| Modifier and Type | Method and Description |
|---|---|
protected boolean |
CheckHttpMethodAuthorizer.check(WebContext context,
CommonProfile profile,
HttpConstants.HTTP_METHOD element) |
protected boolean |
CheckProfileTypeAuthorizer.check(WebContext context,
U profile,
Class<U> element) |
protected abstract boolean |
AbstractRequireElementAuthorizer.check(WebContext context,
U profile,
E element)
Check a specific element.
|
protected boolean |
RequireAnyRoleAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAnyPermissionAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAnyAttributeAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllRolesAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllPermissionsAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
ProfileAuthorizer.handleError(WebContext context)
Handle the error.
|
protected boolean |
AbstractCheckAuthenticationAuthorizer.handleError(WebContext context) |
boolean |
ProfileAuthorizer.isAllAuthorized(WebContext context,
List<U> profiles)
If all profiles are authorized.
|
boolean |
ProfileAuthorizer.isAnyAuthorized(WebContext context,
List<U> profiles)
If any of the profiles is authorized.
|
boolean |
XSSProtectionHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XFrameOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XContentTypeOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
StrictTransportSecurityHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CorsAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CacheControlHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
IsRememberedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsFullyAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAnonymousAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
Authorizer.isAuthorized(WebContext context,
List<U> profiles)
Checks if the user profiles and / or the current web context are authorized.
|
boolean |
AbstractRequireElementAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
protected abstract boolean |
ProfileAuthorizer.isProfileAuthorized(WebContext context,
U profile)
Whether a specific profile is authorized.
|
boolean |
IsRememberedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsFullyAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAnonymousAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAnyAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAllAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
| Modifier and Type | Method and Description |
|---|---|
String |
DefaultCsrfTokenGenerator.get(WebContext context) |
String |
CsrfTokenGenerator.get(WebContext context)
Get the CSRF token from the session or create it if it doesn't exist.
|
boolean |
CsrfTokenGeneratorAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CsrfAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
List<Authorizer> authorizers) |
boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap) |
boolean |
AuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap)
Check whether the user is authorized.
|
| Modifier and Type | Method and Description |
|---|---|
U |
SpringSecurityPropertiesAuthorizationGenerator.generate(WebContext context,
U profile) |
U |
LoadLinkedUserAuthorizationGenerator.generate(WebContext context,
U profile) |
U |
FromAttributesAuthorizationGenerator.generate(WebContext context,
U profile) |
U |
DefaultRolesPermissionsAuthorizationGenerator.generate(WebContext context,
U profile) |
U |
AuthorizationGenerator.generate(WebContext context,
U profile)
Generate the authorization information from and for the user profile.
|
| Modifier and Type | Method and Description |
|---|---|
protected abstract void |
IndirectClient.clientInit(WebContext context)
Initialize the client.
|
protected abstract void |
DirectClient.clientInit(WebContext context)
Initialize the client.
|
String |
IndirectClient.computeFinalCallbackUrl(WebContext context) |
Client |
Clients.findClient(WebContext context)
Return the right client according to the web context.
|
C |
IndirectClient.getCredentials(WebContext context)
Get the credentials from the web context.
|
C |
DirectClient.getCredentials(WebContext context) |
C |
Client.getCredentials(WebContext context)
Get the credentials from the web context.
|
RedirectAction |
IndirectClient.getLogoutAction(WebContext context,
U currentProfile,
String targetUrl) |
RedirectAction |
DirectClient.getLogoutAction(WebContext context,
U currentProfile,
String targetUrl) |
RedirectAction |
Client.getLogoutAction(WebContext context,
U currentProfile,
String targetUrl)
Return the logout action (indirect clients).
|
RedirectAction |
IndirectClient.getRedirectAction(WebContext context)
Get the redirectAction computed for this client.
|
U |
Client.getUserProfile(C credentials,
WebContext context)
Get the user profile based on the provided credentials.
|
U |
BaseClient.getUserProfile(C credentials,
WebContext context) |
protected void |
IndirectClient.internalInit(WebContext context) |
protected void |
DirectClient.internalInit(WebContext context) |
void |
BaseClient.notifySessionRenewal(String oldSessionId,
WebContext context)
Notify of the web session renewal.
|
HttpAction |
IndirectClient.redirect(WebContext context) |
HttpAction |
DirectClient.redirect(WebContext context) |
HttpAction |
Client.redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
protected C |
BaseClient.retrieveCredentials(WebContext context)
Retrieve the credentials.
|
protected U |
BaseClient.retrieveUserProfile(C credentials,
WebContext context)
Retrieve a user userprofile.
|
| Modifier and Type | Method and Description |
|---|---|
protected void |
AnonymousClient.clientInit(WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
List<Client> |
DefaultClientFinder.find(Clients clients,
WebContext context,
String clientNames) |
List<Client> |
ClientFinder.find(Clients clients,
WebContext context,
String clientNames) |
| Modifier and Type | Field and Description |
|---|---|
protected java.util.function.Function<WebContext,ProfileManager> |
Config.profileManagerFactory |
| Modifier and Type | Method and Description |
|---|---|
java.util.function.Function<WebContext,ProfileManager> |
Config.getProfileManagerFactory() |
| Modifier and Type | Method and Description |
|---|---|
void |
Config.setProfileManagerFactory(java.util.function.Function<WebContext,ProfileManager> profileManagerFactory) |
| Modifier and Type | Class and Description |
|---|---|
class |
J2EContext
This implementation uses the J2E request, response and session.
|
| Modifier and Type | Method and Description |
|---|---|
static Cookie |
ContextHelper.getCookie(WebContext context,
String name)
Get a specific cookie by its name.
