<< Go Back to PicketBox Overview
Here we describe the various security annotations available as part of PicketBox.
@SecurityDomain Annotation
Fully Qualified Name: org.jboss.security.annotation.SecurityDomain
It contains:
- value: a name indicating the security domain.
@Authentication Annotation
Fully Qualified Name: org.jboss.security.annotation.Authentication
It contains:
- modules: an array of @Module annotations. This is not optional.
@Authentication(modules={@Module(code = UsersRolesLoginModule.class, options = {@ModuleOption})})
public class AuthenticationAnnotatedPOJO
{
}
@Authorization Annotation
Fully Qualified Name: org.jboss.security.annotation.Authorization
It contains:
- modules: an array of @Module annotations. This is not optional.
@Authentication(modules={@Module(code = UsersRolesLoginModule.class, options = {@ModuleOption})})
@Authorization(modules ={@Module(code = PicketBoxAuthorizationModule.class, options =
{@ModuleOption(key="roles",value="validuser")})})
public class AuthAuthorizationAnnotatedPOJO
{
}
@SecurityMapping Annotation
Fully Qualified Name: org.jboss.security.annotation.SecurityMapping
It contains:
- modules: an array of @Module annotations. This is not optional.
@Authentication(modules =
{@Module(code = UsersRolesLoginModule.class, options =
{@ModuleOption})})
@SecurityMapping(modules =
{@Module(code = OptionsRoleMappingProvider.class, type="role", options =
{@ModuleOption(key="rolesMap",value="validuser=AuthorizedUser,InternalUser", valueType=VALUE_TYPE.JAVA_PROPERTIES),
@ModuleOption(key="replaceRoles", value="false")})})
public class AuthPlusMappingAnnotatedPOJO
{
}
@SecurityAudit Annotation
Fully Qualified Name: org.jboss.security.annotation.SecurityMapping
It contains:
- modules: an array of @Module annotations. This is not optional.
@SecurityDomain(value="role-mapping-test")
@SecurityAudit
public class SecurityMappingAnnotationRolePOJO
{
}
@Module Annotation
Fully Qualified Name: org.jboss.security.annotation.Module
It contains:
- code : the class of the module (Eg: UsersRolesLoginModule.class) This represents the JAAS login module for @Authentication, Policy Module for @Authorization, Mapping provider for @SecurityMapping and Audit Provider for @Audit
- flag : one of (REQUIRED,REQUISITE,SUFFICIENT,OPTIONAL). Default, REQUIRED is assumed. This is the behavior defined in the JAAS configuration for login modules. (Optional)
- type: an additional type value provided (mainly, for mapping modules). Default: "" (Optional)
- options: an array of @ModuleOption annotations
@ModuleOption Annotation
Fully Qualified Name: org.jboss.security.annotation.ModuleOption
It contains:
- key : key of the option being passed to the module
- value : value of the options being passed to the module
- valueType : whether the value is a regular string or assumed as a Java properties. Default is plain string.
@SecurityConfig Annotation
Fully Qualified Name: org.jboss.security.annotation.ModuleOption
It contains:
- fileName: name of the xml config file that defines the security domain configuration
<< Go Back to PicketBox Overview