Package io.quarkus.test.security

Annotation Interface TestSecurity

@Retention(RUNTIME) @Target({TYPE,METHOD}) @Inherited public @interface TestSecurity

  • Optional Element Summary

    Optional Elements
    Modifier and Type
    Optional Element
    Description
    SecurityAttribute[]
    attributes
    Adds attributes to a SecurityIdentity configured by this annotation.
    Class<? extends io.quarkus.security.identity.SecurityIdentityAugmentor>[]
    augmentors
    Specify SecurityIdentityAugmentor CDI beans that should augment SecurityIdentity created with this annotation.
    String
    authMechanism
    Selects authentication mechanism used in a path-based authentication.
    boolean
    authorizationEnabled
    If this is false then all security constraints are disabled.
    String[]
    permissions
    Used in combination with user() to specify permissions possessed by the SecurityIdentity.
    String[]
    roles
    Used in combination with user() to specify the users roles.
    String
    user
    If this is non-zero then the test will be run with a SecurityIdentity with the specified username.

  • Element Details

    • authorizationEnabled

      boolean authorizationEnabled
      If this is false then all security constraints are disabled.
      Default:
      true

    • user

      String user
      If this is non-zero then the test will be run with a SecurityIdentity with the specified username.
      Default:
      ""

    • roles

      String[] roles
      Used in combination with user() to specify the users roles.
      Default:
      {}

    • permissions

      String[] permissions
      Used in combination with user() to specify permissions possessed by the SecurityIdentity. Accepted format corresponds to the PermissionsAllowed.value() annotation attribute. That is, permission is separated from actions with PermissionsAllowed.PERMISSION_TO_ACTION_SEPARATOR. For example, value see:detail gives permission to see action detail. All permissions are added as StringPermission. PermissionChecker methods always authorize matched PermissionsAllowed.value() permissions. This annotation attribute cannot grant access to permissions granted by the checker methods.
      Default:
      {}

    • augmentors

      Class<? extends io.quarkus.security.identity.SecurityIdentityAugmentor>[] augmentors
      Specify SecurityIdentityAugmentor CDI beans that should augment SecurityIdentity created with this annotation. By default, no identity augmentors are applied. Use this option if you need to test custom PermissionsAllowed.permission() added with the identity augmentors.
      Default:
      {}

    • attributes

      SecurityAttribute[] attributes
      Adds attributes to a SecurityIdentity configured by this annotation. The attributes can be retrieved by the SecurityIdentity.getAttributes() method.
      Default:
      {}

    • authMechanism

      String authMechanism
      Selects authentication mechanism used in a path-based authentication. If an HTTP Security Policy is used to enable path-based authentication, then a SecurityIdentity will only be provided by this annotation if this attribute matches the 'quarkus.http.auth.permission."permissions".auth-mechanism' configuration property. Situation is similar when annotations are used to enable path-based authentication for Jakarta REST endpoints. For example, set this attribute to 'basic' if an HTTP request to Jakarta REST endpoint annotated with the BasicAuthentication should be successfully authenticated.
      Default:
      ""