Package com.oorian.annotations

Annotation Interface RequiresRole

@Retention(RUNTIME) @Target(TYPE) @Inherited public @interface RequiresRole
Indicates that a page requires the user to have a specific role.

When applied to a page class, the Oorian framework will invoke the registered SecurityHandler to verify that the current user has the specified role. If the user lacks the role, the framework returns a 403 Forbidden response.

This annotation implies authentication — a RequiresAuth check is performed automatically before the role check.

Usage:


 @Page("/admin/users")
 @RequiresRole("ADMIN")
 public class UserManagementPage extends HtmlPage { }

Multiple Roles (any match):


 @Page("/reports")
 @RequiresRole({"ADMIN", "MANAGER"})
 public class ReportsPage extends HtmlPage { }
Since:
2.1
Version:
1.0
Author:
Marvin P. Warble Jr.
See Also:

  • Required Element Summary

    Required Elements
    Modifier and Type
    Required Element
    Description
    String[]
    value
    The role(s) required to access this page.

  • Element Details

    • value

      String[] value
      The role(s) required to access this page.

      If multiple roles are specified, the user must have at least one of them.

      Returns:
      the required role names