A B C D E F G H I J K L M N O P Q R S T U V W
All Classes All Packages
All Classes All Packages
A
- AbstractAuthenticationStrategy - Class in org.apache.shiro.authc.pam
-
Abstract base implementation for Shiro's concrete
AuthenticationStrategy
implementations. - AbstractAuthenticationStrategy() - Constructor for class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
- AbstractAuthenticator - Class in org.apache.shiro.authc
-
Superclass for almost all
Authenticator
implementations that performs the common work around authentication attempts. - AbstractAuthenticator() - Constructor for class org.apache.shiro.authc.AbstractAuthenticator
-
Default no-argument constructor.
- AbstractFactory<T> - Class in org.apache.shiro.util
-
TODO - Class JavaDoc
- AbstractFactory() - Constructor for class org.apache.shiro.util.AbstractFactory
- AbstractLdapRealm - Class in org.apache.shiro.realm.ldap
-
A
Realm
that authenticates with an LDAP server to build the Subject for a user. - AbstractLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.AbstractLdapRealm
- AbstractNativeSessionManager - Class in org.apache.shiro.session.mgt
-
Abstract implementation supporting the
NativeSessionManager
interface, supportingSessionListener
s and application of theglobalSessionTimeout
. - AbstractNativeSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- AbstractRememberMeManager - Class in org.apache.shiro.mgt
-
Abstract implementation of the
RememberMeManager
interface that handlesserialization
andencryption
of the remembered user identity. - AbstractRememberMeManager() - Constructor for class org.apache.shiro.mgt.AbstractRememberMeManager
-
Default constructor that initializes a
DefaultSerializer
as theserializer
and anAesCipherService
as thecipherService
. - AbstractSessionDAO - Class in org.apache.shiro.session.mgt.eis
-
An abstract
SessionDAO
implementation that performs some sanity checks on session creation and reading and allows for pluggable Session ID generation strategies if desired. - AbstractSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Default no-arg constructor that defaults the
sessionIdGenerator
to be aJavaUuidSessionIdGenerator
. - AbstractSessionManager - Class in org.apache.shiro.session.mgt
-
Base abstract class of the
SessionManager
interface, enabling configuration of an application-wideglobalSessionTimeout
. - AbstractSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractSessionManager
- AbstractValidatingSessionManager - Class in org.apache.shiro.session.mgt
-
Default business-tier implementation of the
ValidatingSessionManager
interface. - AbstractValidatingSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- Account - Interface in org.apache.shiro.authc
-
An Account is a convenience interface that extends both
AuthenticationInfo
andAuthorizationInfo
and represents authentication and authorization for a single account in a single Realm. - AccountException - Exception in org.apache.shiro.authc
-
Exception thrown due to a problem with the account under which an authentication attempt is being executed.
- AccountException() - Constructor for exception org.apache.shiro.authc.AccountException
-
Creates a new AccountException.
- AccountException(String) - Constructor for exception org.apache.shiro.authc.AccountException
-
Constructs a new AccountException.
- AccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.AccountException
-
Constructs a new AccountException.
- AccountException(Throwable) - Constructor for exception org.apache.shiro.authc.AccountException
-
Constructs a new AccountException.
- accountExists(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- ACTIVE_SESSION_CACHE_NAME - Static variable in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
The default active sessions cache name, equal to
shiro-activeSessionCache
. - ActiveDirectoryRealm - Class in org.apache.shiro.realm.activedirectory
-
A
Realm
that authenticates with an active directory LDAP server to determine the roles for a particular user. - ActiveDirectoryRealm() - Constructor for class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- add(Object, String) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Adds the given principal to this collection.
- add(Object, String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- add(SimpleAccount) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- add(Permission) - Method in class org.apache.shiro.authz.SimpleRole
- add(SimpleRole) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- addAccount(String, String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- addAccount(String, String, String...) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- addAll(Collection<Permission>) - Method in class org.apache.shiro.authz.SimpleRole
- addAll(Collection, String) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Adds all of the principals in the given collection to this collection.
- addAll(Collection, String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- addAll(PrincipalCollection) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Adds all of the principals from the given principal collection to this collection.
- addAll(PrincipalCollection) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- addObjectPermission(Permission) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns an object-based permission directly to this Account (not any of its realms).
- addObjectPermission(Permission) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) a permission to those directly associated with the account.
- addObjectPermissions(Collection<Permission>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns one or more object-based permissions directly to this Account (not any of its realms).
- addObjectPermissions(Collection<Permission>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) multiple permissions to those associated directly with the account.
- addRole(String) - Method in class org.apache.shiro.authc.SimpleAccount
-
Adds a role to this Account's set of assigned roles.
- addRole(String) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) a role to those associated with the account.
- addRole(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- addRole(Collection<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Adds one or more roles to this Account's set of assigned roles.
- addRoles(Collection<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) multiple roles to those associated with the account.
- addStringPermission(String) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns a String-based permission directly to this Account (not to any of its realms).
- addStringPermission(String) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) a permission to those directly associated with the account.
- addStringPermissions(Collection<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns one or more string-based permissions directly to this Account (not to any of its realms).
- addStringPermissions(Collection<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) multiple permissions to those associated directly with the account.
- afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Simply returns the
aggregate
argument without modification. - afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy
-
Ensures that the
aggregate
method argument is notnull
andaggregate.
is notgetPrincipals()
null
, and if either isnull
, throws an AuthenticationException to indicate that none of the realms authenticated successfully. - afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator signifying that all of its configured Realms have been consulted for account data, allowing post-processing after all realms have completed.
- afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Base implementation that will aggregate the specified
singleRealmInfo
into theaggregateInfo
and then returns the aggregate. - afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in class org.apache.shiro.authc.pam.AllSuccessfulStrategy
-
Merges the specified
info
into theaggregate
argument and returns it (just as the parent implementation does), but additionally ensures the following: if theThrowable
argument is notnull
, re-throws it to immediately cancel the authentication process, since this strategy requires all realms to authenticate successfully. neither theinfo
oraggregate
argument isnull
to ensure that each realm did in fact authenticate successfully - afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator just after the given realm has been consulted for authentication, allowing post-authentication-attempt logic for that realm only.
- afterCacheManagerSet() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Template callback to notify subclasses that a
CacheManager
has been set and is available for use via thegetCacheManager()
method. - afterCacheManagerSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Simply calls
applyCacheManagerToRealms()
to allow the newly setCacheManager
to be propagated to the internal collection ofRealm
that would need to use it. - afterCacheManagerSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Calls
super.afterCacheManagerSet()
and then immediately callsapplyCacheManagerToSessionManager()
to ensure theCacheManager
is applied to the SessionManager as necessary. - afterCacheManagerSet() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
This implementation attempts to acquire an authentication cache if one is not already configured.
- afterCacheManagerSet() - Method in class org.apache.shiro.realm.AuthorizingRealm
- afterCacheManagerSet() - Method in class org.apache.shiro.realm.CachingRealm
-
Template method that may be implemented by subclasses should they wish to react to a
CacheManager
instance being set on the realm instance via theCachingRealm.setCacheManager(org.apache.shiro.cache.CacheManager)
mutator. - afterEventBusSet() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Template callback to notify subclasses that an
EventBus
has been set and is available for use via thegetEventBus()
method. - afterEventBusSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
- afterEventBusSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Sets any configured EventBus on the SessionManager if necessary.
- afterExpired(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- afterExpired(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- afterRealmsSet() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Passes on the
realms
to the internal delegateAuthenticator
instance so that it may use them during authentication attempts. - afterRealmsSet() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
-
First calls
super.afterRealmsSet()
and then sets these sameRealm
objects on this instance's wrappedAuthorizer
. - afterRealmsSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
- afterRoleCacheSet() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- afterSessionManagerSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- afterSessionValidationEnabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- afterStopped(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- afterStopped(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- AllowAllCredentialsMatcher - Class in org.apache.shiro.authc.credential
-
A credentials matcher that always returns
true
when matching credentials no matter what arguments are passed in. - AllowAllCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
- AllPermission - Class in org.apache.shiro.authz.permission
-
An all AllPermission instance is one that always implies any other permission; that is, its
implies
method always returns true. - AllPermission() - Constructor for class org.apache.shiro.authz.permission.AllPermission
- AllSuccessfulStrategy - Class in org.apache.shiro.authc.pam
-
AuthenticationStrategy implementation that requires all configured realms to successfully process the submitted AuthenticationToken during the log-in attempt.
- AllSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.AllSuccessfulStrategy
- AND - org.apache.shiro.authz.annotation.Logical
- annotationClass - Variable in class org.apache.shiro.aop.AnnotationHandler
-
The type of annotation this handler will process.
- AnnotationHandler - Class in org.apache.shiro.aop
-
Base support class for implementations that reads and processes JSR-175 annotations.
- AnnotationHandler(Class<? extends Annotation>) - Constructor for class org.apache.shiro.aop.AnnotationHandler
-
Constructs an
AnnotationHandler
who processes annotations of the specified type. - AnnotationMethodInterceptor - Class in org.apache.shiro.aop
-
MethodInterceptor that inspects a specific annotation on the method invocation before continuing its execution.
- AnnotationMethodInterceptor(AnnotationHandler) - Constructor for class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Constructs an
AnnotationMethodInterceptor
with theAnnotationHandler
that will be used to process annotations of a corresponding type. - AnnotationMethodInterceptor(AnnotationHandler, AnnotationResolver) - Constructor for class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Constructs an
AnnotationMethodInterceptor
with theAnnotationHandler
that will be used to process annotations of a corresponding type, using the specifiedAnnotationResolver
to acquire annotations at runtime. - AnnotationResolver - Interface in org.apache.shiro.aop
-
Defines an AOP-framework-independent way of determining if an Annotation exists on a Method.
- AnnotationsAuthorizingMethodInterceptor - Class in org.apache.shiro.authz.aop
-
An AnnotationsAuthorizingMethodInterceptor is a MethodInterceptor that asserts a given method is authorized to execute based on one or more configured AuthorizingAnnotationMethodInterceptors.
- AnnotationsAuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Default no-argument constructor that defaults the
methodInterceptors
attribute to contain two interceptors by default - theRoleAnnotationMethodInterceptor
and thePermissionAnnotationMethodInterceptor
to support role and permission annotations. - AntPathMatcher - Class in org.apache.shiro.util
-
PathMatcher implementation for Ant-style path patterns.
