config.io_helidon_webserver_security_PathsConfig.adoc Maven / Gradle / Ivy
///////////////////////////////////////////////////////////////////////////////
Copyright (c) 2023 Oracle and/or its affiliates.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
///////////////////////////////////////////////////////////////////////////////
ifndef::rootdir[:rootdir: {docdir}/..]
:description: Configuration of io.helidon.webserver.security.PathsConfig
:keywords: helidon, config, io.helidon.webserver.security.PathsConfig
:basic-table-intro: The table below lists the configuration keys that configure io.helidon.webserver.security.PathsConfig
include::{rootdir}/includes/attributes.adoc[]
= PathsConfig (webserver.security) Configuration
// tag::config[]
Type: link:{javadoc-base-url}/io.helidon.webserver.security/io/helidon/webserver/security/PathsConfig.html[io.helidon.webserver.security.PathsConfig]
== Configuration options
.Optional configuration options
[cols="3,3a,2,5a"]
|===
|key |type |default value |description
|`audit` |boolean |{nbsp} |Whether to audit this request - defaults to false, if enabled, request is audited with event type "request".
@return whether to audit
|`audit-event-type` |string |{nbsp} |Override for event-type, defaults to `SecurityHandler#DEFAULT_AUDIT_EVENT_TYPE`.
@return audit event type to use
|`audit-message-format` |string |{nbsp} |Override for audit message format, defaults to `SecurityHandler#DEFAULT_AUDIT_MESSAGE_FORMAT`.
@return audit message format to use
|`authenticate` |boolean |{nbsp} |If called, request will go through authentication process - defaults to false (even if authorize is true).
@return whether to authenticate or not
|`authentication-optional` |boolean |{nbsp} |If called, authentication failure will not abort request and will continue as anonymous (defaults to false).
@return whether authn is optional
|`authenticator` |string |{nbsp} |Use a named authenticator (as supported by security - if not defined, default authenticator is used).
Will enable authentication.
@return name of authenticator as configured in io.helidon.security.Security
|`authorize` |boolean |{nbsp} |Enable authorization for this route.
@return whether to authorize
|`authorizer` |string |{nbsp} |Use a named authorizer (as supported by security - if not defined, default authorizer is used, if none defined, all is
permitted).
Will enable authorization.
@return name of authorizer as configured in io.helidon.security.Security
|`methods` |Method[] |{nbsp} |
|`path` |string |{nbsp} |
|`roles-allowed` |string[] |{nbsp} |An array of allowed roles for this path - must have a security provider supporting roles (either authentication
or authorization provider).
This method enables authentication and authorization (you can disable them again by calling
SecurityHandler#skipAuthorization()
and #authenticationOptional() if needed).
@return if subject is any of these roles, allow access
|`sockets` |string[] |`@default` |
|`sockets` |string[] |{nbsp} |List of sockets this configuration should be applied to.
If empty, the configuration is applied to all configured sockets.
@return list of sockets
|===
// end::config[]© 2015 - 2025 Weber Informatics LLC | Privacy Policy