You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/src/main/asciidoc/se/injection/declarative.adoc
+19Lines changed: 19 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -83,6 +83,7 @@ The following features are currently implemented:
83
83
- <<Dec-FT, Fault Tolerance>>
84
84
- <<Dec-Scheduling, Scheduling>>
85
85
- <<Dec-Validation, Validation>>
86
+
- <<Dec-Security, Security>>
86
87
87
88
A Helidon Declarative application should be started using the generated application binding, to ensure no lookup and no reflection.
88
89
The call to `ServiceRegistryManager.start` ensures that all services with a defined `RunLevel` are started, including Helidon WebServer, Scheduled services etc.
@@ -371,3 +372,21 @@ For each constraint annotation, there MUST be a service that validates it.
Security provides protection of WebServer endpoints.
379
+
380
+
Identity propagation (when using a WebClient) depends on configuration of the client and configuration of security.
381
+
We currently do not have declarative way of modifying client behavior.
382
+
383
+
Supported annotations:
384
+
385
+
- `io.helidon.security.annotations.Authenticated` - mark an endpoint or a method as requiring authentication
386
+
- `io.helidon.security.annotations.Authorized` - mark an endpoint or a method as requiring authorization
387
+
- `io.helidon.security.annotations.Audited` - mark an endpoint or a method as requiring audit logging
388
+
- `io.helidon.security.abac.role.RoleValidator.PermitAll` - annotated method does not require any authentication or authorization (even if endpoint does)
389
+
- `jakarta.annotation.security.PermitAll` - same as `RoleValidator.PermitAll`
390
+
- `jakarta.annotation.security.DenyAll` - annotated method will not be callable with any kind of authentication or authorization
391
+
- link:{security-javadoc-base-url}/io/helidon/security/abac/role/RoleValidator.Roles.html[`io.helidon.security.abac.role.RoleValidator.Roles`] - provide a set of roles that can access a resource, implies authentication is required
392
+
- `jakarta.annotation.security.RolesAllowed` - same as above (`RoleValidator.Roles`)
0 commit comments