- AntPathMatcher() - Constructor for class org.apache.shiro.util.AntPathMatcher
- applyCacheManagerToRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Sets the internal
CacheManager
on any internal configuredRealms
that implement theCacheManagerAware
interface. - applyCacheManagerToSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Ensures the internal delegate
SessionManager
is injected with the newly setCacheManager
so it may use it for its internal caching needs. - applyEventBusToCacheManager() - Method in class org.apache.shiro.mgt.CachingSecurityManager
- applyEventBusToRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager
- applyEventBusToSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Ensures the internal delegate
SessionManager
is injected with the newly setEventBus
so it may use it for its internal event needs. - applyGlobalSessionTimeout(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- applyPermissionResolverToRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the internal
ModularRealmAuthorizer.getPermissionResolver()
on any internal configuredRealms
that implement thePermissionResolverAware
interface. - applyRealmsToSecurityManager(Collection<Realm>, SecurityManager) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- applyRolePermissionResolverToRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the internal
ModularRealmAuthorizer.getRolePermissionResolver()
on any internal configuredRealms
that implement theRolePermissionResolverAware
interface. - asList() - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns a single Subject's principals retrieved from all configured Realms as a List, or an empty List if there are not any principals.
- asList() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- asList() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- asList(E...) - Static method in class org.apache.shiro.util.CollectionUtils
- assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler
-
Ensures that the calling
Subject
is authenticated, and if not, throws anUnauthenticatedException
indicating the method is not allowed to be executed. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
-
Ensures the calling Subject is authorized to execute based on the directive(s) found in the given annotation.
- assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.GuestAnnotationHandler
-
Ensures that the calling
Subject
is NOT a user, that is, they do not have anidentity
before continuing. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.PermissionAnnotationHandler
-
Ensures that the calling
Subject
has the Annotation's specified permissions, and if not, throws anAuthorizingException
indicating access is denied. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.RoleAnnotationHandler
-
Ensures that the calling
Subject
has the Annotation's specified roles, and if not, throws anAuthorizingException
indicating that access is denied. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.UserAnnotationHandler
-
Ensures that the calling
Subject
is a user, that is, they are eitherauthenticated
or remembered via remember me services before allowing access, and if not, throws anAuthorizingException
indicating access is not allowed. - assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Iterates over the internal
methodInterceptors
collection, and for each one, ensures that if the interceptorsupports
the invocation, that the interceptorasserts
that the invocation is authorized to proceed. - assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
-
Ensures the calling Subject is authorized to execute the specified
MethodInvocation
. - assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
-
Asserts that the specified MethodInvocation is allowed to continue by performing any necessary authorization (access control) checks first.
- assertAuthzCheckPossible() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- assertCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Asserts that the submitted
AuthenticationToken
's credentials match the stored accountAuthenticationInfo
's credentials, and if not, throws anAuthenticationException
. - assertRealmsConfigured() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
- assertRealmsConfigured() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Used by the
Authorizer
implementation methods to ensure that therealms
has been set. - asSet() - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns a single Subject's principals retrieved from all configured Realms as a Set, or an empty Set if there are not any principals.
- asSet() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- asSet() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- asSet(E...) - Static method in class org.apache.shiro.util.CollectionUtils
- assignSessionId(Session, Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Utility method available to subclasses that wish to assign a generated session ID to the session instance directly.
- associateWith(Runnable) - Method in interface org.apache.shiro.subject.Subject
-
Returns a
Runnable
instance matching the given argument while additionally ensuring that it will retain and execute under this Subject's identity. - associateWith(Runnable) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- associateWith(Callable<V>) - Method in interface org.apache.shiro.subject.Subject
-
Returns a
Callable
instance matching the given argument while additionally ensuring that it will retain and execute under this Subject's identity. - associateWith(Callable<V>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- associateWithSubject(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
-
Utility method for subclasses to associate the argument
Runnable
with the currently executing subject and then return the associated Runnable. - associateWithSubject(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- associateWithSubject(Callable<T>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- AtLeastOneSuccessfulStrategy - Class in org.apache.shiro.authc.pam
-
AuthenticationStrategy implementation that requires at least one configured realm to successfully process the submitted AuthenticationToken during the log-in attempt.
- AtLeastOneSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy
- authenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Implementation of the
Authenticator
interface that functions in the following manner: Calls templatedoAuthenticate
method for subclass execution of the actual authentication behavior. If anAuthenticationException
is thrown duringdoAuthenticate
,notify
any registeredAuthenticationListener
s of the exception and then propagate the exception for the caller to handle. If no exception is thrown (indicating a successful login),notify
any registeredAuthenticationListener
s of the successful attempt. Return theAuthenticationInfo
- authenticate(AuthenticationToken) - Method in interface org.apache.shiro.authc.Authenticator
-
Authenticates a user based on the submitted
AuthenticationToken
. - authenticate(AuthenticationToken) - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Delegates to the wrapped
Authenticator
for authentication. - authenticated - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- authenticated(boolean) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will be consideredauthenticated
. - AUTHENTICATED_SESSION_KEY - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext
-
The session key that is used to store whether or not the user is authenticated.
- AuthenticatedAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Handles
RequiresAuthentication
annotations and ensures the calling subject is authenticated before allowing access. - AuthenticatedAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler
-
Default no-argument constructor that ensures this handler to process
RequiresAuthentication
annotations. - AuthenticatedAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresAuthenticated
annotation is declared, and if so, ensures the callingSubject
.isAuthenticated()
before invoking the method. - AuthenticatedAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresAuthentication
annotations in a method declaration. - AuthenticatedAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationMethodInterceptor
- AuthenticatingRealm - Class in org.apache.shiro.realm
-
A top-level abstract implementation of the Realm interface that only implements authentication support (log-in) operations and leaves authorization (access control) behavior to subclasses.
- AuthenticatingRealm() - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingRealm(CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingRealm(CacheManager) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingRealm(CacheManager, CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy that delegates all authentication operations to a wrappedAuthenticator
instance. - AuthenticatingSecurityManager() - Constructor for class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Default no-arg constructor that initializes its internal
authenticator
instance to aModularRealmAuthenticator
. - authentication - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- AuthenticationException - Exception in org.apache.shiro.authc
-
General exception thrown due to an error during the Authentication process.
- AuthenticationException() - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Creates a new AuthenticationException.
- AuthenticationException(String) - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Constructs a new AuthenticationException.
- AuthenticationException(String, Throwable) - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Constructs a new AuthenticationException.
- AuthenticationException(Throwable) - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Constructs a new AuthenticationException.
- AuthenticationInfo - Interface in org.apache.shiro.authc
-
AuthenticationInfo
represents a Subject's (aka user's) stored account information relevant to the authentication/log-in process only. - AuthenticationListener - Interface in org.apache.shiro.authc
-
An
AuthenticationListener
listens for notifications whileSubject
s authenticate with the system. - authenticationQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- AuthenticationStrategy - Interface in org.apache.shiro.authc.pam
-
A
AuthenticationStrategy
implementation assists theModularRealmAuthenticator
during the log-in process in a pluggable realm (PAM) environment. - AuthenticationToken - Interface in org.apache.shiro.authc
-
An AuthenticationToken is a consolidation of an account's principals and supporting credentials submitted by a user during an authentication attempt.
- Authenticator - Interface in org.apache.shiro.authc
-
An Authenticator is responsible for authenticating accounts in an application.
- AuthorizationException - Exception in org.apache.shiro.authz
-
Exception thrown if there is a problem during authorization (access control check).
- AuthorizationException() - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Creates a new AuthorizationException.
- AuthorizationException(String) - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Constructs a new AuthorizationException.
- AuthorizationException(String, Throwable) - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Constructs a new AuthorizationException.
- AuthorizationException(Throwable) - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Constructs a new AuthorizationException.
- AuthorizationInfo - Interface in org.apache.shiro.authz
-
AuthorizationInfo
represents a single Subject's stored authorization data (roles, permissions, etc) used during authorization (access control) checks only. - Authorizer - Interface in org.apache.shiro.authz
-
An Authorizer performs authorization (access control) operations for any given Subject (aka 'application user').
- AuthorizingAnnotationHandler - Class in org.apache.shiro.authz.aop
-
An AnnotationHandler that executes authorization (access control) behavior based on directive(s) found in a JSR-175 Annotation.
- AuthorizingAnnotationHandler(Class<? extends Annotation>) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
-
Constructs an
AuthorizingAnnotationHandler
who processes annotations of the specified type. - AuthorizingAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
An AnnotationMethodInterceptor that asserts the calling code is authorized to execute the method before allowing the invocation to continue by inspecting code annotations to perform an access control check.
- AuthorizingAnnotationMethodInterceptor(AuthorizingAnnotationHandler) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
-
Constructor that ensures the internal
handler
is set which will be used to perform the authorization assertion checks when a supported annotation is encountered. - AuthorizingAnnotationMethodInterceptor(AuthorizingAnnotationHandler, AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
- AuthorizingMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Basic abstract class to support intercepting methods that perform authorization (access control) checks.
- AuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
- AuthorizingRealm - Class in org.apache.shiro.realm
-
An
AuthorizingRealm
extends theAuthenticatingRealm
's capabilities by adding Authorization (access control) support. - AuthorizingRealm() - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingRealm(CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingRealm(CacheManager) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingRealm(CacheManager, CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy that delegates all authorization (access control) operations to a wrappedAuthorizer
instance. - AuthorizingSecurityManager() - Constructor for class org.apache.shiro.mgt.AuthorizingSecurityManager
-
Default no-arg constructor that initializes an internal default
ModularRealmAuthorizer
. - awaitTermination(long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
B
- BasicIniEnvironment - Class in org.apache.shiro.env
-
Basic usage:
- BasicIniEnvironment(String) - Constructor for class org.apache.shiro.env.BasicIniEnvironment
- BasicIniEnvironment(Ini) - Constructor for class org.apache.shiro.env.BasicIniEnvironment
- BearerToken - Class in org.apache.shiro.authc
-
A
AuthenticationToken
that contains an a Bearer token or API key, typically received via an HTTPAuthorization
header. - BearerToken(String) - Constructor for class org.apache.shiro.authc.BearerToken
- BearerToken(String, String) - Constructor for class org.apache.shiro.authc.BearerToken
- beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Simply returns
new
, which supports aggregating account data across realms.SimpleAuthenticationInfo
(); - beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator signifying that the authentication process is about to begin for the specified
token
- called before anyRealm
is actually invoked. - beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
-
Returns
null
immediately, relying on this class'smerge
implementation to return only the firstinfo
object it encounters, ignoring all subsequent ones. - beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Simply returns the
aggregate
method argument, without modification. - beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AllSuccessfulStrategy
-
Because all realms in this strategy must complete successfully, this implementation ensures that the given
Realm
supports
the giventoken
argument. - beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator just prior to the realm being consulted for account data, allowing pre-authentication-attempt logic for that realm only.
- beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
-
Throws ShortCircuitIterationException if stopAfterFirstSuccess is set and authentication is successful with a previously consulted realm.
- beforeInvalidNotification(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Returns the session instance to use to pass to registered
SessionListener
s for notification that the session has been invalidated (stopped or expired). - beforeLogout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- beforeSessionValidationDisabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- bind() - Method in class org.apache.shiro.subject.support.SubjectThreadState
-
Binds a
Subject
andSecurityManager
to theThreadContext
so they can be retrieved later by anySecurityUtils.
getSubject()
calls that might occur during the thread's execution. - bind() - Method in interface org.apache.shiro.util.ThreadState
-
Binds any state that should be made accessible during a thread's execution.
- bind(String, Object) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Bind the given object to the current JNDI context, using the given name.
- bind(SecurityManager) - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies binding the application's SecurityManager instance to the ThreadContext.
- bind(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Deprecated.in favor of
save(subject)
. - bind(Subject) - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies binding a Subject to the ThreadContext.
- buildAuthenticationInfo(String, char[]) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- buildAuthorizationInfo(Set<String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- Builder() - Constructor for class org.apache.shiro.subject.Subject.Builder
-
Constructs a new
Subject.Builder
instance, using theSecurityManager
instance available to the calling code as determined by a call toSecurityUtils.getSecurityManager()
to build theSubject
instance. - Builder(SecurityManager) - Constructor for class org.apache.shiro.subject.Subject.Builder
-
Constructs a new
Subject.Builder
instance which will use the specifiedSecurityManager
when building theSubject
instance. - buildHashRequest(ByteSource, Hash) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- buildSubject() - Method in class org.apache.shiro.subject.Subject.Builder
-
Creates and returns a new
Subject
instance reflecting the cumulative state acquired by the other methods in this class. - byType(Class<T>) - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns all principals assignable from the specified type, or an empty Collection if no principals of that type are contained.
- byType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- byType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
C
- cache(Session, Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Caches the specified session under the cache entry key of
sessionId
. - cache(Session, Serializable, Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Caches the specified session in the given cache under the key of
sessionId
. - CachingRealm - Class in org.apache.shiro.realm
-
A very basic abstract extension point for the
Realm
interface that provides caching support for subclasses. - CachingRealm() - Constructor for class org.apache.shiro.realm.CachingRealm
-
Default no-argument constructor that defaults
cachingEnabled
(for general caching) totrue
and sets a defaultname
based on the class name. - CachingSecurityManager - Class in org.apache.shiro.mgt
-
A very basic starting point for the SecurityManager interface that merely provides logging and caching support.
- CachingSecurityManager() - Constructor for class org.apache.shiro.mgt.CachingSecurityManager
-
Default no-arg constructor that will automatically attempt to initialize a default cacheManager
- CachingSessionDAO - Class in org.apache.shiro.session.mgt.eis
-
An CachingSessionDAO is a SessionDAO that provides a transparent caching layer between the components that use it and the underlying EIS (Enterprise Information System) session backing store (for example, filesystem, database, enterprise grid/cloud, etc).
- CachingSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Default no-arg constructor.
- call() - Method in class org.apache.shiro.subject.support.SubjectCallable
- checkHashFormatDurability() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- checkPermission(String) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject implies the specified permission String.
- checkPermission(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermission(Permission) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject
implies
the specifiedPermission
. - checkPermission(Permission) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermission(Permission, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermission(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures the corresponding Subject/user implies the specified permission String.
- checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
isPermitted(permission)
, throws anUnauthorizedException
otherwise returns quietly. - checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermission(PrincipalCollection, Permission) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures a subject/user
Permission.implies(Permission)
implies} the specified Permission. - checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
isPermitted(permission)
, throws anUnauthorizedException
otherwise returns quietly. - checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermissions(String...) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject
implies
all of the specified permission strings. - checkPermissions(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermissions(Collection<Permission>) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject
implies
all of the specified permission strings. - checkPermissions(Collection<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermissions(Collection<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermissions(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures the corresponding Subject/user
implies
all of the specified permission strings. - checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
isPermitted(permission)
, throws anUnauthorizedException
otherwise returns quietly. - checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermissions(PrincipalCollection, Collection<Permission>) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures the corresponding Subject/user
implies
all of the specified permission strings. - checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
isPermitted(permission)
for all the given Permissions, throws anUnauthorizedException
otherwise returns quietly. - checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRole(String) - Method in interface org.apache.shiro.subject.Subject
-
Asserts this Subject has the specified role by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRole(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkRole(String, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRole(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
hasRole(role)
, throws anUnauthorizedException
otherwise returns quietly. - checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRoles(String...) - Method in interface org.apache.shiro.subject.Subject
-
Same as
checkRoles(Collection
but doesn't require a collection as a an argument.roleIdentifiers) - checkRoles(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkRoles(Collection<String>) - Method in interface org.apache.shiro.subject.Subject
-
Asserts this Subject has all of the specified roles by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRoles(Collection<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkRoles(Collection<String>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRoles(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Same as
checkRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers)
but doesn't require a collection as an argument. - checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Calls
checkRole
for each role specified. - checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRoles(PrincipalCollection, Collection<String>) - Method in interface org.apache.shiro.authz.Authorizer
-
Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
- checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkValid(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- checkValid(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns quietly if the associated session is valid (it exists and is not stopped or expired) or throws an
InvalidSessionException
indicating that the session id is invalid. - clear() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Clears out (nulls) the username, password, rememberMe, and inetAddress.
- clear() - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Removes all Principals in this collection.
- clear() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- clear() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- clear() - Method in class org.apache.shiro.subject.support.SubjectThreadState
-
Completely
removes
theThreadContext
state. - clear() - Method in class org.apache.shiro.util.MapContext
- clear() - Method in interface org.apache.shiro.util.ThreadState
-
Completely clears/removes the
ThreadContext
state. - clearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
Clears out any cached data associated with the specified account identity/identities.
- clearCachedAuthenticationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Clears out the AuthenticationInfo cache entry for the specified account.
- clearCachedAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Clears out the AuthorizationInfo cache entry for the specified account.
- closeConnection(Connection) - Static method in class org.apache.shiro.util.JdbcUtils
-
Close the given JDBC Connection and ignore any thrown exception.
- closeContext(LdapContext) - Static method in class org.apache.shiro.realm.ldap.LdapUtils
-
Closes an LDAP context, logging any errors, but not throwing an exception if there is a failure.
- closeEnumeration(NamingEnumeration) - Static method in class org.apache.shiro.realm.ldap.LdapUtils
- closeResultSet(ResultSet) - Static method in class org.apache.shiro.util.JdbcUtils
-
Close the given JDBC ResultSet and ignore any thrown exception.
- closeStatement(Statement) - Static method in class org.apache.shiro.util.JdbcUtils
-
Close the given JDBC Statement and ignore any thrown exception.
- CollectionUtils - Class in org.apache.shiro.util
-
Static helper class for use dealing with Collections.
- CollectionUtils() - Constructor for class org.apache.shiro.util.CollectionUtils
- COLUMN - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
- ConcurrentAccessException - Exception in org.apache.shiro.authc
-
Thrown when an authentication attempt has been received for an account that has already been authenticated (i.e.
- ConcurrentAccessException() - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Creates a new ConcurrentAccessException.
- ConcurrentAccessException(String) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Constructs a new ConcurrentAccessException.
- ConcurrentAccessException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Constructs a new ConcurrentAccessException.
- ConcurrentAccessException(Throwable) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Constructs a new ConcurrentAccessException.
- CONTAINER_PREFIX - Static variable in class org.apache.shiro.jndi.JndiLocator
-
JNDI prefix used in a J2EE container
- containsKey(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- containsKey(Object) - Method in class org.apache.shiro.util.MapContext
- containsValue(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- containsValue(Object) - Method in class org.apache.shiro.util.MapContext
- contextAttribute(String, Object) - Method in class org.apache.shiro.subject.Subject.Builder
-
Allows custom attributes to be added to the underlying context
Map
used to construct theSubject
instance. - contextFactoryClassName - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- convertBytesToPrincipals(byte[], SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
If a
cipherService
is available, it will be used to first decrypt the byte array. - convertJndiName(String) - Method in class org.apache.shiro.jndi.JndiLocator
-
Convert the given JNDI name into the actual JNDI name to use.
- convertPrincipalsToBytes(PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Converts the given principal collection the byte array that will be persisted to be 'remembered' later.
- copy(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- create(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Persists the given session instance to an underlying EIS (Enterprise Information System).
- create(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Creates the session by delegating EIS creation to subclasses via the
AbstractSessionDAO.doCreate(org.apache.shiro.session.Session)
method, and then asserting that the returned sessionId is not null. - create(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Calls
super.create(session)
, then caches the session keyed by the returnedsessionId
, and then returns thissessionId
. - create(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Inserts a new Session record into the underling EIS (e.g.
- createActiveSessionsCache() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Creates a cache instance used to store active sessions.
- createAuthenticationInfo(AuthenticationToken, Object, Object, LdapContext) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Returns the
AuthenticationInfo
resulting from a Subject's successful LDAP authentication attempt. - createByteSource(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- createDefaultInstance() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- createDefaultInstance() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- createDefaults(Ini, Ini.Section) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- createExposedSession(Session, SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- createExposedSession(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- createHashRequest(ByteSource) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- createInitialContext() - Method in class org.apache.shiro.jndi.JndiTemplate
-
Create a new JNDI initial context.
- createInstance() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Creates a new object instance by using a configured INI source.
