Package io.quarkus.vertx.http.security

Interface HttpSecurity.HttpPermission

Enclosing interface:

HttpSecurity

public static interface HttpSecurity.HttpPermission

Represents authorization and authentication requirements for given path patterns.

Method Summary

Modifier and Type	Method	Description
HttpSecurity.HttpPermission	applyToJaxRs()	Whether permission check should be applied on all matching paths, or paths specific for the Jakarta REST resources.
HttpSecurity	authenticated()	HTTP requests will only be accessible if SecurityIdentity is not anonymous.
HttpSecurity.HttpPermission	authenticatedWith(String scheme)	HTTP request must be authenticated using a mechanism with matching HttpCredentialTransport.getAuthenticationScheme().
HttpSecurity.Authorization	authorization()	Allows to configure HTTP request authorization requirement on the returned instance.
HttpSecurity.HttpPermission	authorizationCodeFlow()	HTTP request must be authenticated using Authorization Code Flow mechanism.
HttpSecurity.HttpPermission	basic()	HTTP request must be authenticated using basic authentication mechanism configured in the 'application.properties' file or the mechanism created with the Basic API and registered against the HttpSecurity.mechanism(HttpAuthenticationMechanism).
HttpSecurity.HttpPermission	bearer()	HTTP request must be authenticated using Bearer token authentication.
HttpSecurity.HttpPermission	form()	HTTP request must be authenticated using form-based authentication mechanism configured in the 'application.properties' file or the mechanism created with the Form API and registered against the HttpSecurity.mechanism(HttpAuthenticationMechanism).
HttpSecurity.HttpPermission	methods(String... httpMethods)	The methods that this permission set applies to.
HttpSecurity.HttpPermission	mTLS()	HTTP request must be authenticated using mutual-TLS authentication.
HttpSecurity	permit()	This method is a shortcut for HttpSecurity.Authorization.permit().
HttpSecurity	policy(HttpSecurityPolicy httpSecurityPolicy)	This method is a shortcut for HttpSecurity.Authorization.policy(HttpSecurityPolicy).
HttpSecurity	roles(String... roles)	This method is a shortcut for HttpSecurity.Authorization.roles(String...).
HttpSecurity.HttpPermission	shared()	Indicates that this policy always applies to the matched paths in addition to the policy with a winning path.
HttpSecurity.HttpPermission	webAuthn()	HTTP request must be authenticated using WebAuthn mechanism.

Method Details

basic

HttpSecurity.HttpPermission basic()

HTTP request must be authenticated using basic authentication mechanism configured in the 'application.properties' file or the mechanism created with the Basic API and registered against the HttpSecurity.mechanism(HttpAuthenticationMechanism).

form

HttpSecurity.HttpPermission form()

HTTP request must be authenticated using form-based authentication mechanism configured in the 'application.properties' file or the mechanism created with the Form API and registered against the HttpSecurity.mechanism(HttpAuthenticationMechanism).

mTLS

HttpSecurity.HttpPermission mTLS()

HTTP request must be authenticated using mutual-TLS authentication.

bearer

HttpSecurity.HttpPermission bearer()

HTTP request must be authenticated using Bearer token authentication.

webAuthn

HttpSecurity.HttpPermission webAuthn()

HTTP request must be authenticated using WebAuthn mechanism.

authorizationCodeFlow

HttpSecurity.HttpPermission authorizationCodeFlow()

HTTP request must be authenticated using Authorization Code Flow mechanism.

authenticated

HttpSecurity authenticated()

HTTP requests will only be accessible if SecurityIdentity is not anonymous.

authenticatedWith

HttpSecurity.HttpPermission authenticatedWith(String scheme)

HTTP request must be authenticated using a mechanism with matching HttpCredentialTransport.getAuthenticationScheme(). Please note that annotation-based mechanism selection has higher priority during the mechanism selection.

shared

HttpSecurity.HttpPermission shared()

Indicates that this policy always applies to the matched paths in addition to the policy with a winning path. Programmatic analogy to the 'quarkus.http.auth.permission."permissions".shared' configuration property.

applyToJaxRs

HttpSecurity.HttpPermission applyToJaxRs()

Whether permission check should be applied on all matching paths, or paths specific for the Jakarta REST resources. Programmatic analogy to the 'quarkus.http.auth.permission."permissions".applies-to' configuration property.

methods

HttpSecurity.HttpPermission methods(String... httpMethods)

The methods that this permission set applies to. If this is not set then they apply to all methods. Programmatic analogy to the 'quarkus.http.auth.permission."permissions".methods' configuration property.

authorization

HttpSecurity.Authorization authorization()

Allows to configure HTTP request authorization requirement on the returned instance.

permit

HttpSecurity permit()

This method is a shortcut for HttpSecurity.Authorization.permit().

roles

HttpSecurity roles(String... roles)

This method is a shortcut for HttpSecurity.Authorization.roles(String...).

policy

HttpSecurity policy(HttpSecurityPolicy httpSecurityPolicy)

This method is a shortcut for HttpSecurity.Authorization.policy(HttpSecurityPolicy).