Interface AccessControlStrategy
- All Known Implementing Classes:
AbstractAccessControlStrategy,AbstractGatewayAccessControlStrategy,ApiTokenManager.TokenAccessControl,SecurityZoneAccessControlStrategy,WebUiSession.CsrfWebUiSessionAccessControl,WebUiSession.WebUiSessionAccessControl
public interface AccessControlStrategy
- Since:
- 8.3.0
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final AccessControlStrategyA strategy that grants access to all requests. -
Method Summary
Modifier and TypeMethodDescriptionstatic AccessControlStrategyand(AccessControlStrategy... strategies) canAccess(RequestContext context) Determines whether the request should be allowed to proceed.getWwwAuthenticateHeader(RequestContext context) Called whencanAccess(RequestContext)returnsRouteAccess.UNAUTHORIZED, to provide a WWW-Authenticate header to be included in the HTTP 401 response.static AccessControlStrategyor(Collection<AccessControlStrategy> strategies) default voidvalidate(RouteMounterContext routeMounterContext) Checks whether this strategy can be mounted to a Route in a given context.
-
Field Details
-
OPEN_ROUTE
A strategy that grants access to all requests.
-
-
Method Details
-
canAccess
Determines whether the request should be allowed to proceed. -
getWwwAuthenticateHeader
Called whencanAccess(RequestContext)returnsRouteAccess.UNAUTHORIZED, to provide a WWW-Authenticate header to be included in the HTTP 401 response. -
validate
default void validate(RouteMounterContext routeMounterContext) throws RouteMounterValidationException Checks whether this strategy can be mounted to a Route in a given context.- Parameters:
routeMounterContext- theRouteMounterContextto validate- Throws:
RouteMounterValidationException- if validation fails
-
and
-
or
-