- createInstance() - Method in class org.apache.shiro.util.AbstractFactory
- createInstance(Ini) - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- createInstance(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- createLdapContext(Hashtable) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Creates and returns a new
InitialLdapContext
instance. - createLdapContext(Hashtable) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Creates and returns a new
InitialLdapContext
instance. - createRealm(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Creates a
Realm
from the Ini instance containing account data. - createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Creates a new
Session Session
instance based on the specified (possiblynull
) initialization data. - createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- createSession(SessionContext) - Method in interface org.apache.shiro.session.mgt.SessionFactory
-
Creates a new
Session
instance based on the specified contextual initialization data. - createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.SimpleSessionFactory
-
Creates a new
SimpleSession
instance retaining the context'shost
if one can be found. - createSessionContext() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- createSessionContext(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- createSessionValidationScheduler() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- createSubject(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Creates a
Subject
instance for the user represented by the given method arguments. - createSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
This implementation functions as follows:
- createSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSubjectFactory
- createSubject(SubjectContext) - Method in interface org.apache.shiro.mgt.SecurityManager
-
Creates a
Subject
instance reflecting the specified contextual data. - createSubject(SubjectContext) - Method in interface org.apache.shiro.mgt.SubjectFactory
-
Creates a new Subject instance reflecting the state of the specified contextual data.
- createSubjectContext() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- credentials - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
The credentials verifying the account principals.
- CredentialsException - Exception in org.apache.shiro.authc
-
Exception thrown due to a problem with the credential(s) submitted for an account during the authentication process.
- CredentialsException() - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Creates a new CredentialsException.
- CredentialsException(String) - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Constructs a new CredentialsException.
- CredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Constructs a new CredentialsException.
- CredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Constructs a new CredentialsException.
- CredentialsMatcher - Interface in org.apache.shiro.authc.credential
-
Interface implemented by classes that can determine if an AuthenticationToken's provided credentials matches a corresponding account's credentials stored in the system.
- credentialsSalt - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Any salt used in hashing the credentials.
- CRYPT - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
D
- DataAccessException - Exception in org.apache.shiro.dao
-
Generic exception representing a problem when attempting to access data.
- DataAccessException(String) - Constructor for exception org.apache.shiro.dao.DataAccessException
-
Constructs a DataAccessException with a message explaining the cause of the exception.
- DataAccessException(String, Throwable) - Constructor for exception org.apache.shiro.dao.DataAccessException
-
Constructs a DataAccessException with a message explaining the cause of the exception.
- dataSource - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- decorate(Session) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- decrypt(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Decrypts the byte array using the configured
cipherService
. - DEFAULT_AUTHENTICATION_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve account data for the user.
- DEFAULT_CASE_SENSITIVE - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- DEFAULT_CONTEXT_FACTORY_CLASS_NAME - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
- DEFAULT_GLOBAL_SESSION_TIMEOUT - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
-
Default main session timeout value, equal to
30
minutes. - DEFAULT_HASH_ALGORITHM - Static variable in class org.apache.shiro.authc.credential.DefaultPasswordService
- DEFAULT_HASH_ITERATIONS - Static variable in class org.apache.shiro.authc.credential.DefaultPasswordService
- DEFAULT_INI_RESOURCE_PATH - Static variable in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- DEFAULT_PATH_SEPARATOR - Static variable in class org.apache.shiro.util.AntPathMatcher
-
Default path separator: "/"
- DEFAULT_PERMISSIONS_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve permissions that apply to a particular role.
- DEFAULT_REFERRAL - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
- DEFAULT_SALTED_AUTHENTICATION_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve account data for the user when
JdbcRealm.saltStyle
is COLUMN. - DEFAULT_SECURITY_MANAGER_KEY - Static variable in class org.apache.shiro.env.DefaultEnvironment
-
The default name under which the application's
SecurityManager
instance may be acquired, equal tosecurityManager
. - DEFAULT_SESSION_VALIDATION_INTERVAL - Static variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
The default interval at which sessions will be validated (1 hour); This can be overridden by calling
AbstractValidatingSessionManager.setSessionValidationInterval(long)
- DEFAULT_USER_ROLES_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve the roles that apply to a user.
- DefaultAnnotationResolver - Class in org.apache.shiro.aop
-
Default
AnnotationResolver
implementation that merely inspects theMethodInvocation
'starget method
, and returnstargetMethod
.getAnnotation(class)
. - DefaultAnnotationResolver() - Constructor for class org.apache.shiro.aop.DefaultAnnotationResolver
- DefaultEnvironment - Class in org.apache.shiro.env
-
Simple/default
Environment
implementation that stores Shiro objects as key-value pairs in aMap
instance. - DefaultEnvironment() - Constructor for class org.apache.shiro.env.DefaultEnvironment
-
Creates a new instance with a thread-safe
ConcurrentHashMap
backing map. - DefaultEnvironment(Map<String, ?>) - Constructor for class org.apache.shiro.env.DefaultEnvironment
-
Creates a new instance with the specified backing map.
- DefaultLdapContextFactory - Class in org.apache.shiro.realm.ldap
-
Deprecated.replaced by the
JndiLdapContextFactory
implementation. This implementation will be removed prior to Shiro 2.0 - DefaultLdapContextFactory() - Constructor for class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- DefaultLdapRealm - Class in org.apache.shiro.realm.ldap
-
An LDAP
Realm
implementation utilizing Sun's/Oracle's JNDI API as an LDAP API. - DefaultLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Default no-argument constructor that defaults the internal
LdapContextFactory
instance to aJndiLdapContextFactory
. - DefaultPasswordService - Class in org.apache.shiro.authc.credential
-
Default implementation of the
PasswordService
interface that relies on an internalHashService
,HashFormat
, andHashFormatFactory
to function: - DefaultPasswordService() - Constructor for class org.apache.shiro.authc.credential.DefaultPasswordService
- DefaultSecurityManager - Class in org.apache.shiro.mgt
-
The Shiro framework's default concrete implementation of the
SecurityManager
interface, based around a collection ofRealm
s. - DefaultSecurityManager() - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager
-
Default no-arg constructor.
- DefaultSecurityManager(Collection<Realm>) - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager
-
Supporting constructor for multiple
realms
. - DefaultSecurityManager(Realm) - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager
-
Supporting constructor for a single-realm application.
- DefaultSessionContext - Class in org.apache.shiro.session.mgt
-
Default implementation of the
SessionContext
interface which provides getters and setters that wrap interaction with the underlying backing context map. - DefaultSessionContext() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionContext
- DefaultSessionContext(Map<String, Object>) - Constructor for class org.apache.shiro.session.mgt.DefaultSessionContext
- DefaultSessionKey - Class in org.apache.shiro.session.mgt
-
Default implementation of the
SessionKey
interface, which allows setting and retrieval of a concretesessionId
that theSessionManager
implementation can use to look up aSession
instance. - DefaultSessionKey() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionKey
- DefaultSessionKey(Serializable) - Constructor for class org.apache.shiro.session.mgt.DefaultSessionKey
- DefaultSessionManager - Class in org.apache.shiro.session.mgt
-
Default business-tier implementation of a
ValidatingSessionManager
. - DefaultSessionManager() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionManager
- DefaultSessionStorageEvaluator - Class in org.apache.shiro.mgt
-
A Default
SessionStorageEvaluator
that provides reasonable control over if and how Sessions may be used for storing Subject state. - DefaultSessionStorageEvaluator() - Constructor for class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
- DefaultSubjectContext - Class in org.apache.shiro.subject.support
-
Default implementation of the
SubjectContext
interface. - DefaultSubjectContext() - Constructor for class org.apache.shiro.subject.support.DefaultSubjectContext
- DefaultSubjectContext(SubjectContext) - Constructor for class org.apache.shiro.subject.support.DefaultSubjectContext
- DefaultSubjectDAO - Class in org.apache.shiro.mgt
-
Default
SubjectDAO
implementation that stores Subject state in the Subject's Session by default (but this can be disabled - see below). - DefaultSubjectDAO() - Constructor for class org.apache.shiro.mgt.DefaultSubjectDAO
- DefaultSubjectFactory - Class in org.apache.shiro.mgt
-
Default
SubjectFactory
implementation that createsDelegatingSubject
instances. - DefaultSubjectFactory() - Constructor for class org.apache.shiro.mgt.DefaultSubjectFactory
- delegate - Variable in class org.apache.shiro.session.ProxiedSession
-
The proxied instance
- DelegatingSession - Class in org.apache.shiro.session.mgt
-
A DelegatingSession is a client-tier representation of a server side
Session
. - DelegatingSession(NativeSessionManager, SessionKey) - Constructor for class org.apache.shiro.session.mgt.DelegatingSession
- DelegatingSubject - Class in org.apache.shiro.subject.support
-
Implementation of the
Subject
interface that delegates method calls to an underlyingSecurityManager
instance for security checks. - DelegatingSubject(SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject
- DelegatingSubject(PrincipalCollection, boolean, String, Session, boolean, SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject
- DelegatingSubject(PrincipalCollection, boolean, String, Session, SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject
- delete(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- delete(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Removes the specified session from any cache and then permanently deletes the session from the EIS by delegating to
CachingSessionDAO.doDelete(org.apache.shiro.session.Session)
. - delete(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- delete(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Deletes the associated EIS record of the specified
session
. - delete(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Removes (or 'unbinds') the Subject's state from the application, typically called during
DefaultSecurityManager.logout(org.apache.shiro.subject.Subject)
.. - delete(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Removes any existing subject state from the subject's session (if the session exists).
- delete(Subject) - Method in interface org.apache.shiro.mgt.SubjectDAO
-
Removes any persisted state for the specified
Subject
instance. - deserialize(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
De-serializes the given byte array by using the
serializer
'sdeserialize
method. - destroy() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- destroy() - Method in class org.apache.shiro.env.DefaultEnvironment
- destroy() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
- destroy() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- destroy() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Destroys the
cacheManager
viaLifecycleUtils.destroy
. - destroy() - Method in class org.apache.shiro.mgt.RealmSecurityManager
- destroy() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- destroy() - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Destroy reload scheduler if one exists.
- destroy() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- DisabledAccountException - Exception in org.apache.shiro.authc
-
Thrown when attempting to authenticate and the corresponding account has been disabled for some reason.
- DisabledAccountException() - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Creates a new DisabledAccountException.
- DisabledAccountException(String) - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Constructs a new DisabledAccountException.
- DisabledAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Constructs a new DisabledAccountException.
- DisabledAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Constructs a new DisabledAccountException.
