io.helidon.webserver.security.SecurityHandler
Description
Configuration of a io.helidon.webserver.security.SecurityHandler
Configuration options
| Key | Type | Description |
|---|---|---|
authentication-optional | Boolean | If called, authentication failure will not abort request and will continue as anonymous (defaults to false) |
authenticate | Boolean | If called, request will go through authentication process - defaults to false (even if authorize is true) |
audit-event-type | String | Override for event-type, defaults to SecurityHandler#DEFAULT_AUDIT_EVENT_TYPE |
authorizer | String | Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is permitted) |
audit | Boolean | Whether to audit this request - defaults to false, if enabled, request is audited with event type "request" |
audit-message-format | String | Override for audit message format, defaults to SecurityHandler#DEFAULT_AUDIT_MESSAGE_FORMAT |
sockets | List<String> | List of sockets this configuration should be applied to |
authenticator | String | Use a named authenticator (as supported by security - if not defined, default authenticator is used) |
authorize | Boolean | Enable authorization for this route |
roles-allowed | List<String> | An array of allowed roles for this path - must have a security provider supporting roles (either authentication or authorization provider) |
Dependent Types
Usages
See the manifest for all available types.