Interface | Description |
---|---|
SecurityContext |
The SecurityContext provides an access point for programmatic security; an injectable type that is intended to be
used by application code to query and interact with Jakarta Security.
|
Class | Description |
---|---|
CallerPrincipal |
Principal that represents the caller principal associated with the invocation being
processed by the container (e.g.
|
Enum | Description |
---|---|
AuthenticationStatus |
The AuthenticationStatus is used as a return value by primarily
the
HttpAuthenticationMechanism to indicate the result (status)
of the authentication process. |
Exception | Description |
---|---|
AuthenticationException |
A generic authentication exception.
|
Definition
, which, when used,
make CDI beans available. For completeness, this concerns the following annotations:
DatabaseIdentityStoreDefinition
LdapIdentityStoreDefinition
BasicAuthenticationMechanismDefinition
CustomFormAuthenticationMechanismDefinition
FormAuthenticationMechanismDefinition
String
on these annotations, as well as in the annotations referenced from them
(e.g. @{link jakarta.security.enterprise.authentication.mechanism.http.openid.OpenIdProviderMetadata}),
Jakarta Expression Language 3.0 expressions can
be used. All named CDI beans are available to that expression, as well as the default classes as specified by
Expression Language 3.0 for the ELProcessor
.
Expressions can be either immediate (${}
syntax), or deferred (#{}
syntax). Immediate
expressions are evaluated once when the bean instance corresponding to the "...Definition" annotation is actually
created. Since such beans are application scoped, that means once for the entire application. Deferred expressions
are evaluated in each request where the security runtime needs to use the value of these attributes.
Attributes that are documented as being Expression Language alternatives to non-String
type attributes
(attributes for which the name ends with Expression
, hereafter called Expression alternative attribute) MUST
evaluate to the same type as the attribute they are an alternative to. If the Expression alternative attribute has a non
empty value, it takes precedence over the attribute which it is an alternative to.
The Expression alternative attribute MUST contain a valid Expression Language expression. Attributes of type string that are not Expression alternative attributes can contain either an expression or a string value that is not an expression.
Expression Language is supported for these annotations as well, but in a slightly different way. See the javadoc of both these annotations for how the expression language support differs.