- DisabledSessionException - Exception in org.apache.shiro.subject.support
-
Exception thrown if attempting to create a new
Subject
session
, but thatSubject
's sessions are disabled. - DisabledSessionException(String) - Constructor for exception org.apache.shiro.subject.support.DisabledSessionException
- disableSessionValidation() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- disableSessionValidation() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- disableSessionValidation() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler
-
Disables the session validation job.
- doAuthenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Template design pattern hook for subclasses to implement specific authentication behavior.
- doAuthenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Attempts to authenticate the given token by iterating over the internal collection of
Realm
s. - doCall(Callable<V>) - Method in class org.apache.shiro.subject.support.SubjectCallable
- doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
This implementation clears out any cached authentication data by calling
AuthenticatingRealm.clearCachedAuthenticationInfo(org.apache.shiro.subject.PrincipalCollection)
. - doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Calls
super.doClearCache
to ensure any cached authentication data is removed and then callsAuthorizingRealm.clearCachedAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
to remove any cached authorization data. - doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
This implementation does nothing - it is a template to be overridden by subclasses if necessary.
- doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Subclass hook to actually persist the given Session instance to the underlying EIS.
- doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- doCreateSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- doCreateSession(SessionContext) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- doCreateSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Actually creates a
Subject
instance by delegating to the internalsubjectFactory
. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
-
Returns
true
always no matter what the method arguments are. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.credential.CredentialsMatcher
-
Returns
true
if the provided token credentials match the stored account credentials,false
otherwise. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
This implementation first hashes the
token
's credentials, potentially using asalt
if theinfo
argument is aSaltedAuthenticationInfo
. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
This implementation acquires the
token
's credentials (viagetCredentials(token)
) and then theaccount
's credentials (viagetCredentials(account)
) and then passes both of them to theequals(tokenCredentials, accountCredentials)
method for equality comparison. - doDelete(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Subclass implementation hook to permanently delete the given Session from the underlying EIS.
- doDelete(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Delegates to
DefaultLdapRealm.queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)
, wrapping anyNamingException
s in a ShiroAuthenticationException
to satisfy the parent method signature. - doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Retrieves the AuthorizationInfo for the given principals from the underlying data store.
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
This implementation of the interface expects the principals collection to return a String username keyed off of this realm's
name
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- doGetSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- doGetSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- doInContext(Context) - Method in interface org.apache.shiro.jndi.JndiCallback
-
Do something with the given JNDI context.
- DomainPermission - Class in org.apache.shiro.authz.permission
-
Provides a base Permission class from which type-safe/domain-specific subclasses may extend.
- DomainPermission() - Constructor for class org.apache.shiro.authz.permission.DomainPermission
-
Creates a domain permission with *all* actions for *all* targets;
- DomainPermission(String) - Constructor for class org.apache.shiro.authz.permission.DomainPermission
- DomainPermission(String, String) - Constructor for class org.apache.shiro.authz.permission.DomainPermission
- DomainPermission(Set<String>, Set<String>) - Constructor for class org.apache.shiro.authz.permission.DomainPermission
- doMatch(String, String, boolean) - Method in class org.apache.shiro.util.AntPathMatcher
-
Actually match the given
path
against the givenpattern
. - doMultiRealmAuthentication(Collection<Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Performs the multi-realm authentication attempt by calling back to a
AuthenticationStrategy
object as each realm is consulted forAuthenticationInfo
for the specifiedtoken
. - doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Subclass implementation hook that retrieves the Session object from the underlying EIS or
null
if a session with that ID could not be found. - doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- doRun(Runnable) - Method in class org.apache.shiro.subject.support.SubjectRunnable
- doSingleRealmAuthentication(Realm, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Performs the authentication attempt by interacting with the single configured realm, which is significantly simpler than performing multi-realm logic.
- doUpdate(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Subclass implementation hook to actually persist the
Session
's state to the underlying EIS. - doUpdate(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doValidate(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
E
- enableSessionValidation() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- enableSessionValidation() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
-
Creates a single thread
ScheduledExecutorService
to validate sessions at fixed intervals and enables this scheduler. - enableSessionValidation() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler
-
Enables the session validation job.
- encrypt(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Encrypts the byte array by using the configured
cipherService
. - encryptPassword(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- encryptPassword(Object) - Method in interface org.apache.shiro.authc.credential.PasswordService
-
Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset' workflow) into a formatted string safe for storage.
- ensureCombinedPrincipals() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- ensureSecurityManager(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Determines if there is a
SecurityManager
instance in the context, and if not, adds 'this' to the context. - EnterpriseCacheSessionDAO - Class in org.apache.shiro.session.mgt.eis
-
SessionDAO implementation that relies on an enterprise caching product as the EIS system of record for all sessions.
- EnterpriseCacheSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- entrySet() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- entrySet() - Method in class org.apache.shiro.util.MapContext
- Environment - Interface in org.apache.shiro.env
-
An
Environment
instance encapsulates all of the objects that Shiro requires to function. - EnvironmentException - Exception in org.apache.shiro.env
-
Exception thrown for errors related to
Environment
instances or configuration. - EnvironmentException(String) - Constructor for exception org.apache.shiro.env.EnvironmentException
- EnvironmentException(String, Throwable) - Constructor for exception org.apache.shiro.env.EnvironmentException
- equals(Object) - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns
true
if the specified object is also aSimpleAccount
and itsprincipals
are equal to this object'sprincipals
,false
otherwise. - equals(Object) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Returns
true
if the Object argument is aninstanceof SimpleAuthenticationInfo
and itsprincipals
are equal to this instance's principals,false
otherwise. - equals(Object) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- equals(Object) - Method in class org.apache.shiro.authz.SimpleRole
- equals(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- equals(Object) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- equals(Object, Object) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
Returns
true
if thetokenCredentials
argument is logically equal to theaccountCredentials
argument. - ExcessiveAttemptsException - Exception in org.apache.shiro.authc
-
Thrown when a system is configured to only allow a certain number of authentication attempts over a period of time and the current session has failed to authenticate successfully within that number.
- ExcessiveAttemptsException() - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Creates a new ExcessiveAttemptsException.
- ExcessiveAttemptsException(String) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Constructs a new ExcessiveAttemptsException.
- ExcessiveAttemptsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Constructs a new ExcessiveAttemptsException.
- ExcessiveAttemptsException(Throwable) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Constructs a new ExcessiveAttemptsException.
- execute(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
-
Executes the specified runnable by first associating it with the currently executing
Subject
and then dispatches the associated Runnable to the underlying targetExecutor
instance. - execute(Runnable) - Method in interface org.apache.shiro.subject.Subject
-
Associates the specified
Runnable
with thisSubject
instance and then executes it on the currently running thread. - execute(Runnable) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- execute(Callable<V>) - Method in interface org.apache.shiro.subject.Subject
-
Associates the specified
Callable
with thisSubject
instance and then executes it on the currently running thread. - execute(Callable<V>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- execute(JndiCallback) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Execute the given JNDI context callback implementation.
- ExecutionException - Exception in org.apache.shiro.subject
-
Exception wrapping any potential checked exception thrown when a
Subject
executes aCallable
. - ExecutionException(String, Throwable) - Constructor for exception org.apache.shiro.subject.ExecutionException
- ExecutionException(Throwable) - Constructor for exception org.apache.shiro.subject.ExecutionException
- ExecutorServiceSessionValidationScheduler - Class in org.apache.shiro.session.mgt
-
SessionValidationScheduler implementation that uses a
ScheduledExecutorService
to callValidatingSessionManager.validateSessions()
everyinterval
milliseconds. - ExecutorServiceSessionValidationScheduler() - Constructor for class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- ExecutorServiceSessionValidationScheduler(ValidatingSessionManager) - Constructor for class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- expire() - Method in class org.apache.shiro.session.mgt.SimpleSession
- ExpiredCredentialsException - Exception in org.apache.shiro.authc
-
Thrown during the authentication process when the system determines the submitted credential(s) has expired and will not allow login.
- ExpiredCredentialsException() - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Creates a new ExpiredCredentialsException.
- ExpiredCredentialsException(String) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Constructs a new ExpiredCredentialsException.
- ExpiredCredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Constructs a new ExpiredCredentialsException.
- ExpiredCredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Constructs a new ExpiredCredentialsException.
- ExpiredSessionException - Exception in org.apache.shiro.session
-
A special case of a StoppedSessionException.
- ExpiredSessionException() - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Creates a new ExpiredSessionException.
- ExpiredSessionException(String) - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Constructs a new ExpiredSessionException.
- ExpiredSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Constructs a new ExpiredSessionException.
- ExpiredSessionException(Throwable) - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Constructs a new ExpiredSessionException.
- EXTERNAL - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
- extractPathWithinPattern(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
-
Given a pattern and a full path, determine the pattern-mapped part.
F
- fileLastModified - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- FirstSuccessfulStrategy - Class in org.apache.shiro.authc.pam
-
AuthenticationStrategy
implementation that only accepts the account data from the first successfully consulted Realm and ignores all subsequent realms. - FirstSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
- forgetIdentity(Subject) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Forgets (removes) any remembered identity data for the specified
Subject
instance. - forgetIdentity(SubjectContext) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Forgets any remembered identity corresponding to the subject context map being used to build a subject instance.
- fromRealm(String) - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns a single Subject's principals retrieved from the specified Realm only as a Collection, or an empty Collection if there are not any principals from that realm.
- fromRealm(String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- fromRealm(String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
G
- generateId(Session) - Method in class org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator
- generateId(Session) - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
-
Returns the String value of the configured
Random
'snextLong()
invocation. - generateId(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionIdGenerator
-
Generates a new ID to be applied to the specified
Session
instance. - generateSessionId(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Generates a new ID to be applied to the specified
session
instance. - get(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- get(Object) - Method in class org.apache.shiro.util.MapContext
- get(Object) - Static method in class org.apache.shiro.util.ThreadContext
-
Returns the object for the specified
key
that is bound to the current thread. - getActions() - Method in class org.apache.shiro.authz.permission.DomainPermission
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns all active sessions in the system.
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- getActiveSessions() - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Returns all sessions in the EIS that are considered active, meaning all sessions that haven't been stopped/expired.
- getActiveSessionsCache() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the cache instance to use for storing active sessions.
- getActiveSessionsCacheName() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the name of the actives sessions cache to be returned by the
CacheManager
. - getAllAttributeValues(Attribute) - Static method in class org.apache.shiro.realm.ldap.LdapUtils
-
Helper method used to retrieve all attribute values from a particular context attribute.
