Package | Description |
---|---|
org.apache.shiro.authz |
Core interfaces and exceptions supporting Authorization (access control).
|
org.apache.shiro.authz.aop |
Contains AOP implementation support classes specifically used for authorization operations, particularly supporting
AOP Method Interceptors and JSR-175 metadata Annotations.
|
org.apache.shiro.mgt |
Provides the master
SecurityManager interface and a default implementation
hierarchy for managing all aspects of Shiro's functionality in an application. |
org.apache.shiro.realm |
Components and sub-packages used in supporting the core
Realm interface. |
org.apache.shiro.samples | |
org.apache.shiro.session.mgt |
SessionManager components supporting enterprise session management. |
org.apache.shiro.subject |
Components supporting the
Subject interface, the most important concept in
Shiro's API. |
org.apache.shiro.subject.support |
Concrete support implementations of most of the
org.apache.shiro.subject interfaces. |
org.apache.shiro.web.jaxrs | |
org.apache.shiro.web.session.mgt |
Modifier and Type | Class and Description |
---|---|
class |
HostUnauthorizedException
Thrown when a particular client (that is, host address) has not been enabled to access the system
or if the client has been enabled access but is not permitted to perform a particular operation
or access a particular resource.
|
class |
UnauthenticatedException
Exception thrown when attempting to execute an authorization action when a successful
authentication hasn't yet occurred.
|
class |
UnauthorizedException
Thrown to indicate a requested operation or access to a requested resource is not allowed.
|
Modifier and Type | Method and Description |
---|---|
void |
Authorizer.checkPermission(PrincipalCollection subjectPrincipal,
Permission permission)
Ensures a subject/user
Permission.implies(Permission) implies} the specified Permission. |
void |
ModularRealmAuthorizer.checkPermission(PrincipalCollection principals,
Permission permission)
If !
|
void |
Authorizer.checkPermission(PrincipalCollection subjectPrincipal,
String permission)
Ensures the corresponding Subject/user implies the specified permission String.
|
void |
ModularRealmAuthorizer.checkPermission(PrincipalCollection principals,
String permission)
If !
|
void |
Authorizer.checkPermissions(PrincipalCollection subjectPrincipal,
Collection<Permission> permissions)
Ensures the corresponding Subject/user
implies all of the
specified permission strings. |
void |
ModularRealmAuthorizer.checkPermissions(PrincipalCollection principals,
Collection<Permission> permissions)
If !
|
void |
Authorizer.checkPermissions(PrincipalCollection subjectPrincipal,
String... permissions)
Ensures the corresponding Subject/user
implies all of the
specified permission strings. |
void |
ModularRealmAuthorizer.checkPermissions(PrincipalCollection principals,
String... permissions)
If !
|
void |
Authorizer.checkRole(PrincipalCollection subjectPrincipal,
String roleIdentifier)
Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an
AuthorizationException if they do not. |
void |
ModularRealmAuthorizer.checkRole(PrincipalCollection principals,
String role)
If !
|
void |
Authorizer.checkRoles(PrincipalCollection subjectPrincipal,
Collection<String> roleIdentifiers)
Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or
throwing an
AuthorizationException if they do not. |
void |
ModularRealmAuthorizer.checkRoles(PrincipalCollection principals,
Collection<String> roles)
|
void |
Authorizer.checkRoles(PrincipalCollection subjectPrincipal,
String... roleIdentifiers)
Same as
checkRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers) but doesn't require a collection
as an argument. |
void |
ModularRealmAuthorizer.checkRoles(PrincipalCollection principals,
String... roles)
Calls
checkRole for each role specified. |
Modifier and Type | Method and Description |
---|---|
void |
RoleAnnotationHandler.assertAuthorized(Annotation a)
Ensures that the calling
Subject has the Annotation's specified roles, and if not, throws an
AuthorizingException indicating that access is denied. |
void |
GuestAnnotationHandler.assertAuthorized(Annotation a)
Ensures that the calling
Subject is NOT a user, that is, they do not
have an identity before continuing. |
void |
PermissionAnnotationHandler.assertAuthorized(Annotation a)
Ensures that the calling
Subject has the Annotation's specified permissions, and if not, throws an
AuthorizingException indicating access is denied. |
void |
UserAnnotationHandler.assertAuthorized(Annotation a)
Ensures that the calling
Subject is a user, that is, they are either
authenticated or remembered via remember
me services before allowing access, and if not, throws an
AuthorizingException indicating access is not allowed. |
abstract void |
AuthorizingAnnotationHandler.assertAuthorized(Annotation a)
Ensures the calling Subject is authorized to execute based on the directive(s) found in the given
annotation.
