RolesAuthorizationFilter (Apache Shiro 1.2.4 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.shiro.web.filter.authz
Class RolesAuthorizationFilter

java.lang.Object
  org.apache.shiro.web.servlet.ServletContextSupport
      org.apache.shiro.web.servlet.AbstractFilter
          org.apache.shiro.web.servlet.NameableFilter
              org.apache.shiro.web.servlet.OncePerRequestFilter
                  org.apache.shiro.web.servlet.AdviceFilter
                      org.apache.shiro.web.filter.PathMatchingFilter
                          org.apache.shiro.web.filter.AccessControlFilter
                              org.apache.shiro.web.filter.authz.AuthorizationFilter
                                  org.apache.shiro.web.filter.authz.RolesAuthorizationFilter

All Implemented Interfaces:: Filter, Nameable, PathConfigProcessor

public class RolesAuthorizationFilter
extends AuthorizationFilter
extends AuthorizationFilter

Filter that allows access if the current user has the roles specified by the mapped value, or denies access if the user does not have all of the roles specified.

Since:: 0.9

Field Summary

Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter
`DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD`

Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter
`appliedPaths, pathMatcher`

Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
`ALREADY_FILTERED_SUFFIX`

Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
`filterConfig`

Constructor Summary
`RolesAuthorizationFilter()`

Method Summary
`boolean`	`isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)` Returns `true` if the request is allowed to proceed through the filter normally, or `false` if the request should be handled by the `onAccessDenied(request,response,mappedValue)` method instead.

Methods inherited from class org.apache.shiro.web.filter.authz.AuthorizationFilter
`getUnauthorizedUrl, onAccessDenied, setUnauthorizedUrl`

Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter
`getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl`

Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter
`getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig`

Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
`afterCompletion, cleanup, doFilterInternal, executeChain, postHandle`

Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
`doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter`

Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
`getName, setName, toStringBuilder`

Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
`destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig`

Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
`getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Constructor Detail

RolesAuthorizationFilter

public RolesAuthorizationFilter()

Method Detail

isAccessAllowed

public boolean isAccessAllowed(ServletRequest request,
                               ServletResponse response,
                               Object mappedValue)
                        throws IOException

Description copied from class: AccessControlFilter

Returns true if the request is allowed to proceed through the filter normally, or false if the request should be handled by the onAccessDenied(request,response,mappedValue) method instead.

Specified by:: isAccessAllowed in class AccessControlFilter

Parameters:: request - the incoming ServletRequest; response - the outgoing ServletResponse; mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
Returns:: true if the request should proceed through the filter normally, false if the request should be processed by this filter's AccessControlFilter.onAccessDenied(ServletRequest,ServletResponse,Object) method instead.
Throws:: IOException