Matchers: (v6.1)
1) Definition
pac4j provides a security model and engine (specific behaviours). The “security filter” is in charge of protecting url, requesting authentication and optionally authorization.
In some cases, you may want to bypass this “security filter” and this can be done using the matchers parameter which is generally a list of matcher names. A matcher is generally defined in the security configuration.
2) Implementation
A matcher can be defined by implementing the Matcher
interface. It has only one method: boolean matches(WebContext context)
to say if the “security filter” must be applied.
A few default matchers are available (but you can of course develop yours):
-
the
PathMatcher
allows you to exclude some paths from the security checks -
the
HeaderMatcher
allows you to check if a given header isnull
or matches a regular expression -
the
HttpMethodMatcher
allows you to check if the method of the HTTP request is one of the expected defined methods.