public abstract class AbstractSecurityRule extends Object implements SecurityRule
SecurityRule class to extend from that provides
helper methods to get the roles from the claims and compare them
to the roles allowed by the rule.DENY_ALL, IS_ANONYMOUS, IS_AUTHENTICATEDHIGHEST_PRECEDENCE, LOWEST_PRECEDENCE| Modifier and Type | Method and Description |
|---|---|
protected SecurityRuleResult |
compareRoles(List<String> requiredRoles,
List<String> grantedRoles)
Compares the given roles to determine if the request is allowed by
comparing if any of the granted roles is in the required roles list.
|
protected List<String> |
getRoles(Map<String,Object> claims)
Appends
SecurityRule.IS_ANONYMOUS if not authenticated. |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitcheckprotected List<String> getRoles(Map<String,Object> claims)
SecurityRule.IS_ANONYMOUS if not authenticated. If the
claims contain one or more roles, SecurityRule.IS_AUTHENTICATED is
appended to the list.claims - The claims of the token, null if not authenticatedprotected SecurityRuleResult compareRoles(List<String> requiredRoles, List<String> grantedRoles)
requiredRoles - The list of roles required to be authorizedgrantedRoles - The list of roles granted to the userSecurityRuleResult.REJECTED if none of the granted roles
appears in the required roles list. SecurityRuleResult.ALLOWED otherwise.