|
protected void |
AnnotationsAuthorizingMethodInterceptor.assertAuthorized(MethodInvocation methodInvocation)
Iterates over the internal
methodInterceptors collection, and for each one,
ensures that if the interceptor
supports
the invocation, that the interceptor
asserts
that the invocation is authorized to proceed. |
protected abstract void |
AuthorizingMethodInterceptor.assertAuthorized(MethodInvocation methodInvocation)
Asserts that the specified MethodInvocation is allowed to continue by performing any necessary authorization
(access control) checks first.
|
void |
AuthorizingAnnotationMethodInterceptor.assertAuthorized(MethodInvocation mi)
Ensures the calling Subject is authorized to execute the specified
MethodInvocation . |
Modifier and Type | Method and Description |
---|---|
void |
AuthorizingSecurityManager.checkPermission(PrincipalCollection principals,
Permission permission) |
void |
AuthorizingSecurityManager.checkPermission(PrincipalCollection principals,
String permission) |
void |
AuthorizingSecurityManager.checkPermissions(PrincipalCollection principals,
Collection<Permission> permissions) |
void |
AuthorizingSecurityManager.checkPermissions(PrincipalCollection principals,
String... permissions) |
void |
AuthorizingSecurityManager.checkRole(PrincipalCollection principals,
String role) |
void |
AuthorizingSecurityManager.checkRoles(PrincipalCollection principals,
Collection<String> roles) |
void |
AuthorizingSecurityManager.checkRoles(PrincipalCollection principals,
String... roles) |
Session |
SessionsSecurityManager.start(SessionContext context) |
Modifier and Type | Method and Description |
---|---|
void |
AuthorizingRealm.checkPermission(PrincipalCollection principal,
Permission permission) |
void |
AuthorizingRealm.checkPermission(PrincipalCollection subjectIdentifier,
String permission) |
void |
AuthorizingRealm.checkPermissions(PrincipalCollection principal,
Collection<Permission> permissions) |
void |
AuthorizingRealm.checkPermissions(PrincipalCollection subjectIdentifier,
String... permissions) |
void |
AuthorizingRealm.checkRole(PrincipalCollection principal,
String role) |
void |
AuthorizingRealm.checkRoles(PrincipalCollection principal,
Collection<String> roles) |
void |
AuthorizingRealm.checkRoles(PrincipalCollection principal,
String... roles) |
Modifier and Type | Method and Description |
---|---|
String |
WebApp.handleException(AuthorizationException e,
org.springframework.ui.Model model) |
Modifier and Type | Method and Description |
---|---|
protected Session |
AbstractValidatingSessionManager.createSession(SessionContext context) |
protected abstract Session |
AbstractNativeSessionManager.createSession(SessionContext context)
Creates a new
Session Session instance based on the specified (possibly null )
initialization data. |
protected abstract Session |
AbstractValidatingSessionManager.doCreateSession(SessionContext initData) |
Modifier and Type | Method and Description |
---|---|
void |
Subject.checkPermission(Permission permission)
Ensures this Subject
implies the specified Permission . |
void |
Subject.checkPermission(String permission)
Ensures this Subject implies the specified permission String.
|
void |
Subject.checkPermissions(Collection<Permission> permissions)
Ensures this Subject
implies all of the
specified permission strings. |
void |
Subject.checkPermissions(String... permissions)
Ensures this Subject
implies all of the
specified permission strings. |
void |
Subject.checkRole(String roleIdentifier)
Asserts this Subject has the specified role by returning quietly if they do or throwing an
AuthorizationException if they do not. |
void |
Subject.checkRoles(Collection<String> roleIdentifiers)
Asserts this Subject has all of the specified roles by returning quietly if they do or throwing an
AuthorizationException if they do not. |
void |
Subject.checkRoles(String... roleIdentifiers)
Same as
checkRoles(Collection but
doesn't require a collection as a an argument. |
Modifier and Type | Method and Description |
---|---|
protected void |
DelegatingSubject.assertAuthzCheckPossible() |
void |
DelegatingSubject.checkPermission(Permission permission) |
void |
DelegatingSubject.checkPermission(String permission) |
void |
DelegatingSubject.checkPermissions(Collection<Permission> permissions) |
void |
DelegatingSubject.checkPermissions(String... permissions) |
void |
DelegatingSubject.checkRole(String role) |
void |
DelegatingSubject.checkRoles(Collection<String> roles) |
void |
DelegatingSubject.checkRoles(String... roleIdentifiers) |
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
ExceptionMapper.toResponse(AuthorizationException exception) |
Modifier and Type | Method and Description |
---|---|
protected Session |
ServletContainerSessionManager.createSession(SessionContext sessionContext) |
Session |
ServletContainerSessionManager.start(SessionContext context) |
Copyright © 2004–2019 The Apache Software Foundation. All rights reserved.