Module io.inverno.mod.security
Package io.inverno.mod.security

Interface SecurityManager<A extends Credentials,B extends Identity,C extends AccessController>

Type Parameters:
A - the type of credentials to authenticate
B - the identity type
C - the access controller type
public interface SecurityManager<A extends Credentials,B extends Identity,C extends AccessController>

A security manager authenticate the credentials of an entity and obtain the SecurityContext used to protect services and resources in the application.

A security manager implementation shall rely on an Authenticator to authenticate credentials, an IdentityResolver to resolve the identity of the authenticated entity and an AccessControllerResolver to get the access controller for the authenticated entity in order to create the SecurityContext.

The resulting security context can then be used to protect sensitive services or resources.

Since:
1.5
Author:
Jeremy Kuhn

  • Method Details

    • of

      static <A extends Credentials, B extends Authentication, C extends Identity, D extends AccessController> SecurityManager<A,C,D> of(Authenticator<? super A,? extends B> authenticator)

      Creates a security manager with the specified authenticator.

      The security contexts created using the resulting security manager will have no identity and no access controller since corresponding resolvers are missing.

      Type Parameters:
      A - credentials type to authenticate
      B - the authentication resulting from a successful authentication and used to resolve identity and access controller
      C - the identity type
      D - the access controller type
      Parameters:
      authenticator - the authenticator
      Returns:
      a new security manager

    • of

      static <A extends Credentials, B extends Authentication, C extends Identity, D extends AccessController> SecurityManager<A,C,D> of(Authenticator<? super A,? extends B> authenticator, IdentityResolver<? super B,? extends C> identityResolver)

      Creates a security manager with the specified authenticator and identity resolver.

      The security contexts created using the resulting security manager will have no access controller since corresponding resolver is missing.

      Type Parameters:
      A - credentials type to authenticate
      B - the authentication resulting from a successful authentication and used to resolve identity and access controller
      C - the identity type
      D - the access controller type
      Parameters:
      authenticator - the authenticator
      identityResolver - the identity resolver
      Returns:
      a new security manager

    • of

      static <A extends Credentials, B extends Authentication, C extends Identity, D extends AccessController> SecurityManager<A,C,D> of(Authenticator<? super A,? extends B> authenticator, AccessControllerResolver<? super B,? extends D> accessControllerResolver)

      Creates a security manager with the specified authenticator and access controller resolver.

      The security contexts created using the resulting security manager will have no identity since corresponding resolver is missing.

      Type Parameters:
      A - credentials type to authenticate
      B - the authentication resulting from a successful authentication and used to resolve identity and access controller
      C - the identity type
      D - the access controller type
      Parameters:
      authenticator - the authenticator
      accessControllerResolver - the access controller resolver
      Returns:
      a new security manager

    • of

      static <A extends Credentials, B extends Authentication, C extends Identity, D extends AccessController> SecurityManager<A,C,D> of(Authenticator<? super A,? extends B> authenticator, IdentityResolver<? super B,? extends C> identityResolver, AccessControllerResolver<? super B,? extends D> accessControllerResolver)

      Creates a security manager with the specified authenticator, identity resolver and access controller resolver.

      Type Parameters:
      A - credentials type to authenticate
      B - the authentication resulting from a successful authentication and used to resolve identity and access controller
      C - the identity type
      D - the access controller type
      Parameters:
      authenticator - the authenticator
      identityResolver - the identity resolver
      accessControllerResolver - the access controller resolver
      Returns:
      a new security manager

    • authenticate

      Mono<SecurityContext<B,C>> authenticate(A credentials)

      Authenticates the specified credentials and returns the corresponding security context.

      This method authenticates the credentials, then resolve the identiy and the access controller and finally create the resulting security context which can be:

      • anonymous (i.e. not authenticated with no cause) when specifying null credentials.
      • denied when an error was raised during the authentication process or identity and access controller resolutions.
      • granted when the security manager was able to authenticated credentials, resolve identity and access controller.
      Parameters:
      credentials - the credentials to authenticate or null to get an anonymous security context
      Returns:
      a mono emitting the resulting security context