org.sdase.commons.starter.builder

Interface SecurityCustomizer<C extends io.dropwizard.Configuration>

All Known Subinterfaces:

OpenApiCustomizer.OpenApiFinalBuilder<C>, OpenApiCustomizer.OpenApiInitialBuilder<C>, PlatformBundleBuilder<C>

All Known Implementing Classes:

SdaPlatformBundle.InitialBuilder

public interface SecurityCustomizer<C extends io.dropwizard.Configuration>

Method Summary

Modifier and Type	Method and Description
PlatformBundleBuilder<C>	disableBufferLimitValidationSecurityFeature() Switches from suppressing the application start to a warn logging for violated buffer limits.
PlatformBundleBuilder<C>	withFrontendSupport() If a service is configured with frontend support, the Content-Security-Policy header allows the same domain as source for scripts, images, styles and fonts.

Method Detail

disableBufferLimitValidationSecurityFeature

PlatformBundleBuilder<C> disableBufferLimitValidationSecurityFeature()

Switches from suppressing the application start to a warn logging for violated buffer limits. In rare cases an application might need to increase the default limits and therefore has to disable strict validation. This option should be used with care.

Returns:

this builder instance

withFrontendSupport

PlatformBundleBuilder<C> withFrontendSupport()

If a service is configured with frontend support, the Content-Security-Policy header allows the same domain as source for scripts, images, styles and fonts. Otherwise, only API endpoints can be served and Content-Security-Policy does not allow any sources.

Returns:

this builder instance

See Also:

CSP header