Package org.apache.druid.server.security
package org.apache.druid.server.security
-
ClassDescriptionShould only be used in conjunction with AllowAllAuthorizer.Filters requests based on the HTTP method.Authenticates all requests and directs them to an authorizer.AuthConfig object is created via Jackson in production.Sets necessary request attributes for requests sent to endpoints that need authentication but no authorization.An AuthenticationResult contains information about a successfully authenticated request.Used to wrap Filters created by Authenticators, this wrapper filter skips itself if a request already has an authentication check (so that Authenticator implementations don't have to perform this check themselves)Represents the outcoming of performing authorization check on required resource accesses on a query or http requests.Static utility functions for performing authorization checks.An Authorizer is responsible for performing authorization checks for resource accesses.Utility functions to validate the an authorizer.This interface provides methods needed for escalating internal system requests with priveleged authentication credentials.Throw this when a request is unauthorized and we want to send a 403 response back, Jersey exception mapper will take care of sending the response.Filter that verifies that authorization checks were applied to an HTTP request, before sending a response.Set of built-in and 'registered'
Resourcetypes for use byAuthorizerThis extension point allows developers to replace the standard TLS certificate checks with custom checks.Authenticates requests coming from a specific domain and directs them to an authorizer.Sets necessary request attributes for requests sent to endpoints that don't need authentication or authorization checks.