se.security.providers.adoc Maven / Gradle / Ivy
///////////////////////////////////////////////////////////////////////////////
Copyright (c) 2018, 2024 Oracle and/or its affiliates.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
///////////////////////////////////////////////////////////////////////////////
= Security Providers
:description: Helidon Security providers
:keywords: helidon, security
:feature-name: Security Providers
:rootdir: {docdir}/../..
include::{rootdir}/includes/se.adoc[]
== Contents
- <>
- <>
- <>
== Implemented Security Providers
Helidon provides the following security providers for endpoint protection:
[cols="3,2,^1,6"]
|===
^|Provider ^|Type ^|Outbound supported ^|Description
|<> |Authentication |✅ |Open ID Connect supporting JWT, Scopes, Groups and OIDC code flow
|<> |Authentication |✅ |HTTP Basic Authentication support
|<> |Authentication |🚫 |HTTP Digest Authentication support
|<> |Authentication |✅ |Asserting a user based on a header value
|<> |Authentication |✅ |Protecting service to service communication through signatures
|<> |Role Mapping |🚫 |Retrieves roles from IDCS provider for authenticated user
|<> |Authorization |🚫 |Attribute based access control authorization policies
|===
The following providers are no longer evolved:
[cols="3,2,^1,6"]
|===
^|Provider ^|Type ^|Outbound supported ^|Description
|<> |Authentication |✅ |Authenticates a token from request against Google servers
|<> |Authentication |✅ |JWT tokens passed from frontend
|===
== OIDC Provider
Open ID Connect security provider.
=== Maven Coordinates
[source,xml]
.Maven dependency
----
io.helidon.security.providers
helidon-security-providers-oidc
----
==== Overview
In Helidon SE, we need to register the redirection support with
routing (in addition to `SecurityFeature` that integrates with `WebServer`).
This is not required when `redirect` is set to false.
[source,java]
.Adding support for OIDC redirects
----
include::{sourcedir}/se/security/ProvidersSnippets.java[tag=snippet_1, indent=0]
----
include::{rootdir}/includes/security/providers/oidc.adoc[]
include::{rootdir}/includes/security/providers/http-basic-auth.adoc[]
include::{rootdir}/includes/security/providers/http-digest-auth.adoc[]
include::{rootdir}/includes/security/providers/header-assertion.adoc[]
include::{rootdir}/includes/security/providers/http-signatures.adoc[]
include::{rootdir}/includes/security/providers/idcs-role-mapper.adoc[]
include::{rootdir}/includes/security/providers/abac.adoc[]
include::{rootdir}/includes/security/providers/google-login.adoc[]
include::{rootdir}/includes/security/providers/jwt.adoc[]
== Reference
* link:{helidon-github-tree-url}examples/security[Helidon Security Examples]
* link:{security-provider-oidc-base-url}/module-summary.html[Helidon OIDC JavaDoc]
* link:{security-provider-httpauth-base-url}/module-summary.html[Helidon HTTP Authentication JavaDoc]
* link:{security-provider-header-base-url}/module-summary.html[Helidon Header Authentication JavaDoc]
* link:{security-provider-httpsign-base-url}/module-summary.html[Helidon HTTP Signature JavaDoc]
* link:{security-provider-idcs-mapper-base-url}/module-summary.html[Helidon IDCS Role Mapper JavaDoc]
* link:{security-provider-abac-base-url}/module-summary.html[Helidon ABAC JavaDoc]
* link:{security-provider-google-login-base-url}/module-summary.html[Helidon Google Login JavaDoc]
* link:{security-provider-jwt-base-url}/module-summary.html[Helidon JWT JavaDoc]