Package io.quarkus.vertx.http.runtime

Class PolicyConfig

java.lang.Object
io.quarkus.vertx.http.runtime.PolicyConfig
public class PolicyConfig extends Object

  • Field Details

    • rolesAllowed

      @ConfigItem(defaultValue="**") @ConvertWith(io.quarkus.runtime.configuration.TrimmedStringConverter.class) public List<String> rolesAllowed
      The roles that are allowed to access resources protected by this policy. By default, access is allowed to any authenticated user.

    • roles

      @ConfigDocMapKey("role1") @ConfigItem public Map<String,List<String>> roles
      Add roles granted to the `SecurityIdentity` based on the roles that the `SecurityIdentity` already have. For example, the Quarkus OIDC extension can map roles from the verified JWT access token, and you may want to remap them to a deployment specific roles.

    • permissions

      @ConfigDocMapKey("role1") @ConfigItem public Map<String,List<String>> permissions
      Permissions granted to the `SecurityIdentity` if this policy is applied successfully (the policy allows request to proceed) and the authenticated request has required role. For example, you can map permission `perm1` with actions `action1` and `action2` to role `admin` by setting `quarkus.http.auth.policy.role-policy1.permissions.admin=perm1:action1,perm1:action2` configuration property. Granted permissions are used for authorization with the `@PermissionsAllowed` annotation.

    • permissionClass

      @ConfigItem(defaultValue="io.quarkus.security.StringPermission") public String permissionClass
      Permissions granted by this policy will be created with a `java.security.Permission` implementation specified by this configuration property. The permission class must declare exactly one constructor that accepts permission name (`String`) or permission name and actions (`String`, `String[]`). Permission class must be registered for reflection if you run your application in a native mode.

  • Constructor Details

    • PolicyConfig

      public PolicyConfig()