org.wildfly.swarm.config.management

Class AuthorizationAccess<T extends AuthorizationAccess<T>>

java.lang.Object

org.wildfly.swarm.config.management.AuthorizationAccess<T>

public class AuthorizationAccess<T extends AuthorizationAccess<T>>
extends Object

The access control definitions defining the access management restrictions.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	AuthorizationAccess.AuthorizationAccessResources Child mutators for AuthorizationAccess
static class	AuthorizationAccess.PermissionCombinationPolicy
static class	AuthorizationAccess.Provider

Constructor Summary

Constructors

Constructor and Description
AuthorizationAccess()

Method Summary

Modifier and Type	Method and Description
void	addPropertyChangeListener(PropertyChangeListener listener) Adds a property change listener
T	allRoleName(String value) The official names of all roles supported by the current management access control provider.
List<String>	allRoleNames() The official names of all roles supported by the current management access control provider.
T	allRoleNames(List<String> value) The official names of all roles supported by the current management access control provider.
T	allRoleNames(String... args) The official names of all roles supported by the current management access control provider.
T	applicationClassificationConstraint() Configuration of the application classification constraints.
T	applicationClassificationConstraint(ApplicationClassificationConstraint value) Configuration of the application classification constraints.
T	applicationClassificationConstraint(ApplicationClassificationConstraintConsumer consumer) Configuration of the application classification constraints.
T	applicationClassificationConstraint(ApplicationClassificationConstraintSupplier supplier) Configuration of the application classification constraints.
String	getKey()
AuthorizationAccess.PermissionCombinationPolicy	permissionCombinationPolicy() The policy for combining access control permissions when the authorization policy grants the user more than one type of permission for a given action.
T	permissionCombinationPolicy(AuthorizationAccess.PermissionCombinationPolicy value) The policy for combining access control permissions when the authorization policy grants the user more than one type of permission for a given action.
AuthorizationAccess.Provider	provider() The provider to use for management access control decisions.
T	provider(AuthorizationAccess.Provider value) The provider to use for management access control decisions.
void	removePropertyChangeListener(PropertyChangeListener listener) Removes a property change listener
T	roleMapping(RoleMapping value) Add the RoleMapping object to the list of subresources
T	roleMapping(RoleMappingSupplier supplier) Install a supplied RoleMapping object to the list of subresources
T	roleMapping(String childKey) Create and configure a RoleMapping object to the list of subresources
T	roleMapping(String childKey, RoleMappingConsumer consumer) Create and configure a RoleMapping object to the list of subresources
T	roleMappings(List<RoleMapping> value) Add all RoleMapping objects to this subresource
T	sensitivityClassificationConstraint() The sensitivity classification constraints.
T	sensitivityClassificationConstraint(SensitivityClassificationConstraint value) The sensitivity classification constraints.
T	sensitivityClassificationConstraint(SensitivityClassificationConstraintConsumer consumer) The sensitivity classification constraints.
T	sensitivityClassificationConstraint(SensitivityClassificationConstraintSupplier supplier) The sensitivity classification constraints.
T	standardRoleName(String value) The official names of the standard roles supported by the current management access control provider.
List<String>	standardRoleNames() The official names of the standard roles supported by the current management access control provider.
T	standardRoleNames(List<String> value) The official names of the standard roles supported by the current management access control provider.
T	standardRoleNames(String... args) The official names of the standard roles supported by the current management access control provider.
AuthorizationAccess.AuthorizationAccessResources	subresources()
Boolean	useIdentityRoles() Should the raw roles obtained from the underlying security identity be used directly?
T	useIdentityRoles(Boolean value) Should the raw roles obtained from the underlying security identity be used directly?
T	vaultExpressionConstraint() Configuration of whether vault expressions should be considered sensitive.
T	vaultExpressionConstraint(VaultExpressionConstraint value) Configuration of whether vault expressions should be considered sensitive.
T	vaultExpressionConstraint(VaultExpressionConstraintConsumer consumer) Configuration of whether vault expressions should be considered sensitive.
T	vaultExpressionConstraint(VaultExpressionConstraintSupplier supplier) Configuration of whether vault expressions should be considered sensitive.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthorizationAccess

public AuthorizationAccess()

Method Detail

getKey

public String getKey()

addPropertyChangeListener

public void addPropertyChangeListener(PropertyChangeListener listener)

Adds a property change listener

removePropertyChangeListener

public void removePropertyChangeListener(PropertyChangeListener listener)

Removes a property change listener

subresources

public AuthorizationAccess.AuthorizationAccessResources subresources()

roleMappings

public T roleMappings(List<RoleMapping> value)

Add all RoleMapping objects to this subresource

Parameters:

value - List of RoleMapping objects.

