Product SiteDocumentation Site

12.4. Authorization

PicketLink supports different authorization methods for paths, they are:
  • RBAC, Role-Based Access Control
  • GBAC, Group-Based Access Control
  • Realm-Based Access Control
  • Expression Language
  • Write Your Authorization Method
When you configure the authorization policies to a specific path you just need to provide any of the available options available from the authorizeWith() method provided by the HttpSecurityBuilder.
httpBuilder
    .forPath("/admin/*")
        .authorizeWith()
            .role("Administrator")
In the next sections we'll cover each of them in more details.

12.4.1. Role-Based Authorization

This method allows you to perform authorization based on the roles granted for your users. Access is granted only if they were granted with a specific set of roles.
To configure this method of authorization for a specific path just do:
httpBuilder
    .forPath("/admin/*")
        .authorizeWith()
            .role("Administrator");
Here, the role method expects one or more role names.