Helidon uses annotations like @RoleValidator.Roles({“my_admins”, “test”}) to do the authorization. I am wondering if there is a way to do authorization differently using configuration settings for paths, for example.
Basically, the question is. Is there a way to use configuration instead of annotation to authorize requests to particular endpoints?
If yes, would it be possible to get the SecurityContext like in a case of annotation? Example with multiple roles for one endpoint would be helpful
I am successfully using annotations but in some cases it is not convenient
You should be able to do what you want using configuration instead of annotations. It would look similar to what our documentation describes here: https://helidon.io/docs/latest/index.html#/se/guides/security-oidc#Restrict-access-to-a-specific-role
You might not even use the annotations given your use case.
You would define the user-to-roles mapping however makes sense for you (Helidon config would work as would some other provider) and then use Helidon config to set up each endpoint's
roles-allowedsetting as needed.As you are using Helidon MP, you could for example add something like this to your
META-INF/microprofile-config.propertiesfile:(These particular settings are drawn from Helidon's MP QuickStart example but you get the idea.)