- getAnnotation(MethodInvocation) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns the Annotation that this interceptor will process for the specified method invocation.
- getAnnotation(MethodInvocation, Class<? extends Annotation>) - Method in interface org.apache.shiro.aop.AnnotationResolver
-
Returns an
Annotation
instance of the specified type based on the givenMethodInvocation
argument, ornull
if no annotation of that type could be found. - getAnnotation(MethodInvocation, Class<? extends Annotation>) - Method in class org.apache.shiro.aop.DefaultAnnotationResolver
- getAnnotationClass() - Method in class org.apache.shiro.aop.AnnotationHandler
-
Returns the type of annotation this handler inspects and processes.
- getAnnotationValue(Annotation) - Method in class org.apache.shiro.authz.aop.PermissionAnnotationHandler
-
Returns the annotation
value
, from which the Permission will be constructed. - getArguments() - Method in interface org.apache.shiro.aop.MethodInvocation
-
Returns the (possibly null) arguments to be supplied to the method invocation.
- getAttribute(Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getAttribute(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- getAttribute(Object) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getAttribute(Object) - Method in interface org.apache.shiro.session.Session
-
Returns the object bound to this session identified by the specified key.
- getAttribute(SessionKey, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getAttribute(SessionKey, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns the object bound to the associated session identified by the specified attribute key.
- getAttributeKeys() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getAttributeKeys() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getAttributeKeys() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getAttributeKeys() - Method in interface org.apache.shiro.session.Session
-
Returns the keys of all the attributes stored under this session.
- getAttributeKeys(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getAttributeKeys(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns all attribute keys maintained by the target session or an empty collection if there are no attributes.
- getAttributes() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getAuthenticationCache() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns a
Cache
instance to use for authentication caching, ornull
if no cache has been set. - getAuthenticationCacheKey(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the key under which
AuthenticationInfo
instances are cached if authentication caching is enabled. - getAuthenticationCacheKey(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the key under which
AuthenticationInfo
instances are cached if authentication caching is enabled. - getAuthenticationCacheName() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the name of a
Cache
to lookup from any availablecacheManager
if a cache is not explicitly configured viaAuthenticatingRealm.setAuthenticationCache(org.apache.shiro.cache.Cache)
. - getAuthenticationInfo() - Method in interface org.apache.shiro.subject.SubjectContext
- getAuthenticationInfo() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
This implementation functions as follows: It attempts to acquire any cached
AuthenticationInfo
corresponding to the specifiedAuthenticationToken
argument. - getAuthenticationInfo(AuthenticationToken) - Method in interface org.apache.shiro.realm.Realm
-
Returns an account's authentication-specific information for the specified token, or null if no account could be found based on the token.
- getAuthenticationListeners() - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Returns the
AuthenticationListener
s that should be notified during authentication attempts. - getAuthenticationMechanism() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns the type of LDAP authentication mechanism to use when connecting to the LDAP server.
- getAuthenticationStrategy() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Returns the
AuthenticationStrategy
utilized by this modular authenticator during a multi-realm log-in attempt. - getAuthenticationToken() - Method in interface org.apache.shiro.subject.SubjectContext
- getAuthenticationToken() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getAuthenticationTokenClass() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the authenticationToken class supported by this realm.
- getAuthenticator() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Returns the delegate
Authenticator
instance that this SecurityManager uses to perform all authentication operations. - getAuthorizationCache() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getAuthorizationCacheKey(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
- getAuthorizationCacheName() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Returns an account's authorization-specific information for the specified
principals
, ornull
if no account could be found. - getAuthorizer() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
-
Returns the underlying wrapped Authorizer instance to which this SecurityManager implementation delegates all of its authorization calls.
- getAvailablePrincipal(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
A utility method for subclasses that returns the first available principal of interest to this particular realm.
- getBeans() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- getCachedSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the cached session with the corresponding
sessionId
ornull
if there is no session cached under that id (or if there is no Cache). - getCachedSession(Serializable, Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the Session with the specified id from the specified cache.
- getCacheManager() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Returns the CacheManager used by this SecurityManager.
- getCacheManager() - Method in class org.apache.shiro.realm.CachingRealm
-
Returns the CacheManager used for data caching to reduce EIS round trips, or null if caching is disabled.
- getCacheManager() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the CacheManager to use for acquiring the
activeSessionsCache
if one is not configured. - getCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Convenience method that returns the cipher key to use for both encryption and decryption.
- getCipherService() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Returns the
CipherService
to use for encrypting and decrypting serialized identity data to prevent easy inspection of Subject identity data. - getContextFactory() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication attempts and authorization queries.
- getContextFactoryClassName() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the name of the ContextFactory class to use.
- getCredentials() - Method in interface org.apache.shiro.authc.AuthenticationInfo
-
Returns the credentials associated with the corresponding Subject.
- getCredentials() - Method in interface org.apache.shiro.authc.AuthenticationToken
-
Returns the credentials submitted by the user during the authentication process that verifies the submitted
account identity
. - getCredentials() - Method in class org.apache.shiro.authc.BearerToken
- getCredentials() - Method in class org.apache.shiro.authc.SimpleAccount
-
Simply returns
this.authcInfo.getCredentials
. - getCredentials() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
- getCredentials() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the
password
char array. - getCredentials(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns a
Hash
instance representing the already-hashed AuthenticationInfo credentials stored in the system. - getCredentials(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
Returns the
account
's credentials. - getCredentials(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
Returns the
token
's credentials. - getCredentialsMatcher() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the
CredentialsMatcher
used during an authentication attempt to verify submitted credentials with those stored in the system. - getCredentialsSalt() - Method in interface org.apache.shiro.authc.SaltedAuthenticationInfo
-
Returns the salt used to salt the account's credentials or
null
if no salt was used. - getCredentialsSalt() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns the salt used to hash this Account's credentials (eg for password hashing), or
null
if no salt was used or credentials were not hashed at all. - getCredentialsSalt() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Returns the salt used to hash the credentials, or
null
if no salt was used or credentials were not hashed at all. - getDecryptionCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Returns the decryption cipher key to use for decryption operations.
- getDefaults() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Returns a mapping of String to bean representing the default set of object used by the factory.
- getDomain() - Method in class org.apache.shiro.authz.permission.DomainPermission
- getDomain(Class<? extends DomainPermission>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- getEncryptionCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Returns the cipher key to use for encryption operations.
- getEnvironment() - Method in class org.apache.shiro.jndi.JndiTemplate
-
Return the environment for the JNDI InitialContext, or
null
if none should be used. - getEnvironment() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns the base JNDI environment template to use when acquiring an LDAP connection (an
LdapContext
). - getEventBus() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Returns the
EventBus
used by this SecurityManager and potentially any of its children components. - getEventBus() - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Returns the EventBus used to publish SessionEvents.
- getGlobalSessionTimeout() - Method in class org.apache.shiro.session.mgt.AbstractSessionManager
-
Returns the system-wide default time in milliseconds that any session may remain idle before expiring.
- getHandler() - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns the
AnnotationHandler
used to perform authorization behavior based on an annotation discovered at runtime. - getHashAlgorithmName() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns the
Hash
algorithmName
to use when performing hashes for credentials matching. - getHashFormat() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- getHashFormatFactory() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- getHashIterations() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns the number of times a submitted
AuthenticationToken
's credentials will be hashed before comparing to the credentials stored in the system. - getHashService() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- getHost() - Method in class org.apache.shiro.authc.BearerToken
- getHost() - Method in interface org.apache.shiro.authc.HostAuthenticationToken
-
Returns the host name of the client from where the authentication attempt originates or if the Shiro environment cannot or chooses not to resolve the hostname to improve performance, this method returns the String representation of the client's IP address.
- getHost() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the host name or IP string from where the authentication attempt occurs.
- getHost() - Method in exception org.apache.shiro.authz.HostUnauthorizedException
-
Returns the host associated with this exception.
- getHost() - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- getHost() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getHost() - Method in interface org.apache.shiro.session.mgt.SessionContext
-
Returns the originating host name or IP address (as a String) from where the
Subject
is initiating theSession
. - getHost() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getHost() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getHost() - Method in interface org.apache.shiro.session.Session
-
Returns the host name or IP string of the host that originated this session, or
null
if the host is unknown. - getHost() - Method in interface org.apache.shiro.subject.SubjectContext
-
Returns the host name or IP that should reflect the constructed
Subject
's originating location. - getHost() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getHost() - Method in class org.apache.shiro.subject.support.DelegatingSubject
-
Returns the host name or IP associated with the client who created/is interacting with this Subject.
- getHost(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getHost(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns the host name or IP string of the host where the session was started, if known.
- getId() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getId() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getId() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getId() - Method in interface org.apache.shiro.session.Session
-
Returns the unique identifier assigned by the system upon session creation.
- getIdentityToRemember(Subject, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
- getIni() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- getIni() - Method in class org.apache.shiro.realm.text.IniRealm
-
Returns the Ini instance used to configure this realm.
- getInstance() - Method in class org.apache.shiro.jndi.JndiObjectFactory
- getInstance() - Method in class org.apache.shiro.util.AbstractFactory
- getInterval() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- getJndiEnvironment() - Method in class org.apache.shiro.jndi.JndiLocator
-
Return the JNDI environment to use for JNDI lookups.
- getJndiNames() - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
-
Returns the JNDI names that will be used to look up Realm(s) from JNDI.
- getJndiTemplate() - Method in class org.apache.shiro.jndi.JndiLocator
-
Return the JNDI template to use for JNDI lookups.
- getLastAccessTime() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getLastAccessTime() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getLastAccessTime() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getLastAccessTime() - Method in interface org.apache.shiro.session.Session
-
Returns the last time the application received a request or method invocation from the user associated with this session.
- getLastAccessTime(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getLastAccessTime(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns the time the associated
Session
last interacted with the system. - getLdapContext(Object, Object) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- getLdapContext(Object, Object) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
This implementation returns an LdapContext based on the configured JNDI/LDAP environment configuration.
- getLdapContext(Object, Object) - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory
-
Creates (or retrieves from a pool) an
LdapContext
connection bound using the specified principal and credentials. - getLdapContext(String, String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.the
DefaultLdapContextFactory.getLdapContext(Object, Object)
method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release. - getLdapContext(String, String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Deprecated.the
JndiLdapContextFactory.getLdapContext(Object, Object)
method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release. - getLdapContext(String, String) - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory
-
Deprecated.the
LdapContextFactory.getLdapContext(Object, Object)
method should be used in all cases to ensure more than String principals and credentials can be used. - getLdapPrincipal(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Returns the principal to use when creating the LDAP connection for an authentication attempt.
