Package org.wildfly.security.auth.server

Class SecurityDomain.Builder

  • Enclosing class:
    SecurityDomain
    public static final class SecurityDomain.Builder
extends Object
    A builder for creating new security domains.

    • Constructor Detail

      • Builder

        Builder()

    • Method Detail

      • setPreRealmRewriter

        public SecurityDomain.Builder setPreRealmRewriter​(NameRewriter rewriter)
        Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.
        Parameters:
        rewriter - the name rewriter (must not be null)
        Returns:
        this builder

      • setPreRealmRewriter

        public SecurityDomain.Builder setPreRealmRewriter​(Function<Principal,​Principal> rewriter)
        Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.
        Parameters:
        rewriter - the name rewriter (must not be null)
        Returns:
        this builder

      • setPostRealmRewriter

        public SecurityDomain.Builder setPostRealmRewriter​(NameRewriter rewriter)
        Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.
        Parameters:
        rewriter - the name rewriter (must not be null)
        Returns:
        this builder

      • setPostRealmRewriter

        public SecurityDomain.Builder setPostRealmRewriter​(Function<Principal,​Principal> rewriter)
        Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.
        Parameters:
        rewriter - the name rewriter (must not be null)
        Returns:
        this builder

      • setRealmMapper

        public SecurityDomain.Builder setRealmMapper​(RealmMapper realmMapper)
        Set the realm mapper for this security domain, which selects a realm based on the authentication name.
        Parameters:
        realmMapper - the realm mapper (must not be null)
        Returns:
        this builder

      • setRoleMapper

        public SecurityDomain.Builder setRoleMapper​(RoleMapper roleMapper)
        Set the role mapper for this security domain, which will be used to perform the last mapping before returning the roles associated with an identity obtained from this security domain.
        Parameters:
        roleMapper - the role mapper (must not be null)
        Returns:
        this builder

      • setPermissionMapper

        public SecurityDomain.Builder setPermissionMapper​(PermissionMapper permissionMapper)
        Set the permission mapper for this security domain, which will be used to obtain and map permissions based on the identities from this security domain.
        Parameters:
        permissionMapper - the permission mapper (must not be null)
        Returns:
        this builder

      • setPrincipalDecoder

        public SecurityDomain.Builder setPrincipalDecoder​(PrincipalDecoder principalDecoder)
        Set the principal decoder for this security domain, which will be used to convert Principal objects into names for handling in the realm.
        Parameters:
        principalDecoder - the principal decoder (must not be null)
        Returns:
        this builder

      • addRealm

        public SecurityDomain.RealmBuilder addRealm​(String name,
                                            SecurityRealm realm)
        Add a realm to this security domain.
        Parameters:
        name - the realm's name in this configuration
        realm - the realm
        Returns:
        the new realm builder

      • getDefaultRealmName

        public String getDefaultRealmName()
        Get the default realm name.
        Returns:
        the default realm name

      • setDefaultRealmName

        public SecurityDomain.Builder setDefaultRealmName​(String defaultRealmName)
        Set the default realm name.
        Parameters:
        defaultRealmName - the default realm name (must not be null)

      • getCategoryRoleMappers

        public Map<String,​RoleMapper> getCategoryRoleMappers()
        Get the category role mapper map.
        Returns:
        the category role mapper map

      • setCategoryRoleMappers

        public void setCategoryRoleMappers​(Map<String,​RoleMapper> categoryRoleMappers)
        Set the category role mapper map.
        Parameters:
        categoryRoleMappers - the category role mapper map (must not be null)

      • setSecurityIdentityTransformer

        public SecurityDomain.Builder setSecurityIdentityTransformer​(UnaryOperator<SecurityIdentity> securityIdentityTransformer)
        Set the security identity transformer to use. The transformer must not return null, or authentication will fail.
        Parameters:
        securityIdentityTransformer - the security identity transformer to use (must not be null)
        Returns:
        this builder

      • setTrustedSecurityDomainPredicate

        public SecurityDomain.Builder setTrustedSecurityDomainPredicate​(Predicate<SecurityDomain> trustedSecurityDomain)
        Set the predicate that should be used to determine if a given domain is trusted by this domain.
        Parameters:
        trustedSecurityDomain - the predicate that should be used to determine if a given domain is trusted by this domain (must not be null)

      • setSecurityEventListener

        public SecurityDomain.Builder setSecurityEventListener​(Consumer<SecurityEvent> securityEventListener)
        Set the security event listener that will consume all SecurityEvent instances emitted but the domain.
        Parameters:
        securityEventListener - the security event listener that will consume all SecurityEvent instances emitted but the domain.
        Returns:
        this builder

      • setEvidenceDecoder

        public SecurityDomain.Builder setEvidenceDecoder​(EvidenceDecoder evidenceDecoder)
        Set the evidence decoder for this security domain which will be used to extract the principal from the given Evidence.
        Parameters:
        evidenceDecoder - the evidence decoder (must not be null)
        Returns:
        this builder
        Since:
        1.10.0

      • setRoleDecoder

        public SecurityDomain.Builder setRoleDecoder​(RoleDecoder roleDecoder)
        Set the role decoder for this security domain.
        Parameters:
        roleDecoder - the role decoder (must not be null)
        Returns:
        this builder
        Since:
        1.11.0

      • build

        public SecurityDomain build()
        Construct this security domain. Construction requires createSecurityDomain ElytronPermission.
        Returns:
        the new security domain

      • assertNotBuilt

        void assertNotBuilt()