public interface SecurityRule extends Ordered
Modifier and Type | Field and Description |
---|---|
static String |
DENY_ALL
The token to represent no security roles are allowed.
|
static String |
IS_ANONYMOUS
The token to represent allowing anonymous access.
|
static String |
IS_AUTHENTICATED
The token to represent allowing any authenticated access.
|
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
Modifier and Type | Method and Description |
---|---|
SecurityRuleResult |
check(HttpRequest request,
RouteMatch routeMatch,
Map<String,Object> claims)
Returns a security result based on any conditions.
|
static final String IS_ANONYMOUS
static final String IS_AUTHENTICATED
static final String DENY_ALL
SecurityRuleResult check(HttpRequest request, @Nullable RouteMatch routeMatch, @Nullable Map<String,Object> claims)
request
- The current requestrouteMatch
- The matched route or empty if no route was matched. e.g. static resource.claims
- The claims from the token. Null if not authenticatedSecurityRuleResult