- getMajorVersion() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Get the major version code.
- getMethod() - Method in interface org.apache.shiro.aop.MethodInvocation
-
Returns the actual
Method
to be invoked. - getMethodInterceptors() - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Returns the method interceptors to execute for the annotated method.
- getName() - Method in class org.apache.shiro.authz.SimpleRole
- getName() - Method in class org.apache.shiro.realm.CachingRealm
- getName() - Method in interface org.apache.shiro.realm.Realm
-
Returns the (application-unique) name assigned to this
Realm
. - getName(String, String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- getObject(String, Class<T>) - Method in class org.apache.shiro.env.DefaultEnvironment
- getObject(String, Class<T>) - Method in interface org.apache.shiro.env.NamedObjectEnvironment
-
Returns the object in Shiro's environment with the specified name and type or
null
if no object with that name was found. - getObjectPermissions() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns all object-based permissions assigned directly to this Account (not any of its realms).
- getObjectPermissions() - Method in interface org.apache.shiro.authz.AuthorizationInfo
-
Returns all type-safe
Permission
s assigned to the corresponding Subject. - getObjectPermissions() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
- getObjects() - Method in class org.apache.shiro.env.DefaultEnvironment
-
Returns the live (modifiable) internal objects collection.
- getParts() - Method in class org.apache.shiro.authz.permission.WildcardPermission
- getPassword() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the password submitted during an authentication attempt as a character array.
- getPasswordService() - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- getPermissionResolver() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns the PermissionResolver to be used on all configured realms, or
null
- getPermissionResolver() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getPermissions() - Method in class org.apache.shiro.authz.SimpleRole
- getPermissions(Connection, String, Collection<String>) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- getPermissions(AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- getPermissionString() - Method in exception org.apache.shiro.authz.permission.InvalidPermissionStringException
Returns the permission string that was invalid and caused this exception to be thrown.- getPreviousPrincipals() - Method in interface org.apache.shiro.subject.Subject
Returns the previous 'pre run as' identity of thisSubject
before assuming the currentrunAs
identity, ornull
if thisSubject
is not operating under an assumed identity (normal state).- getPreviousPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getPrimaryPrincipal() - Method in interface org.apache.shiro.subject.PrincipalCollection
Returns the primary principal used application-wide to uniquely identify the owning account/Subject.- getPrimaryPrincipal() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
Returns the first available principal from any of theRealm
principals, ornull
if there are no principals yet.- getPrimaryPrincipal() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getPrincipal() - Method in interface org.apache.shiro.authc.AuthenticationToken
Returns the account identity submitted during the authentication process.- getPrincipal() - Method in class org.apache.shiro.authc.BearerToken
- getPrincipal() - Method in class org.apache.shiro.authc.UsernamePasswordToken
Simply returnsgetUsername()
.- getPrincipal() - Method in interface org.apache.shiro.subject.Subject
Returns this Subject's application-wide uniquely identifying principal, ornull
if this Subject is anonymous because it doesn't yet have any associated account data (for example, if they haven't logged in).- getPrincipal() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getPrincipals() - Method in interface org.apache.shiro.authc.AuthenticationInfo
Returns all principals associated with the corresponding Subject.- getPrincipals() - Method in class org.apache.shiro.authc.SimpleAccount
Returns the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this Account.- getPrincipals() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
- getPrincipals() - Method in interface org.apache.shiro.subject.Subject
Returns this Subject's principals (identifying attributes) in the form of aPrincipalCollection
ornull
if this Subject is anonymous because it doesn't yet have any associated account data (for example, if they haven't logged in).- getPrincipals() - Method in interface org.apache.shiro.subject.SubjectContext
Returns the principals (aka identity) that the constructedSubject
should reflect.- getPrincipals() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getPrincipalsLazy(String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- getRandom() - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
- getRealmNames() - Method in interface org.apache.shiro.subject.PrincipalCollection
Returns the realm names that this collection has principals for.- getRealmNames() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- getRealmNames() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getRealmPrincipal(String, String) - Method in interface org.apache.shiro.subject.PrincipalMap
- getRealmPrincipal(String, String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getRealmPrincipals(String) - Method in interface org.apache.shiro.subject.PrincipalMap
- getRealmPrincipals(String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getRealms() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
Returns the realm(s) used by thisAuthenticator
during an authentication attempt.- getRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
Returns the realms wrapped by thisAuthorizer
which are consulted during an authorization check.- getRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager
Returns theRealm
s managed by this SecurityManager instance.- getRealms() - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
Performs the JNDI lookups for each specifiedJNDI name
and returns all discovered Realms in an ordered collection.- getRealms() - Method in interface org.apache.shiro.realm.RealmFactory
Returns a collection ofRealm
instances that will be used to construct the application's SecurityManager instance.- getReferral() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the LDAP referral behavior when creating a connection.- getReflectionBuilder() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
Deprecated.Returns the ReflectionBuilder instance used to create SecurityManagers object graph.- getRememberedIdentity(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- getRememberedPrincipals(SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
Implements the interface method by firstacquiring
the remembered serialized byte array.- getRememberedPrincipals(SubjectContext) - Method in interface org.apache.shiro.mgt.RememberMeManager
Based on the specified subject context map being used to build a Subject instance, returns any previously remembered principals for the subject for automatic identity association (aka 'Remember Me').- getRememberedSerializedIdentity(SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
Based on the given subject context data, retrieves the previously persisted serialized identity, ornull
if there is no available data.- getRememberMeManager() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- getRequiredType() - Method in class org.apache.shiro.jndi.JndiObjectFactory
- getResolver() - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
Returns theAnnotationResolver
to use to acquire annotations from intercepted methods at runtime.- getResourceName() - Method in class org.apache.shiro.jndi.JndiObjectFactory
- getResourcePath() - Method in class org.apache.shiro.realm.text.IniRealm
- getResources() - Static method in class org.apache.shiro.util.ThreadContext
Returns the ThreadLocal Map.- getRole(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getRoleDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- getRolename(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- getRoleNamesForGroups(Collection<String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
This method is called by the default implementation to translate Active Directory group names to role names.- getRoleNamesForUser(String, LdapContext) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- getRoleNamesForUser(Connection, String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- getRolePermissionResolver() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
Returns the RolePermissionResolver to be used on all configured realms, ornull
- getRolePermissionResolver() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getRoles() - Method in class org.apache.shiro.authc.SimpleAccount
Returnsthis.authzInfo.getRoles();
- getRoles() - Method in interface org.apache.shiro.authz.AuthorizationInfo
Returns the names of all roles assigned to a corresponding Subject.- getRoles() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
- getSalt(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
Deprecated.since Shiro 1.1. Hash salting is now expected to be based on if theAuthenticationInfo
returned from theRealm
is aSaltedAuthenticationInfo
instance and itsgetCredentialsSalt()
method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if theRealm
does not returnSaltedAuthenticationInfo
instances, but it is highly recommended thatRealm
implementations that support hashed credentials start returningSaltedAuthenticationInfo
instances as soon as possible. This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0.- getSaltForUser(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- getSecurityManager() - Method in class org.apache.shiro.env.DefaultEnvironment
Returns the application'sSecurityManager
instance accessible in the backing map using thesecurityManagerName
property as the lookup key.- getSecurityManager() - Method in interface org.apache.shiro.env.Environment
Returns the application'sSecurityManager
instance.- getSecurityManager() - Static method in class org.apache.shiro.SecurityUtils
Returns the SecurityManager accessible to the calling code.- getSecurityManager() - Method in interface org.apache.shiro.subject.SubjectContext
Returns the SecurityManager instance that should be used to back the constructedSubject
instance ornull
if one has not yet been provided to this context.- getSecurityManager() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSecurityManager() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getSecurityManager() - Static method in class org.apache.shiro.util.ThreadContext
Convenience method that simplifies retrieval of the application's SecurityManager instance from the current thread.- getSecurityManagerName() - Method in class org.apache.shiro.env.DefaultEnvironment
Returns the name of theSecurityManager
instance in the backing map.- getSerializer() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
Returns theSerializer
used to serialize and deserializePrincipalCollection
instances for persistent remember me storage.- getSession() - Method in interface org.apache.shiro.subject.Subject
Returns the applicationSession
associated with this Subject.- getSession() - Method in interface org.apache.shiro.subject.SubjectContext
Returns theSession
to use when building theSubject
instance.- getSession() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSession() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getSession(boolean) - Method in interface org.apache.shiro.subject.Subject
Returns the applicationSession
associated with this Subject.- getSession(boolean) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getSession(SessionKey) - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- getSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getSession(SessionKey) - Method in interface org.apache.shiro.session.mgt.SessionManager
Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), ornull
if no Session could be found.- getSessionDAO() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- getSessionFactory() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
Returns theSessionFactory
used to generate newSession
instances.- getSessionId() - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- getSessionId() - Method in class org.apache.shiro.session.mgt.DefaultSessionKey
- getSessionId() - Method in interface org.apache.shiro.session.mgt.SessionContext
- getSessionId() - Method in interface org.apache.shiro.session.mgt.SessionKey
Returns the id of the session to acquire.- getSessionId() - Method in interface org.apache.shiro.subject.SubjectContext
Returns the session id of the session that should be associated with the constructedSubject
instance.- getSessionId() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSessionId(SessionKey) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- getSessionIdGenerator() - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
Returns theSessionIdGenerator
used by theAbstractSessionDAO.generateSessionId(org.apache.shiro.session.Session)
method.- getSessionKey(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- getSessionListeners() - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
Returns this security manager's internal delegateSessionManager
.- getSessionManager() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- getSessionStorageEvaluator() - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
Returns theSessionStorageEvaluator
that will determine if aSubject
's state may be persisted in the Subject's session.- getSessionValidationInterval() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- getSessionValidationScheduler() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- getStartTimestamp() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getStartTimestamp() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getStartTimestamp() - Method in class org.apache.shiro.session.ProxiedSession
Immediately delegates to the underlying proxied session.- getStartTimestamp() - Method in interface org.apache.shiro.session.Session
Returns the time the session was started; that is, the time the system created the instance.- getStartTimestamp(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getStartTimestamp(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
Returns the time the associatedSession
started (was created).- getStopAfterFirstSuccess() - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
- getStopTimestamp() - Method in class org.apache.shiro.session.mgt.SimpleSession
Returns the time the session was stopped, or null if the session is still active.- getStoredPassword(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- getStringPermissions() - Method in class org.apache.shiro.authc.SimpleAccount
