Package org.wildfly.security.auth.server
Class SecurityDomain.Builder
- java.lang.Object
-
- org.wildfly.security.auth.server.SecurityDomain.Builder
-
- Enclosing class:
- SecurityDomain
public static final class SecurityDomain.Builder extends Object
A builder for creating new security domains.
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SecurityDomain.RealmBuilder
addRealm(String name, SecurityRealm realm)
Add a realm to this security domain.SecurityDomain
build()
Construct this security domain.Map<String,RoleMapper>
getCategoryRoleMappers()
Get the category role mapper map.String
getDefaultRealmName()
Get the default realm name.void
setCategoryRoleMappers(Map<String,RoleMapper> categoryRoleMappers)
Set the category role mapper map.SecurityDomain.Builder
setDefaultRealmName(String defaultRealmName)
Set the default realm name.SecurityDomain.Builder
setEvidenceDecoder(EvidenceDecoder evidenceDecoder)
Set the evidence decoder for this security domain which will be used to extract the principal from the givenEvidence
.SecurityDomain.Builder
setPermissionMapper(PermissionMapper permissionMapper)
Set the permission mapper for this security domain, which will be used to obtain and map permissions based on the identities from this security domain.SecurityDomain.Builder
setPostRealmRewriter(Function<Principal,Principal> rewriter)
Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.SecurityDomain.Builder
setPostRealmRewriter(NameRewriter rewriter)
Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.SecurityDomain.Builder
setPreRealmRewriter(Function<Principal,Principal> rewriter)
Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.SecurityDomain.Builder
setPreRealmRewriter(NameRewriter rewriter)
Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.SecurityDomain.Builder
setPrincipalDecoder(PrincipalDecoder principalDecoder)
Set the principal decoder for this security domain, which will be used to convertPrincipal
objects into names for handling in the realm.SecurityDomain.Builder
setRealmMapper(RealmMapper realmMapper)
Set the realm mapper for this security domain, which selects a realm based on the authentication name.SecurityDomain.Builder
setRoleDecoder(RoleDecoder roleDecoder)
Set the role decoder for this security domain.SecurityDomain.Builder
setRoleMapper(RoleMapper roleMapper)
Set the role mapper for this security domain, which will be used to perform the last mapping before returning the roles associated with an identity obtained from this security domain.SecurityDomain.Builder
setSecurityEventListener(Consumer<SecurityEvent> securityEventListener)
Set the security event listener that will consume allSecurityEvent
instances emitted but the domain.SecurityDomain.Builder
setSecurityIdentityTransformer(UnaryOperator<SecurityIdentity> securityIdentityTransformer)
Set the security identity transformer to use.SecurityDomain.Builder
setTrustedSecurityDomainPredicate(Predicate<SecurityDomain> trustedSecurityDomain)
Set the predicate that should be used to determine if a given domain is trusted by this domain.
