with Jersey