public abstract class AbstractSecurityRule extends Object implements SecurityRule
SecurityRuleclass to extend from that provides helper methods to get the roles from the claims and compare them to the roles allowed by the rule.
DENY_ALL, IS_ANONYMOUS, IS_AUTHENTICATED
|Modifier and Type||Method and Description|
Compares the given roles to determine if the request is allowed by comparing if any of the granted roles is in the required roles list.
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
SecurityRule.IS_ANONYMOUSif not authenticated. If the claims contain one or more roles,
SecurityRule.IS_AUTHENTICATEDis appended to the list.
claims- The claims of the token, null if not authenticated
protected SecurityRuleResult compareRoles(List<String> requiredRoles, List<String> grantedRoles)