| Modifier and Type | Method and Description |
|---|---|
protected boolean |
CheckHttpMethodAuthorizer.check(WebContext context,
CommonProfile profile,
HttpConstants.HTTP_METHOD element) |
protected boolean |
CheckProfileTypeAuthorizer.check(WebContext context,
U profile,
Class<U> element) |
protected abstract boolean |
AbstractRequireElementAuthorizer.check(WebContext context,
U profile,
E element)
Check a specific element.
|
protected boolean |
RequireAnyRoleAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAnyPermissionAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAnyAttributeAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllRolesAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
RequireAllPermissionsAuthorizer.check(WebContext context,
U profile,
String element) |
protected boolean |
ProfileAuthorizer.handleError(WebContext context)
Handle the error.
|
protected boolean |
AbstractCheckAuthenticationAuthorizer.handleError(WebContext context) |
boolean |
ProfileAuthorizer.isAllAuthorized(WebContext context,
List<U> profiles)
If all profiles are authorized.
|
boolean |
ProfileAuthorizer.isAnyAuthorized(WebContext context,
List<U> profiles)
If any of the profiles is authorized.
|
boolean |
XSSProtectionHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XFrameOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
XContentTypeOptionsHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
StrictTransportSecurityHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CorsAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CacheControlHeader.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
IsRememberedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsFullyAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAuthenticatedAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
IsAnonymousAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
boolean |
Authorizer.isAuthorized(WebContext context,
List<U> profiles)
Checks if the user profiles and / or the current web context are authorized.
|
boolean |
AbstractRequireElementAuthorizer.isAuthorized(WebContext context,
List<U> profiles) |
protected abstract boolean |
ProfileAuthorizer.isProfileAuthorized(WebContext context,
U profile)
Whether a specific profile is authorized.
|
boolean |
IsRememberedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsFullyAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAuthenticatedAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
boolean |
IsAnonymousAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAnyAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
protected boolean |
AbstractRequireAllAuthorizer.isProfileAuthorized(WebContext context,
U profile) |
| Modifier and Type | Method and Description |
|---|---|
boolean |
CsrfTokenGeneratorAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
boolean |
CsrfAuthorizer.isAuthorized(WebContext context,
List<CommonProfile> profiles) |
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
List<Authorizer> authorizers) |
boolean |
DefaultAuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap) |
boolean |
AuthorizationChecker.isAuthorized(WebContext context,
List<CommonProfile> profiles,
String authorizerNames,
Map<String,Authorizer> authorizersMap)
Check whether the user is authorized.
|
| Modifier and Type | Method and Description |
|---|---|
HttpAction |
IndirectClient.redirect(WebContext context) |
HttpAction |
DirectClient.redirect(WebContext context) |
HttpAction |
Client.redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
| Modifier and Type | Method and Description |
|---|---|
C |
IndirectClient.getCredentials(WebContext context)
Get the credentials from the web context.
|
C |
DirectClient.getCredentials(WebContext context) |
C |
Client.getCredentials(WebContext context)
Get the credentials from the web context.
|
RedirectAction |
IndirectClient.getRedirectAction(WebContext context)
Get the redirectAction computed for this client.
|
U |
Client.getUserProfile(C credentials,
WebContext context)
Get the user profile based on the provided credentials.
|
U |
BaseClient.getUserProfile(C credentials,
WebContext context) |
HttpAction |
IndirectClient.redirect(WebContext context) |
HttpAction |
DirectClient.redirect(WebContext context) |
HttpAction |
Client.redirect(WebContext context)
Redirect to the authentication provider for an indirect client.
|
protected C |
BaseClient.retrieveCredentials(WebContext context)
Retrieve the credentials.
|
protected U |
BaseClient.retrieveUserProfile(C credentials,
WebContext context)
Retrieve a user userprofile.
|
| Modifier and Type | Method and Description |
|---|---|
void |
Authenticator.validate(C credentials,
WebContext context)
Validate the credentials.
|
void |
LocalCachingAuthenticator.validate(T credentials,
WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
TokenCredentials |
ParameterExtractor.extract(WebContext context) |
TokenCredentials |
HeaderExtractor.extract(WebContext context) |
UsernamePasswordCredentials |
FormExtractor.extract(WebContext context) |
C |
CredentialsExtractor.extract(WebContext context)
Extract the right credentials.
|
UsernamePasswordCredentials |
BasicAuthExtractor.extract(WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
protected HttpAction |
DefaultSecurityLogic.forbidden(C context,
List<Client> currentClients,
List<CommonProfile> profiles,
String authorizers)
Return a forbidden error.
|
protected HttpAction |
DefaultSecurityLogic.redirectToIdentityProvider(C context,
List<Client> currentClients)
Perform a redirection to start the login process of the first indirect client.
|
protected HttpAction |
DefaultCallbackLogic.redirectToOriginallyRequestedUrl(C context,
String defaultUrl) |
protected HttpAction |
DefaultSecurityLogic.unauthorized(C context,
List<Client> currentClients)
Return an unauthorized error.
|
| Modifier and Type | Method and Description |
|---|---|
protected HttpAction |
DefaultSecurityLogic.forbidden(C context,
List<Client> currentClients,
List<CommonProfile> profiles,
String authorizers)
Return a forbidden error.
|
protected HttpAction |
DefaultSecurityLogic.redirectToIdentityProvider(C context,
List<Client> currentClients)
Perform a redirection to start the login process of the first indirect client.
|
protected void |
DefaultSecurityLogic.saveRequestedUrl(C context,
List<Client> currentClients)
Save the requested url.
|
protected HttpAction |
DefaultSecurityLogic.unauthorized(C context,
List<Client> currentClients)
Return an unauthorized error.
|
| Modifier and Type | Method and Description |
|---|---|
static HttpAction |
HttpAction.forbidden(String message,
WebContext context)
Build a forbidden response.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context)
Build an HTTP Ok without any content.
|
static HttpAction |
HttpAction.ok(String message,
WebContext context,
String content)
Build an HTTP Ok.
|
static HttpAction |
HttpAction.redirect(String message,
WebContext context,
String url)
Build a redirection.
|
static HttpAction |
HttpAction.status(String message,
int status,
WebContext context)
Build a response with message and status.
|
static HttpAction |
HttpAction.unauthorized(String message,
WebContext context,
String realmName)
Build a basic auth popup credentials.
|
static HttpAction |
HttpAction.unauthorizedDigest(String message,
WebContext context,
String realmName,
String qop,
String nonce)
Build a digest auth popup credentials.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
Matcher.matches(WebContext context)
Check if the web context matches.
|
boolean |
HttpMethodMatcher.matches(WebContext context) |
boolean |
HeaderMatcher.matches(WebContext context) |
boolean |
MatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap)
Check if the web context matches.
|
boolean |
DefaultMatchingChecker.matches(WebContext context,
String matcherNames,
Map<String,Matcher> matchersMap) |
| Modifier and Type | Method and Description |
|---|---|
U |
ProfileCreator.create(C credentials,
WebContext context)
Create a profile from a credentials.
|
P |
AuthenticatorProfileCreator.create(C credentials,
WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
void |
AbstractProfileService.validate(UsernamePasswordCredentials credentials,
WebContext context) |
| Modifier and Type | Method and Description |
|---|---|
HttpAction |
RedirectAction.perform(WebContext context)
Perform a
RedirectAction on the web context. |
| Modifier and Type | Method and Description |
|---|---|
RedirectAction |
RedirectActionBuilder.redirect(WebContext context)
Return a redirect action for the web context.
|
Copyright © 2017. All Rights Reserved.