Returns:

this

roleMapping

public T roleMapping(RoleMapping value)

Add the RoleMapping object to the list of subresources

Parameters:

value - The RoleMapping to add

Returns:

this

roleMapping

public T roleMapping(String childKey,
                     RoleMappingConsumer consumer)

Create and configure a RoleMapping object to the list of subresources

Parameters:

key - The key for the RoleMapping resource

config - The RoleMappingConsumer to use

Returns:

this

roleMapping

public T roleMapping(String childKey)

Create and configure a RoleMapping object to the list of subresources

Parameters:

key - The key for the RoleMapping resource

Returns:

this

roleMapping

public T roleMapping(RoleMappingSupplier supplier)

Install a supplied RoleMapping object to the list of subresources

vaultExpressionConstraint

public T vaultExpressionConstraint(VaultExpressionConstraint value)

Configuration of whether vault expressions should be considered sensitive.

vaultExpressionConstraint

public T vaultExpressionConstraint(VaultExpressionConstraintConsumer consumer)

Configuration of whether vault expressions should be considered sensitive.

vaultExpressionConstraint

public T vaultExpressionConstraint()

Configuration of whether vault expressions should be considered sensitive.

vaultExpressionConstraint

public T vaultExpressionConstraint(VaultExpressionConstraintSupplier supplier)

Configuration of whether vault expressions should be considered sensitive.

applicationClassificationConstraint

public T applicationClassificationConstraint(ApplicationClassificationConstraint value)

Configuration of the application classification constraints.

applicationClassificationConstraint

public T applicationClassificationConstraint(ApplicationClassificationConstraintConsumer consumer)

Configuration of the application classification constraints.

applicationClassificationConstraint

public T applicationClassificationConstraint()

Configuration of the application classification constraints.

applicationClassificationConstraint

public T applicationClassificationConstraint(ApplicationClassificationConstraintSupplier supplier)

Configuration of the application classification constraints.

sensitivityClassificationConstraint

public T sensitivityClassificationConstraint(SensitivityClassificationConstraint value)

The sensitivity classification constraints.

sensitivityClassificationConstraint

public T sensitivityClassificationConstraint(SensitivityClassificationConstraintConsumer consumer)

The sensitivity classification constraints.

sensitivityClassificationConstraint

public T sensitivityClassificationConstraint()

The sensitivity classification constraints.

sensitivityClassificationConstraint

public T sensitivityClassificationConstraint(SensitivityClassificationConstraintSupplier supplier)

The sensitivity classification constraints.

allRoleNames

public List<String> allRoleNames()

The official names of all roles supported by the current management access control provider. This includes any standard roles as well as any user-defined roles.

allRoleNames

public T allRoleNames(List<String> value)

The official names of all roles supported by the current management access control provider. This includes any standard roles as well as any user-defined roles.

allRoleName

public T allRoleName(String value)

The official names of all roles supported by the current management access control provider. This includes any standard roles as well as any user-defined roles.

allRoleNames

public T allRoleNames(String... args)

The official names of all roles supported by the current management access control provider. This includes any standard roles as well as any user-defined roles.

permissionCombinationPolicy

public AuthorizationAccess.PermissionCombinationPolicy permissionCombinationPolicy()

The policy for combining access control permissions when the authorization policy grants the user more than one type of permission for a given action. In the standard role based authorization policy, this would occur when a user maps to multiple roles. The 'permissive' policy means if any of the permissions allow the action, the action is allowed. The 'rejecting' policy means the existence of multiple permissions should result in an error.

permissionCombinationPolicy

public T permissionCombinationPolicy(AuthorizationAccess.PermissionCombinationPolicy value)

The policy for combining access control permissions when the authorization policy grants the user more than one type of permission for a given action. In the standard role based authorization policy, this would occur when a user maps to multiple roles. The 'permissive' policy means if any of the permissions allow the action, the action is allowed. The 'rejecting' policy means the existence of multiple permissions should result in an error.

provider

public AuthorizationAccess.Provider provider()

The provider to use for management access control decisions.

provider

public T provider(AuthorizationAccess.Provider value)

The provider to use for management access control decisions.

standardRoleNames

public List<String> standardRoleNames()

The official names of the standard roles supported by the current management access control provider.

standardRoleNames

public T standardRoleNames(List<String> value)

The official names of the standard roles supported by the current management access control provider.

standardRoleName

public T standardRoleName(String value)

The official names of the standard roles supported by the current management access control provider.

standardRoleNames

public T standardRoleNames(String... args)

The official names of the standard roles supported by the current management access control provider.

useIdentityRoles

public Boolean useIdentityRoles()

Should the raw roles obtained from the underlying security identity be used directly?

useIdentityRoles

public T useIdentityRoles(Boolean value)

Should the raw roles obtained from the underlying security identity be used directly?