A B C D E G H I N O P R S U V W

A

AccessControl - Annotation Type in org.sklsft.commons.rest.security.annotations

Used to indicates a rest controller method which AccessControlType must be considered by the AccessControlAspect

AccessControlAspect - Class in org.sklsft.commons.rest.security.aspect

The aspect responsible for getting http request security headers
Depending on the AccessControlType, the aspect will check the secretKey, the token, and provide a security context when necessary

AccessControlAspect(SecurityContextProvider) - Constructor for class org.sklsft.commons.rest.security.aspect.AccessControlAspect

AccessControlType - Enum in org.sklsft.commons.rest.security.validation

Different Access control types provided by annotation AccessControl PUBLIC : no control should be done ANONYMOUS : the only secretKey will be checked PRIVATE : both secretKey and token will be checked

ApplicationCredentialsRetriever<T> - Interface in org.sklsft.commons.rest.security.context

B

bindApplicationCredentials(Object) - Static method in class org.sklsft.commons.rest.security.context.SecurityContextHolder

bindUserCredentials(Object) - Static method in class org.sklsft.commons.rest.security.context.SecurityContextHolder

C

clearSecurityContext() - Method in class org.sklsft.commons.rest.security.context.impl.CryptedAppKeySecurityContextProvider

clearSecurityContext() - Method in class org.sklsft.commons.rest.security.context.impl.PlainAppKeySecurityContextProvider

clearSecurityContext() - Method in class org.sklsft.commons.rest.security.context.impl.WeakSecurityContextProvider

clearSecurityContext() - Method in interface org.sklsft.commons.rest.security.context.SecurityContextProvider

CredentialsConflictException - Exception in org.sklsft.commons.rest.security.exception

CredentialsConflictException(String) - Constructor for exception org.sklsft.commons.rest.security.exception.CredentialsConflictException

CredentialsConflictException(String, Throwable) - Constructor for exception org.sklsft.commons.rest.security.exception.CredentialsConflictException

CryptedAppKeySecurityContextProvider<T,V> - Class in org.sklsft.commons.rest.security.context.impl

This class provide security context if both applicationkey and token are required for authentification, famous use case is websites trying to limit them api by throttling via by applicationkey, the credentials of applicationkey will be saved in SecurityContextHolder as for credentials of token

CryptedAppKeySecurityContextProvider(SecurityCredentialsEncoder<T>, SecurityCredentialsValidator<T>, SecurityCredentialsEncoder<V>, SecurityCredentialsValidator<V>) - Constructor for class org.sklsft.commons.rest.security.context.impl.CryptedAppKeySecurityContextProvider

D

decode(String) - Method in class org.sklsft.commons.rest.security.context.impl.SecurityCredentialsEncoderImpl

decode(String) - Method in interface org.sklsft.commons.rest.security.context.SecurityCredentialsEncoder

DocumentAccessControl - Annotation Type in org.sklsft.commons.rest.security.annotations

Annotation used to create joinpoints to be used by the aspect DocumentAccessControlAspect.

DocumentAccessControlAspect - Class in org.sklsft.commons.rest.security.aspect

The aspect responsible for getting the cookies and providing a security context.

DocumentAccessControlAspect(SecurityContextProvider) - Constructor for class org.sklsft.commons.rest.security.aspect.DocumentAccessControlAspect

E

encode(T) - Method in class org.sklsft.commons.rest.security.context.impl.SecurityCredentialsEncoderImpl

encode(T) - Method in interface org.sklsft.commons.rest.security.context.SecurityCredentialsEncoder

G

getApplicationCredentials() - Static method in class org.sklsft.commons.rest.security.context.SecurityContextHolder

getCurrentApplicationCredentials() - Static method in class org.sklsft.commons.rest.security.context.SecurityContextHolder

getCurrentUserCredentials() - Static method in class org.sklsft.commons.rest.security.context.SecurityContextHolder

getUserCredentials() - Static method in class org.sklsft.commons.rest.security.context.SecurityContextHolder

H

handleAuthentication(ProceedingJoinPoint) - Method in class org.sklsft.commons.rest.security.aspect.AccessControlAspect

handleAuthentication(ProceedingJoinPoint, DocumentAccessControl) - Method in class org.sklsft.commons.rest.security.aspect.DocumentAccessControlAspect

I

InvalidTokenException - Exception in org.sklsft.commons.rest.security.exception

InvalidTokenException(String) - Constructor for exception org.sklsft.commons.rest.security.exception.InvalidTokenException

InvalidTokenException(String, Throwable) - Constructor for exception org.sklsft.commons.rest.security.exception.InvalidTokenException

N

NoBoundCredentialsException - Exception in org.sklsft.commons.rest.security.exception

NoBoundCredentialsException(String) - Constructor for exception org.sklsft.commons.rest.security.exception.NoBoundCredentialsException