-
-
-
Method Detail
-
setPreRealmRewriter
public SecurityDomain.Builder setPreRealmRewriter(NameRewriter rewriter)
Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.- Parameters:
rewriter
- the name rewriter (must not benull
)- Returns:
- this builder
-
setPreRealmRewriter
public SecurityDomain.Builder setPreRealmRewriter(Function<Principal,Principal> rewriter)
Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.- Parameters:
rewriter
- the name rewriter (must not benull
)- Returns:
- this builder
-
setPostRealmRewriter
public SecurityDomain.Builder setPostRealmRewriter(NameRewriter rewriter)
Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.- Parameters:
rewriter
- the name rewriter (must not benull
)- Returns:
- this builder
-
setPostRealmRewriter
public SecurityDomain.Builder setPostRealmRewriter(Function<Principal,Principal> rewriter)
Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.- Parameters:
rewriter
- the name rewriter (must not benull
)- Returns:
- this builder
-
setRealmMapper
public SecurityDomain.Builder setRealmMapper(RealmMapper realmMapper)
Set the realm mapper for this security domain, which selects a realm based on the authentication name.- Parameters:
realmMapper
- the realm mapper (must not benull
)- Returns:
- this builder
-
setRoleMapper
public SecurityDomain.Builder setRoleMapper(RoleMapper roleMapper)
Set the role mapper for this security domain, which will be used to perform the last mapping before returning the roles associated with an identity obtained from this security domain.- Parameters:
roleMapper
- the role mapper (must not benull
)- Returns:
- this builder
-
setPermissionMapper
public SecurityDomain.Builder setPermissionMapper(PermissionMapper permissionMapper)
Set the permission mapper for this security domain, which will be used to obtain and map permissions based on the identities from this security domain.- Parameters:
permissionMapper
- the permission mapper (must not benull
)- Returns:
- this builder
-
setPrincipalDecoder
public SecurityDomain.Builder setPrincipalDecoder(PrincipalDecoder principalDecoder)
Set the principal decoder for this security domain, which will be used to convertPrincipal
objects into names for handling in the realm.- Parameters:
principalDecoder
- the principal decoder (must not benull
)- Returns:
- this builder
-
addRealm
public SecurityDomain.RealmBuilder addRealm(String name, SecurityRealm realm)
Add a realm to this security domain.- Parameters:
name
- the realm's name in this configurationrealm
- the realm- Returns:
- the new realm builder
-
getDefaultRealmName
public String getDefaultRealmName()
Get the default realm name.- Returns:
- the default realm name
-
setDefaultRealmName
public SecurityDomain.Builder setDefaultRealmName(String defaultRealmName)
Set the default realm name.- Parameters:
defaultRealmName
- the default realm name (must not benull
)
-
getCategoryRoleMappers
public Map<String,RoleMapper> getCategoryRoleMappers()
Get the category role mapper map.- Returns:
- the category role mapper map
-
setCategoryRoleMappers
public void setCategoryRoleMappers(Map<String,RoleMapper> categoryRoleMappers)
Set the category role mapper map.- Parameters:
categoryRoleMappers
- the category role mapper map (must not benull
)
-
setSecurityIdentityTransformer
public SecurityDomain.Builder setSecurityIdentityTransformer(UnaryOperator<SecurityIdentity> securityIdentityTransformer)
Set the security identity transformer to use. The transformer must not returnnull
, or authentication will fail.- Parameters:
securityIdentityTransformer
- the security identity transformer to use (must not benull
)- Returns:
- this builder
-
setTrustedSecurityDomainPredicate
public SecurityDomain.Builder setTrustedSecurityDomainPredicate(Predicate<SecurityDomain> trustedSecurityDomain)
Set the predicate that should be used to determine if a given domain is trusted by this domain.- Parameters:
trustedSecurityDomain
- the predicate that should be used to determine if a given domain is trusted by this domain (must not benull
)
-
setSecurityEventListener
public SecurityDomain.Builder setSecurityEventListener(Consumer<SecurityEvent> securityEventListener)
Set the security event listener that will consume allSecurityEvent
instances emitted but the domain.- Parameters:
securityEventListener
- the security event listener that will consume allSecurityEvent
instances emitted but the domain.- Returns:
- this builder
-
setEvidenceDecoder
public SecurityDomain.Builder setEvidenceDecoder(EvidenceDecoder evidenceDecoder)
Set the evidence decoder for this security domain which will be used to extract the principal from the givenEvidence
.- Parameters:
evidenceDecoder
- the evidence decoder (must not benull
)- Returns:
- this builder
- Since:
- 1.10.0
-
setRoleDecoder
public SecurityDomain.Builder setRoleDecoder(RoleDecoder roleDecoder)
Set the role decoder for this security domain.- Parameters:
roleDecoder
- the role decoder (must not benull
)- Returns:
- this builder
- Since:
- 1.11.0
-
build
public SecurityDomain build()
Construct this security domain. Construction requirescreateSecurityDomain
ElytronPermission
.- Returns:
- the new security domain
-
-