javax.security.enterprise.package-info Maven / Gradle / Ivy

Go to download

/* * Copyright (c) 2015, 2018 Oracle and/or its affiliates. All rights reserved. * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v. 2.0, which is available at * http://www.eclipse.org/legal/epl-2.0. * * This Source Code may also be made available under the following Secondary * Licenses when the conditions for such availability set forth in the * Eclipse Public License v. 2.0 are satisfied: GNU General Public License, * version 2 with the GNU Classpath Exception, which is available at * https://www.gnu.org/software/classpath/license.html. * * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 */ /** * The main Java EE Security API package. This package contains classes and interfaces that span authentication, * authorization and identity concerns. * * EL Support in annotations * * This specification supports the use of expression language 3.0 in annotations. This is described in more detail below: * * ...Definition annotations * * The Java EE Security API features several annotations, with names that end with Definition, * which, when used, make CDI beans available. For completeness, this concerns the following annotations: * * * {@link javax.security.enterprise.identitystore.DatabaseIdentityStoreDefinition} * {@link javax.security.enterprise.identitystore.LdapIdentityStoreDefinition} * {@link javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition} * {@link javax.security.enterprise.authentication.mechanism.http.CustomFormAuthenticationMechanismDefinition} * {@link javax.security.enterprise.authentication.mechanism.http.FormAuthenticationMechanismDefinition} * * * For all attributes of type String on these annotations, Expression Language 3.0 expressions can be used. * All named CDI beans are available to that expression, as well as the default classes as specified by EL 3.0 for the * {@link ELProcessor}. * * * Expressions can be either immediate (${} syntax), or deferred (#{} syntax). Immediate * expressions are evaluated once when the bean instance corresponding to the "...Definition" annotation is actually created. * Since such beans are application scoped, that means once for the entire application. Deferred expressions are evaluated in * each request where the security runtime needs to use the value of these attributes. * * * Attributes that are documented as being EL alternatives to non-String type * attributes (attributes for which the name ends with Expression, hereafter called EL alternative attribute) * MUST evaluate to the same type as the attribute they are an alternative to. If the EL alternative attribute has a * non empty value, it takes precedence over the attribute which it is an alternative to. * * * The EL alternative attribute MUST contain a valid EL expression. Attributes of type string that are not EL alternative * attributes can contain either an expression or a string value that is not an expression. * * Interceptor annotations * * The Java EE Security API features several annotations with attributes that denote interceptor spec interceptors. * For completeness, this concerns the following annotations: * * * {@link javax.security.enterprise.authentication.mechanism.http.LoginToContinue} * {@link javax.security.enterprise.authentication.mechanism.http.RememberMe} * * *

* Expression language is supported for these annotations as well, but in a slightly different way. * See the javadoc of both these annotations for how the expression language support differs. * * @version 1.0 */ package javax.security.enterprise; import javax.el.ELProcessor;