Package io.dropwizard.auth
Class CachingAuthorizer<P extends Principal>
java.lang.Object
io.dropwizard.auth.CachingAuthorizer<P>
- Type Parameters:
P
- the type of principals on which the authorizer operates
- All Implemented Interfaces:
Authorizer<P>
An
Authorizer
decorator which uses a Caffeine
cache to
temporarily cache principals' role associations.
Cache entries include both inclusion and exclusion of a principal within a given role.
-
Constructor Summary
ConstructorDescriptionCachingAuthorizer
(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.github.benmanes.caffeine.cache.Caffeine<Object, Object> builder) Creates a new cached authorizer.CachingAuthorizer
(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.github.benmanes.caffeine.cache.Caffeine<Object, Object> builder, Supplier<com.github.benmanes.caffeine.cache.stats.StatsCounter> supplier) Creates a new cached authorizer.CachingAuthorizer
(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.github.benmanes.caffeine.cache.CaffeineSpec cacheSpec) Creates a new cached authorizer. -
Method Summary
Modifier and TypeMethodDescriptionboolean
authorize
(P principal, String role, @Nullable jakarta.ws.rs.container.ContainerRequestContext requestContext) Decides if access is granted for the given principal in the given role.getAuthorizationContext
(P principal, String role, @Nullable jakarta.ws.rs.container.ContainerRequestContext requestContext) Returns anAuthorizationContext
object, to be used inCachingAuthorizer
as cache key.void
invalidate
(P principal) Discards any cached role associations for the given principal.void
invalidate
(P principal, String role, jakarta.ws.rs.container.ContainerRequestContext requestContext) Discards any cached role associations for the given principal and role.void
Discards all cached role associations.void
invalidateAll
(Iterable<P> principals) Discards any cached role associations for the given collection of principals.void
invalidateAll
(Predicate<? super P> predicate) Discards any cached role associations for principals satisfying the given predicate.long
size()
Returns the number of principals for which there are cached role associations.com.github.benmanes.caffeine.cache.stats.CacheStats
stats()
Returns a set of statistics about the cache contents and usage.
-
Constructor Details
-
CachingAuthorizer
public CachingAuthorizer(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.github.benmanes.caffeine.cache.CaffeineSpec cacheSpec) Creates a new cached authorizer.- Parameters:
metricRegistry
- the application's registry of metricsauthorizer
- the underlying authorizercacheSpec
-CaffeineSpec
-
CachingAuthorizer
public CachingAuthorizer(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.github.benmanes.caffeine.cache.Caffeine<Object, Object> builder) Creates a new cached authorizer.- Parameters:
metricRegistry
- the application's registry of metricsauthorizer
- the underlying authorizerbuilder
- aCaffeineSpec
-
CachingAuthorizer
public CachingAuthorizer(com.codahale.metrics.MetricRegistry metricRegistry, Authorizer<P> authorizer, com.github.benmanes.caffeine.cache.Caffeine<Object, Object> builder, Supplier<com.github.benmanes.caffeine.cache.stats.StatsCounter> supplier) Creates a new cached authorizer.- Parameters:
metricRegistry
- the application's registry of metricsauthorizer
- the underlying authorizerbuilder
- aCaffeine
specsupplier
- aSupplier<com.github.benmanes.caffeine.cache.stats.StatsCounter>
-
-
Method Details
-
authorize
public boolean authorize(P principal, String role, @Nullable jakarta.ws.rs.container.ContainerRequestContext requestContext) Description copied from interface:Authorizer
Decides if access is granted for the given principal in the given role.- Specified by:
authorize
in interfaceAuthorizer<P extends Principal>
- Parameters:
principal
- aPrincipal
object, representing a userrole
- a user rolerequestContext
- a request context.- Returns:
true
, if the access is granted,false otherwise
-
getAuthorizationContext
public AuthorizationContext<P> getAuthorizationContext(P principal, String role, @Nullable jakarta.ws.rs.container.ContainerRequestContext requestContext) Description copied from interface:Authorizer
Returns anAuthorizationContext
object, to be used inCachingAuthorizer
as cache key.- Specified by:
getAuthorizationContext
in interfaceAuthorizer<P extends Principal>
- Parameters:
principal
- aPrincipal
object, representing a userrole
- a user rolerequestContext
- a request context.- Returns:
AuthorizationContext
object, to be used inCachingAuthorizer
.
-
invalidate
public void invalidate(P principal, String role, jakarta.ws.rs.container.ContainerRequestContext requestContext) Discards any cached role associations for the given principal and role.- Parameters:
principal
-role
-requestContext
-
-
invalidate
Discards any cached role associations for the given principal.- Parameters:
principal
-
-
invalidateAll
Discards any cached role associations for the given collection of principals.- Parameters:
principals
- a list of principals
-
invalidateAll
Discards any cached role associations for principals satisfying the given predicate.- Parameters:
predicate
- a predicate to filter credentials
-
invalidateAll
public void invalidateAll()Discards all cached role associations. -
size
public long size()Returns the number of principals for which there are cached role associations.- Returns:
- the number of cached principals
-
stats
public com.github.benmanes.caffeine.cache.stats.CacheStats stats()Returns a set of statistics about the cache contents and usage.- Returns:
- a set of statistics about the cache contents and usage
-