input.resource.type | String | endpoint | A constant describing the type of resource being accessed. |
input.resource.id | String | Endpoint servlet path | |
input.action.name | String | GET, POST, PUT, PATCH, HEAD, OPTIONS, TRACE, or DELETE | HTTP request method |
input.action.protocol | String | HTTP protocol for request, e.g. HTTP 1.1 | |
input.action.headers.authorization | String | HTTP authorization header | Not guaranteed to be present. |
input.action.headers.accept | String | HTTP accept header | Not guaranteed to be present. |
input.action.headers["accept-encoding"] | String | HTTP accept-encoding header | Not guaranteed to be present. |
input.action.headers["accept-language"] | String | HTTP accept-language header | Not guaranteed to be present. |
input.action.headers.connection | String | HTTP connection header | Not guaranteed to be present. |
input.action.headers.cookie | String | HTTP cookie header | Not guaranteed to be present. |
input.action.headers.host | String | HTTP host header | Not guaranteed to be present. |
input.action.headers.referer | String | HTTP referer header | Not guaranteed to be present. |
input.action.headers["user-agent"] | String | HTTP user-agent header | Not guaranteed to be present. |
input.context.type | String | http | A constant describing the type of contextual information provided |
input.context.host | String | HTTP remote host of request | |
input.context.ip | String | HTTP remote IP of request | |
input.context.port | String | HTTP remote port for request | |
input.context.data | Map[String, Any] | | Optional supplemental data you can inject using a ContextDataProvider implementation |
input.subject.type | String | java_authentication | A constant describing the kind of subject being provided. |
input.subject.id | String | Spring authN principal | ID representing the subject being authorized. |
input.subject.details | String | Spring authN details | |
input.subject.authorities | String | Spring authN authorities | |