Package com.vaadin.browserless

Interface SecurityContextHandler<C>

All Known Implementing Classes:
QuarkusSecurityContextHandler, SpringSecurityContextHandler
public interface SecurityContextHandler<C>
Abstracts per-user security context management for multi-user testing.

Framework modules (Spring, Quarkus) provide implementations that bridge their security infrastructure (e.g. Spring's SecurityContextHolder, Quarkus's CurrentIdentityAssociation) with the browserless multi-user context hierarchy.

Implementations must be thread-safe with respect to the thread-local security state they manage.

See Also:

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    clearContext()
    Clears the security context from the current thread.
    default C
    createCredentials(String username, String... roles)
    Builds framework-specific credentials for the given username and roles.
    void
    restoreContext(Object snapshot)
    Restores a previously saved security context snapshot onto the current thread.
    Object
    saveContext()
    Captures the current thread's security context as an opaque snapshot.
    void
    setupAuthentication(C credentials)
    Sets up authentication for a new user from the given credentials.

  • Method Details

    • setupAuthentication

      void setupAuthentication(C credentials)
      Sets up authentication for a new user from the given credentials.

      The type parameter C is determined by the framework implementation. For example, Spring uses org.springframework.security.core.Authentication and Quarkus uses io.quarkus.security.identity.SecurityIdentity.

      Implementations must accept null credentials and produce an anonymous-equivalent state — e.g. Spring sets an AnonymousAuthenticationToken, mirroring @WithAnonymousUser. clearContext() is invoked immediately before this method so that earlier state cannot leak through.

      Parameters:
      credentials - framework-specific credentials object, or null for an anonymous user

    • saveContext

      Object saveContext()
      Captures the current thread's security context as an opaque snapshot.

      Called automatically when switching away from a user context to preserve its security state.

      Returns:
      an opaque snapshot of the current security context, or null if no security context is active

    • restoreContext

      void restoreContext(Object snapshot)
      Restores a previously saved security context snapshot onto the current thread.
      Parameters:
      snapshot - a snapshot previously returned by saveContext(), or null to clear the context

    • clearContext

      void clearContext()
      Clears the security context from the current thread.

    • createCredentials

      default C createCredentials(String username, String... roles)
      Builds framework-specific credentials for the given username and roles.

      Used by SecuredBrowserlessApplicationContext.newUser(String, String...) so tests can authenticate a user without writing the framework-specific boilerplate. Spring's implementation produces a UsernamePasswordAuthenticationToken carrying a User principal (mirroring @WithMockUser); Quarkus's implementation produces a QuarkusSecurityIdentity.

      The default implementation throws UnsupportedOperationException — handlers that don't have a natural mapping from username + roles to C can simply leave it unimplemented; callers must then use newUser(C credentials) directly.

      Parameters:
      username - the username
      roles - the roles for the user; never null, may be empty
      Returns:
      the credentials, never null