|
static boolean |
ContextHelper.isGet(WebContext context)
Whether it is a GET request.
|
static boolean |
ContextHelper.isHttp(WebContext context)
Whether the request is HTTP.
|
static boolean |
ContextHelper.isHttps(WebContext context)
Whether the request is HTTPS.
|
static boolean |
ContextHelper.isHttpsOrSecure(WebContext context)
Whether the request is HTTPS or secure.
|
static boolean |
ContextHelper.isPost(WebContext context)
Whether it is a POST request.
|
| Modifier and Type | Interface and Description |
|---|---|
interface |
SessionStore<C extends WebContext>
To store data in session.
|
| Modifier and Type | Method and Description |
|---|---|
protected void |
LocalCachingAuthenticator.internalInit(WebContext context) |
void |
Authenticator.validate(C credentials,
WebContext context)
Validate the credentials.
|
void |
LocalCachingAuthenticator.validate(T credentials,
WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
TokenCredentials |
ParameterExtractor.extract(WebContext context) |
TokenCredentials |
HeaderExtractor.extract(WebContext context) |
UsernamePasswordCredentials |
FormExtractor.extract(WebContext context) |
C |
CredentialsExtractor.extract(WebContext context)
Extract the right credentials.
|
UsernamePasswordCredentials |
BasicAuthExtractor.extract(WebContext context) |
| Modifier and Type | Interface and Description |
|---|---|
interface |
CallbackLogic<R,C extends WebContext>
Callback logic to finish the login process for an indirect client.
|
class |
DefaultCallbackLogic<R,C extends WebContext>
Default callback logic:
|
class |
DefaultLogoutLogic<R,C extends WebContext>
Default logout logic:
|
class |
DefaultSecurityLogic<R,C extends WebContext>
Default security logic:
|
interface |
LogoutLogic<R,C extends WebContext>
Logout logic for the application and the identity provider.
|
interface |
SecurityGrantedAccessAdapter<R,C extends WebContext>
Success adapter.
|
interface |
SecurityLogic<R,C extends WebContext>
Security logic to protect an url.
|
| Modifier and Type | Method and Description |
|---|---|
static HttpAction |
HttpAction.forbidden(String message,
WebContext context)
Build a forbidden response.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context)
Build an HTTP Ok without any content.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context,
String content)
Build an HTTP Ok.
|
static HttpAction |
HttpAction.redirect(String message,
WebContext context,
String url)
Build a redirection.
|
static HttpAction |
HttpAction.status(String message,
int status,
WebContext context)
Build a response with message and status.
|
static HttpAction |
HttpAction.unauthorized(String message,
WebContext context,
String realmName)
Build a basic auth popup credentials.
|
static HttpAction |
HttpAction.unauthorizedDigest(String message,
WebContext context,
String realmName,
String qop,
String nonce)
Build a digest auth popup credentials.
|
| Modifier and Type | Interface and Description |
|---|---|
interface |
HttpActionAdapter<R,C extends WebContext>
HTTP action adapter.
|
| Modifier and Type | Method and Description |
|---|---|
String |
UrlResolver.compute(String url,
WebContext context)
Compute a new URL from the provided URL and the web context.
|
String |
RelativeUrlResolver.compute(String url,
WebContext context) |
String |
DefaultUrlResolver.compute(String url,
WebContext context) |
boolean |
DefaultAjaxRequestResolver.isAjax(WebContext context) |
boolean |
AjaxRequestResolver.isAjax(WebContext context)
Whether it is an AJAX request.
|
| Modifier and Type | Method and Description |
|---|---|
RedirectAction |
NoLogoutActionBuilder.getLogoutAction(WebContext context,
U currentProfile,
String targetUrl) |
RedirectAction |
LogoutActionBuilder.getLogoutAction(WebContext context,
U currentProfile,
String targetUrl)
Return the
RedirectAction for logout. |
RedirectAction |
GoogleLogoutActionBuilder.getLogoutAction(WebContext context,
U currentProfile,
String targetUrl) |
RedirectAction |
CasLogoutActionBuilder.getLogoutAction(WebContext context,
U currentProfile,
String targetUrl) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
PathMatcher.matches(WebContext context) |
boolean |
Matcher.matches(WebContext context)
Check if the web context matches.
|
boolean |
HttpMethodMatcher.matches(WebContext context) |
boolean |
HeaderMatcher.matches(WebContext context) |
boolean |
MatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap)
Check if the web context matches.
|
boolean |
DefaultMatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap) |
| Modifier and Type | Class and Description |
|---|---|
class |
ProfileManagerFactoryAware<C extends WebContext>
For classes that can set the profile manager factory.
|
| Modifier and Type | Field and Description |
|---|---|
protected WebContext |
ProfileManager.context |
| Constructor and Description |
|---|
ProfileManager(WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
U |
ProfileCreator.create(C credentials,
WebContext context)
Create a profile from a credentials.
|
P |
AuthenticatorProfileCreator.create(C credentials,
WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
AbstractProfileService.internalInit(WebContext context) |
void |
AbstractProfileService.validate(UsernamePasswordCredentials credentials,
WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
HttpAction |
RedirectAction.perform(WebContext context)
Perform a
RedirectAction on the web context. |
RedirectAction |
RedirectActionBuilder.redirect(WebContext context)
Return a redirect action for the web context.
|
| Modifier and Type | Method and Description |
|---|---|
void |
InitializableWebObject.init(WebContext context)
Initialize the object.
|
protected abstract void |
InitializableWebObject.internalInit(WebContext context)
Internal initialization of the object.
|
void |
InitializableWebObject.reinit(WebContext context)
Force (again) the initialization of the object.
|
Copyright © 2017. All Rights Reserved.