Package org.restheart.security.handlers
package org.restheart.security.handlers
Security handlers for HTTP requests
- Author:
- Andrea Di Cesare <andrea@softinstigate.com>
-
ClassesClassDescriptionThis is the PipelinedHandler version of io.undertow.security.handlers.AuthenticationCallHandler that is the final
HttpHandlerin the security chain, it's purpose is to act as a barrier at the end of the chain to ensure authenticate is called after the mechanisms have been associated with the context and the constraint checked.This is the PipelinedHandler version of io.undertow.security.handlers.AuthenticationMechanismsHandler that adds one or more authenticator mechanisms to the security contextlog the wapped AuthenticatorMechanism outcomes and makes sure that it can't fail the whole authetication process if it doesn't authenticate the request.Executes isAllowed() on all enabled authorizer to check the request An Authorizer can be either a VETOER or an ALLOWER A request is allowed when no VETOER denies it and any ALLOWER allows itThis is the PipelinedHandler version of io.undertow.security.handlers.SecurityInitialHandler the security handler responsible for attaching the SecurityContext to the currentHttpServerExchange.