PolymorphicSecurityValidator should support more use cases #80
Description
Currently PolymorphicSecurityValidator only supports one use case: execute each validator in the list in list order and return without error as soon as the first validator is found that passes auth for the request.
It would be nice if PolymorphicSecurityValidator supported other use cases as well. For the purposes of this list, a "successful" validator means one that did not throw an exception, and a "failed" validator means one that threw an authorization exception. The use cases we might want to support are:
- First successful validator wins, and validators later in the list do not get executed (current behavior).
- First failed validator wins (causing an auth error to show to the caller), and validators later in the list do not get executed.
- Execute all validators no matter what, and if any validator was successful then consider the request to have passed auth.
- Execute all validators no matter what, and if any validator failed then consider the request to have failed auth.
This might be accomplished with some kind of strategy enum that you can choose from when creating PolymorphicSecurityValidator. We may also want to have the strategy be an interface (with an enum that implements the interface and provides the supported default use cases) so you can provide your own impl if the above use cases do not cover what you need.