Annotation Interface Acl


@Target({TYPE,METHOD}) @Retention(RUNTIME) @Documented public @interface Acl
Defines ACL configuration for a resource.
  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static enum 
     
    static @interface 
    A principal matcher that can be used in an ACL.
    static enum 
    This enum contains principal matchers that don't have any configuration, such as a name, associated with them, for ease of reference in annotations.
  • Optional Element Summary

    Optional Elements
    Modifier and Type
    Optional Element
    Description
    Principals that are allowed to access this resource.
    After matching an allow rule, an incoming request that has at least one principal that matches a deny rule will be denied.
    The status code to respond with when access is denied.
    boolean
    If true, indicates that the denyCode should be inherited from the parent.
  • Element Details

    • allow

      Acl.Matcher[] allow
      Principals that are allowed to access this resource. An incoming request must have at least one principal associated with it in this list to be allowed.
      Default:
      {}
    • deny

      Acl.Matcher[] deny
      After matching an allow rule, an incoming request that has at least one principal that matches a deny rule will be denied.
      Default:
      {}
    • denyCode

      The status code to respond with when access is denied.

      By default, this will be 'Forbidden', but alternatives might include 'Authentication required' or 'Not Found'.

      Default:
      FORBIDDEN
    • inheritDenyCode

      boolean inheritDenyCode
      If true, indicates that the denyCode should be inherited from the parent. If set to true in the top most parent - like the Main class - then it will be equivalent to set denyCode to 'FORBIDDEN'
      Default:
      false