Package org.wildfly.security.auth.server

Class SecurityDomain.Builder

java.lang.Object
org.wildfly.security.auth.server.SecurityDomain.Builder
Enclosing class:
SecurityDomain
public static final class SecurityDomain.Builder extends Object
A builder for creating new security domains.

  • Method Details

    • setPreRealmRewriter

      public SecurityDomain.Builder setPreRealmRewriter(NameRewriter rewriter)
      Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.
      Parameters:
      rewriter - the name rewriter (must not be null)
      Returns:
      this builder

    • setPreRealmRewriter

      public SecurityDomain.Builder setPreRealmRewriter(Function<Principal,Principal> rewriter)
      Sets a pre-realm name rewriter, which rewrites the authentication name before a realm is selected.
      Parameters:
      rewriter - the name rewriter (must not be null)
      Returns:
      this builder

    • setPostRealmRewriter

      public SecurityDomain.Builder setPostRealmRewriter(NameRewriter rewriter)
      Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.
      Parameters:
      rewriter - the name rewriter (must not be null)
      Returns:
      this builder

    • setPostRealmRewriter

      public SecurityDomain.Builder setPostRealmRewriter(Function<Principal,Principal> rewriter)
      Sets a post-realm name rewriter, which rewrites the authentication name after a realm is selected.
      Parameters:
      rewriter - the name rewriter (must not be null)
      Returns:
      this builder

    • setRealmMapper

      public SecurityDomain.Builder setRealmMapper(RealmMapper realmMapper)
      Set the realm mapper for this security domain, which selects a realm based on the authentication name.
      Parameters:
      realmMapper - the realm mapper (must not be null)
      Returns:
      this builder

    • setRoleMapper

      public SecurityDomain.Builder setRoleMapper(RoleMapper roleMapper)
      Set the role mapper for this security domain, which will be used to perform the last mapping before returning the roles associated with an identity obtained from this security domain.
      Parameters:
      roleMapper - the role mapper (must not be null)
      Returns:
      this builder

    • setPermissionMapper

      public SecurityDomain.Builder setPermissionMapper(PermissionMapper permissionMapper)
      Set the permission mapper for this security domain, which will be used to obtain and map permissions based on the identities from this security domain.
      Parameters:
      permissionMapper - the permission mapper (must not be null)
      Returns:
      this builder

    • setPrincipalDecoder

      public SecurityDomain.Builder setPrincipalDecoder(PrincipalDecoder principalDecoder)
      Set the principal decoder for this security domain, which will be used to convert Principal objects into names for handling in the realm.
      Parameters:
      principalDecoder - the principal decoder (must not be null)
      Returns:
      this builder

    • addRealm

      public SecurityDomain.RealmBuilder addRealm(String name, SecurityRealm realm)
      Add a realm to this security domain.
      Parameters:
      name - the realm's name in this configuration
      realm - the realm
      Returns:
      the new realm builder

    • getDefaultRealmName

      public String getDefaultRealmName()
      Get the default realm name.
      Returns:
      the default realm name

    • setDefaultRealmName

      public SecurityDomain.Builder setDefaultRealmName(String defaultRealmName)
      Set the default realm name.
      Parameters:
      defaultRealmName - the default realm name (must not be null)

    • getCategoryRoleMappers

      public Map<String,RoleMapper> getCategoryRoleMappers()
      Get the category role mapper map.
      Returns:
      the category role mapper map

    • setCategoryRoleMappers

      public void setCategoryRoleMappers(Map<String,RoleMapper> categoryRoleMappers)
      Set the category role mapper map.
      Parameters:
      categoryRoleMappers - the category role mapper map (must not be null)

    • setSecurityIdentityTransformer

      public SecurityDomain.Builder setSecurityIdentityTransformer(UnaryOperator<SecurityIdentity> securityIdentityTransformer)
      Set the security identity transformer to use. The transformer must not return null, or authentication will fail.
      Parameters:
      securityIdentityTransformer - the security identity transformer to use (must not be null)
      Returns:
      this builder

    • setTrustedSecurityDomainPredicate

      public SecurityDomain.Builder setTrustedSecurityDomainPredicate(Predicate<SecurityDomain> trustedSecurityDomain)
      Set the predicate that should be used to determine if a given domain is trusted by this domain.
      Parameters:
      trustedSecurityDomain - the predicate that should be used to determine if a given domain is trusted by this domain (must not be null)

    • setSecurityEventListener

      public SecurityDomain.Builder setSecurityEventListener(Consumer<SecurityEvent> securityEventListener)
      Set the security event listener that will consume all SecurityEvent instances emitted but the domain.
      Parameters:
      securityEventListener - the security event listener that will consume all SecurityEvent instances emitted but the domain.
      Returns:
      this builder

    • setEvidenceDecoder

      public SecurityDomain.Builder setEvidenceDecoder(EvidenceDecoder evidenceDecoder)
      Set the evidence decoder for this security domain which will be used to extract the principal from the given Evidence.
      Parameters:
      evidenceDecoder - the evidence decoder (must not be null)
      Returns:
      this builder
      Since:
      1.10.0

    • setRoleDecoder

      public SecurityDomain.Builder setRoleDecoder(RoleDecoder roleDecoder)
      Set the role decoder for this security domain.
      Parameters:
      roleDecoder - the role decoder (must not be null)
      Returns:
      this builder
      Since:
      1.11.0

    • build

      public SecurityDomain build()
      Construct this security domain. Construction requires createSecurityDomain ElytronPermission.
      Returns:
      the new security domain