authorization

Type Members

1. case class AccessListAuthorizer(_principals: Iterable[Principal]) extends Authorizer with ResponseBuilder with Product with Serializable

   

2. trait AuthorizationSupport extends AnyRef

   

3. trait Authorizer extends AnyRef

   

   An Authorizer is responsible for determining if a given user is able to perform the requested action (in this case process the requested URL).

   An Authorizer is responsible for determining if a given user is able to perform the requested action (in this case process the requested URL).

   The Authorizer is passed the current request. The authorizer can inspect the Principal object if an AuthenciationStrategy was invoked prior. Alternatively, it may determine authorization based on some request-level criteria, such as ip address.

   If the request is authorized then the Authorizer should continue the request pipeline. If the request is not authorized then the Authorizer would normally return an appropriate response, although it can choose to do anything it wishes.

   How the Authorizer determines access is dependent on the implementation.

   For example, the AccessListAuthorizer authorizes requests based on a given list of Principals. If the principals list does not contain the given Principal then a 403 is returned.

   An AllAccessAuthorizer authorizes all requests. This is useful when you have site wide authorization but wish to enable public access to a certain endpoint.

   Usually you will want to implement a custom Authorizer, which may check a user for a role, or some similar mechanism. To implement a custom Authorizer, extend from Authorizer implementing the authorization check.

4. case class Role(name: String) extends Product with Serializable

   

5. case class RoleAuthorizer(roles: Role*) extends Authorizer with ResponseBuilder with Product with Serializable