Package com.vaadin.browserless

Class SecuredBrowserlessApplicationContext<C>

java.lang.Object

com.vaadin.browserless.BrowserlessApplicationContext

com.vaadin.browserless.SecuredBrowserlessApplicationContext<C>

Type Parameters:

C - the credentials type accepted by newUser(Object), as defined by the configured SecurityContextHandler

All Implemented Interfaces:

AutoCloseable

public class SecuredBrowserlessApplicationContext<C>
extends BrowserlessApplicationContext

Credential-aware application context.

Extends BrowserlessApplicationContext with a configured, non-null SecurityContextHandler and credential-typed newUser(...) overloads for installing per-user security state. Build instances via a BrowserlessApplicationContext.Builder configured with BrowserlessApplicationContext.Builder.withSecurityContextHandler(SecurityContextHandler), which transitions to SecuredBrowserlessApplicationContext.Builder and produces this typed context.

All thread-affinity and lifecycle guarantees of the base BrowserlessApplicationContext apply unchanged.

See Also:

• BrowserlessApplicationContext
• SecurityContextHandler

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	SecuredBrowserlessApplicationContext.Builder<C>	Builder for SecuredBrowserlessApplicationContext.

Method Summary

Modifier and Type	Method	Description
BrowserlessUserContext	newUser(C credentials)	Creates a new user context with the given credentials.
BrowserlessUserContext	newUser(String username, String... roles)	Creates a new user context for the given username and roles.

Methods inherited from class com.vaadin.browserless.BrowserlessApplicationContext

close, create, create, create, createSecured, newUser

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

newUser

public BrowserlessUserContext newUser(C credentials)

Creates a new user context with the given credentials.

The security context for this user is first cleared, then the credentials are passed to SecurityContextHandler.setupAuthentication() — including when credentials is null, so that the handler can install its anonymous-equivalent state. The resulting security state is captured as this user's initial snapshot and is automatically restored whenever one of this user's windows is activated.

Parameters:

credentials - framework-specific credentials, or null for an anonymous user

Returns:

the new user context

Throws:

IllegalStateException - if this context has been closed

newUser

public BrowserlessUserContext newUser(String username,
 String... roles)

Creates a new user context for the given username and roles.

Delegates to SecurityContextHandler.createCredentials(String, String...) on the configured handler, then to newUser(Object). Spring and Quarkus handlers ship with overrides that mirror the conventions of @WithMockUser / Quarkus security identity construction; custom handlers must override createCredentials to opt into this helper.

Parameters:

username - the username

roles - the roles for the user; may be empty

Returns:

the new user context

Throws:

IllegalStateException - if this context has been closed

UnsupportedOperationException - if the configured handler doesn't override SecurityContextHandler.createCredentials(String, String...)