Acl

@Target({TYPE,METHOD}) @Retention(RUNTIME) @Documented public @interface Acl

Defines ACL configuration for a resource.

Nested Class Summary

Nested Classes

Modifier and Type

Class

Description

static enum

Acl.DenyStatusCode

static @interface

Acl.Matcher

A principal matcher that can be used in an ACL.

static enum

Acl.Principal

This enum contains principal matchers that don't have any configuration, such as a name, associated with them, for ease of reference in annotations.
Optional Element Summary

Optional Elements

Modifier and Type

Optional Element

Description

Acl.Matcher[]

allow

Principals that are allowed to access this resource.

Acl.Matcher[]

deny

After matching an allow rule, an incoming request that has at least one principal that matches a deny rule will be denied.

Acl.DenyStatusCode

denyCode

The status code to respond with when access is denied.

boolean

inheritDenyCode

If true, indicates that the denyCode should be inherited from the parent.

Element Details
- allow
  
  Acl.Matcher[] allow
  
  Principals that are allowed to access this resource. An incoming request must have at least one principal associated with it in this list to be allowed.
  
  Default:
  
  {}
- deny
  
  Acl.Matcher[] deny
  
  After matching an allow rule, an incoming request that has at least one principal that matches a deny rule will be denied.
  
  Default:
  
  {}
- denyCode
  
  Acl.DenyStatusCode denyCode
  
  The status code to respond with when access is denied.
  By default, this will be 'Forbidden', but alternatives might include 'Authentication required' or 'Not Found'.
  
  Default:
  
  FORBIDDEN
- inheritDenyCode
  
  boolean inheritDenyCode
  
  If true, indicates that the denyCode should be inherited from the parent. If set to true in the top most parent - like the Main class - then it will be equivalent to set denyCode to 'FORBIDDEN'
  
  Default:
  
  false