Class SecurityHelper

java.lang.Object
org.glassfish.jersey.message.filtering.SecurityHelper

final class SecurityHelper extends Object
Utility methods for security Entity Data Filtering.
  • Field Details

    • roles

      private static final Set<String> roles
  • Constructor Details

    • SecurityHelper

      private SecurityHelper()
      Prevent instantiation.
  • Method Details

    • getFilteringScopes

      static Set<String> getFilteringScopes(Annotation[] annotations)
      Get entity-filtering scopes of security annotations present among given annotations.

      A scope look like:

      • <fully qualified annotation class name>, or
      • <fully qualified annotation class name>_<role>

      Parameters:
      annotations - a list of annotations (doesn't need to contain only security annotations)
      Returns:
      a set of entity-filtering scopes.
    • getFilteringScopes

      static Set<String> getFilteringScopes(javax.ws.rs.core.SecurityContext securityContext, Annotation[] annotations)
      Get entity-filtering scopes of security annotations present among given annotations with respect to given SecurityContext. Resulting set contains only scopes that pass the security context check.

      A scope look like:

      • <fully qualified annotation class name>, or
      • <fully qualified annotation class name>_<role>

      Parameters:
      securityContext - security context to check whether a user is in specified logical role.
      annotations - a list of annotations (doesn't need to contain only security annotations)
      Returns:
      a set of entity-filtering scopes.
    • getRolesAllowedScope

      static String getRolesAllowedScope(String role)
      Get entity-filtering scope for RolesAlloweds role.
      Parameters:
      role - role to retrieve entity-filtering scope for.
      Returns:
      entity-filtering scope.
    • getProcessedRoles

      static Set<String> getProcessedRoles()
      Get authorization roles that has been derived from examining entity classes.
      Returns:
      already processed authorization roles.