NoBoundCredentialsException(String, Throwable) - Constructor for exception org.sklsft.commons.rest.security.exception.NoBoundCredentialsException

O

org.sklsft.commons.rest.security.annotations - package org.sklsft.commons.rest.security.annotations

org.sklsft.commons.rest.security.aspect - package org.sklsft.commons.rest.security.aspect

org.sklsft.commons.rest.security.context - package org.sklsft.commons.rest.security.context

org.sklsft.commons.rest.security.context.impl - package org.sklsft.commons.rest.security.context.impl

org.sklsft.commons.rest.security.exception - package org.sklsft.commons.rest.security.exception

org.sklsft.commons.rest.security.validation - package org.sklsft.commons.rest.security.validation

P

PlainAppKeySecurityContextProvider<T,V> - Class in org.sklsft.commons.rest.security.context.impl

This class provide security context if both applicationkey and token are required for authentification, famous use case is websites trying to limit them api by throttling via by applicationkey, the credentials of applicationkey will be saved in SecurityContextHolder as for credentials of token the main difference between this class and CryptedAppKeySecurityContextProvider is that the applicationkey is considered here as plain text not token encrypting data by providing an implemntation of ApplicationCredentialsRetriever you are free to handle this key as you want

PlainAppKeySecurityContextProvider(SecurityCredentialsEncoder<T>, SecurityCredentialsValidator<T>, ApplicationCredentialsRetriever<V>) - Constructor for class org.sklsft.commons.rest.security.context.impl.PlainAppKeySecurityContextProvider

provideApplicationSecurityContext(String) - Method in class org.sklsft.commons.rest.security.context.impl.CryptedAppKeySecurityContextProvider

provideApplicationSecurityContext(String) - Method in class org.sklsft.commons.rest.security.context.impl.PlainAppKeySecurityContextProvider

provideApplicationSecurityContext(String) - Method in class org.sklsft.commons.rest.security.context.impl.WeakSecurityContextProvider

provideApplicationSecurityContext(String) - Method in interface org.sklsft.commons.rest.security.context.SecurityContextProvider

provideUserSecurityContext(String) - Method in class org.sklsft.commons.rest.security.context.impl.CryptedAppKeySecurityContextProvider

provideUserSecurityContext(String) - Method in class org.sklsft.commons.rest.security.context.impl.PlainAppKeySecurityContextProvider

provideUserSecurityContext(String) - Method in class org.sklsft.commons.rest.security.context.impl.WeakSecurityContextProvider

provideUserSecurityContext(String) - Method in interface org.sklsft.commons.rest.security.context.SecurityContextProvider

R

retrieveApplicationCredentials(String) - Method in interface org.sklsft.commons.rest.security.context.ApplicationCredentialsRetriever

S

SecretKeyValidator - Interface in org.sklsft.commons.rest.security.validation

The implementation of this interface should only check the secretKey provided by the AccessControlAspect is valid

SecurityContextHolder - Class in org.sklsft.commons.rest.security.context

A security context is handled by a ThreadLocal

SecurityContextHolder() - Constructor for class org.sklsft.commons.rest.security.context.SecurityContextHolder

SecurityContextProvider - Interface in org.sklsft.commons.rest.security.context

SecurityCredentialsEncoder<T> - Interface in org.sklsft.commons.rest.security.context

used to encode/decode a SecurityCredentials as a String

SecurityCredentialsEncoderImpl<T> - Class in org.sklsft.commons.rest.security.context.impl

imlementation of a SecurityCredentialsEncoder that uses an ObjectEncoder

SecurityCredentialsEncoderImpl(ObjectEncoder, Class<T>) - Constructor for class org.sklsft.commons.rest.security.context.impl.SecurityCredentialsEncoderImpl

SecurityCredentialsValidator<T> - Interface in org.sklsft.commons.rest.security.validation

U

unbindCredentials() - Static method in class org.sklsft.commons.rest.security.context.SecurityContextHolder

V

validateCredentials(T) - Method in interface org.sklsft.commons.rest.security.validation.SecurityCredentialsValidator

validateSecretKey(String) - Method in interface org.sklsft.commons.rest.security.validation.SecretKeyValidator

valueOf(String) - Static method in enum org.sklsft.commons.rest.security.validation.AccessControlType

Returns the enum constant of this type with the specified name.

values() - Static method in enum org.sklsft.commons.rest.security.validation.AccessControlType

Returns an array containing the constants of this enum type, in the order they are declared.

W

WeakSecurityContextProvider<T> - Class in org.sklsft.commons.rest.security.context.impl

this class is responsible for creating and destroying a security context given a token this security context will be handled by a ThreadLocal so that it will be accessible in the hole Thread execution's scope

WeakSecurityContextProvider(SecurityCredentialsEncoder<T>, SecurityCredentialsValidator<T>) - Constructor for class org.sklsft.commons.rest.security.context.impl.WeakSecurityContextProvider

A B C D E G H I N O P R S U V W