Class CompositeAuthorizationConfiguration

  • All Implemented Interfaces:
    AuthorizationConfiguration, SecurityConfiguration

    public class CompositeAuthorizationConfiguration
    extends CompositeConfiguration<AuthorizationConfiguration>
    implements AuthorizationConfiguration
    CompositeAuthorizationConfiguration that combines different authorization models. This implementation has the following characteristics:

    AccessControlManager

    • This method will return an aggregation of AccessControlManagers in case multiple AuthorizationConfigurations are present (see CompositeAccessControlManager).
    • If the composite only contains a single entry the AccessControlManager of this implementation is return without extra wrapping.
    • If the list of configurations is empty an IllegalStateException is thrown.

    PermissionProvider

    • This method will return an aggregation of PermissionProviders in case multiple AuthorizationConfigurations exposing an AggregatedPermissionProvider are present (see CompositePermissionProvider. Note however, that providers not implementing the AggregatedPermissionProvider extension will be ignored.
    • If the composite only contains a single entry the PermissionProvider of this implementation is return without extra wrapping.
    • If the list of configurations is empty an IllegalStateException is thrown.

    RestrictionProvider

    • This method will return an aggregation of RestrictionProviders in case multiple AuthorizationConfigurations are present (see CompositeRestrictionProvider).
    • If the composite only contains a single entry the RestrictionProvider of this implementation is return without extra wrapping.
    • If the list of configurations is empty RestrictionProvider.EMPTY is returned.