Returns all String-based permissions assigned to this Account.- getStringPermissions() - Method in interface org.apache.shiro.authz.AuthorizationInfo
Returns all string-based permissions assigned to the corresponding Subject.- getStringPermissions() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
- getSubject() - Method in class org.apache.shiro.aop.AnnotationHandler
Returns theSubject
associated with the currently-executing code.- getSubject() - Method in class org.apache.shiro.aop.MethodInterceptorSupport
Returns theSubject
associated with the currently-executing code.- getSubject() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
Returns the currently Subject instance that should be associated with Runnable or Callable instances before being dispatched to the targetExecutor
instance.- getSubject() - Static method in class org.apache.shiro.SecurityUtils
Returns the currently accessibleSubject
available to the calling code depending on runtime environment.- getSubject() - Method in interface org.apache.shiro.subject.SubjectContext
Returns any existingSubject
that may be in use at the time the newSubject
instance is being created.- getSubject() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSubject() - Method in class org.apache.shiro.subject.support.SubjectThreadState
Returns theSubject
instance managed by thisThreadState
implementation.- getSubject() - Static method in class org.apache.shiro.util.ThreadContext
Convenience method that simplifies retrieval of a thread-bound Subject.- getSubjectContext() - Method in class org.apache.shiro.subject.Subject.Builder
Returns the backing context used to build theSubject
instance, available to subclasses since thecontext
class attribute is marked asprivate
.- getSubjectDAO() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
Returns theSubjectDAO
responsible for persisting Subject state, typically used after login or when an Subject identity is discovered (eg after RememberMe services).- getSubjectFactory() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
Returns theSubjectFactory
responsible for creatingSubject
instances exposed to the application.- getSubmittedPassword(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- getSystemLdapContext() - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
Deprecated.- getSystemLdapContext() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
This implementation delegates toJndiLdapContextFactory.getLdapContext(Object, Object)
using thesystemUsername
andsystemPassword
properties as arguments.- getSystemLdapContext() - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory
Creates (or retrieves from a pool) aLdapContext
connection bound using the system account, or anonymously if no system account is configured.- getSystemPassword() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the password of thesystemUsername
that will be used when creating an LDAP connection used for authorization queries.- getSystemUsername() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the system username that will be used when creating an LDAP connection used for authorization queries.- getTargetExecutor() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
Returns the target Executor instance that will actually execute the subject-associated Runnable instances.- getTargetExecutorService() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- getTargets() - Method in class org.apache.shiro.authz.permission.DomainPermission
- getTargetScheduledExecutorService() - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- getThis() - Method in interface org.apache.shiro.aop.MethodInvocation
Returns the object that holds the current joinpoint's static part.- getThreadNamePrefix() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- getTimeout() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getTimeout() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getTimeout() - Method in class org.apache.shiro.session.ProxiedSession
Immediately delegates to the underlying proxied session.- getTimeout() - Method in interface org.apache.shiro.session.Session
Returns the time in milliseconds that the session session may remain idle before expiring.- getTimeout(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getTimeout(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
Returns the time in milliseconds that the associated session may remain idle before expiring.- getTimeout(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
Subclass template hook in case per-session timeout is not based onSession.getTimeout()
.- getToken() - Method in class org.apache.shiro.authc.BearerToken
- getTypedValue(String, Class<E>) - Method in class org.apache.shiro.util.MapContext
Performs aget
operation but additionally ensures that the value returned is of the specifiedtype
.- getUrl() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the LDAP url to connect to.- getUser(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getUserDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- getUserDn(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the LDAP User Distinguished Name (DN) to use when acquiring anLdapContext
from theLdapContextFactory
.- getUserDnPrefix() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the User DN prefix to use when building a runtime User DN value ornull
if nouserDnTemplate
has been configured.- getUserDnSuffix() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the User DN suffix to use when building a runtime User DN value.- getUserDnTemplate() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see thesetUserDnTemplate
JavaDoc for a full explanation.- getUsername() - Method in class org.apache.shiro.authc.UsernamePasswordToken
Returns the username submitted during an authentication attempt.- getUsername(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- getUsername(SimpleAccount) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getUsername(PrincipalCollection) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getVersion() - Static method in class org.apache.shiro.util.JavaEnvironment
Deprecated.Return the full Java version string, as returned bySystem.getProperty("java.version")
.- GuestAnnotationHandler - Class in org.apache.shiro.authz.aop
Checks to see if a @RequiresGuest
annotation is declared, and if so, ensures the callingSubject
does not have anidentity
before invoking the method.- GuestAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationHandler
Default no-argument constructor that ensures this interceptor looks forRequiresGuest
annotations in a method declaration.- GuestAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
Checks to see if a @RequiresGuest
annotation is declared, and if so, ensures the callingSubject
does not have anidentity
before invoking the method.- GuestAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationMethodInterceptor
Default no-argument constructor that ensures this interceptor looks forRequiresGuest
annotations in a method declaration.- GuestAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationMethodInterceptor
H
- hasAllRoles(Collection<String>) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject has all of the specified roles,false
otherwise. - hasAllRoles(Collection<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasAllRoles(PrincipalCollection, Collection<String>) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user has all of the specified roles, false otherwise.
- hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
iff any of the configured realms'ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String)
call returnstrue
for all roles specified,false
otherwise. - hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- hashCode() - Method in class org.apache.shiro.authc.SimpleAccount
-
If the
principals
are not null, returnsprincipals.hashCode()
, otherwise returns 0 (zero). - hashCode() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Returns the hashcode of the internal
principals
instance. - hashCode() - Method in class org.apache.shiro.authz.permission.WildcardPermission
- hashCode() - Method in class org.apache.shiro.authz.SimpleRole
- hashCode() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Returns the hashCode.
- hashCode() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- HashedCredentialsMatcher - Class in org.apache.shiro.authc.credential
-
A
HashedCredentialMatcher
provides support for hashing of suppliedAuthenticationToken
credentials before being compared to those in theAuthenticationInfo
from the data store. - HashedCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
JavaBeans-compatible no-arg constructor intended for use in IoC/Dependency Injection environments.
- HashedCredentialsMatcher(String) - Constructor for class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Creates an instance using the specified
hashAlgorithmName
to hash submitted credentials. - HashingPasswordService - Interface in org.apache.shiro.authc.credential
-
A
HashingPasswordService
is aPasswordService
that performs password encryption and comparisons based on cryptographicHash
es. - hashPassword(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- hashPassword(Object) - Method in interface org.apache.shiro.authc.credential.HashingPasswordService
-
Hashes the specified plaintext password using internal hashing configuration settings pertinent to password hashing.
- hashProvidedCredentials(Object, Object, int) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Hashes the provided credentials a total of
hashIterations
times, using the given salt. - hashProvidedCredentials(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Hash the provided
token
's credentials using the salt stored with the account if theinfo
instance is aninstanceof
SaltedAuthenticationInfo
(see the class-level JavaDoc for why this is the preferred approach). - hasPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasRole(String) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject has the specified role,false
otherwise. - hasRole(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasRole(String, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- hasRole(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user has the specified role, false otherwise.
- hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String)
call returnstrue
,false
otherwise. - hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- hasRoles(List<String>) - Method in interface org.apache.shiro.subject.Subject
-
Checks if this Subject has the specified roles, returning a boolean array indicating which roles are associated.
- hasRoles(List<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasRoles(List<String>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- hasRoles(PrincipalCollection, List<String>) - Method in interface org.apache.shiro.authz.Authorizer
-
Checks if the corresponding Subject/user has the specified roles, returning a boolean array indicating which roles are associated with the given subject.
- hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Calls
ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String)
for each role name in the specified collection and places the return value from each call at the respective location in the returned array. - hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- host - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- host(String) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will reflect the specified host name or IP as its originating location. - HostAuthenticationToken - Interface in org.apache.shiro.authc
-
A
HostAuthenticationToken
retains the host information from where an authentication attempt originates. - HostUnauthorizedException - Exception in org.apache.shiro.authz
-
Thrown when a particular client (that is, host address) has not been enabled to access the system or if the client has been enabled access but is not permitted to perform a particular operation or access a particular resource.
- HostUnauthorizedException() - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Creates a new HostUnauthorizedException.
- HostUnauthorizedException(String) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Constructs a new HostUnauthorizedException.
- HostUnauthorizedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Constructs a new HostUnauthorizedException.
- HostUnauthorizedException(Throwable) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Constructs a new HostUnauthorizedException.
I
- ImmutableProxiedSession - Class in org.apache.shiro.session.mgt
-
Implementation of the
Session
interface that proxies anotherSession
, but does not allow any 'write' operations to the underlying session. - ImmutableProxiedSession(Session) - Constructor for class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Constructs a new instance of this class proxying the specified
Session
. - implies(Permission) - Method in class org.apache.shiro.authz.permission.AllPermission
-
Always returns true, indicating any Subject granted this permission can do anything.
- implies(Permission) - Method in interface org.apache.shiro.authz.Permission
-
Returns
true
if this current instance implies all the functionality and/or resource access described by the specifiedPermission
argument,false
otherwise. - implies(Permission) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- IncorrectCredentialsException - Exception in org.apache.shiro.authc
-
Thrown when attempting to authenticate with credential(s) that do not match the actual credentials associated with the account principal.
- IncorrectCredentialsException() - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Creates a new IncorrectCredentialsException.
- IncorrectCredentialsException(String) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Constructs a new IncorrectCredentialsException.
- IncorrectCredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Constructs a new IncorrectCredentialsException.
- IncorrectCredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Constructs a new IncorrectCredentialsException.
- INI_REALM_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- IniFactorySupport<T> - Class in org.apache.shiro.config
-
Deprecated.use Shiro's
Environment
mechanisms instead. - IniFactorySupport() - Constructor for class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- IniFactorySupport(Ini) - Constructor for class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- IniRealm - Class in org.apache.shiro.realm.text
- IniRealm() - Constructor for class org.apache.shiro.realm.text.IniRealm
- IniRealm(String) - Constructor for class org.apache.shiro.realm.text.IniRealm
-
This constructor will immediately process the definitions in the
Ini
resolved from the specifiedresourcePath
. - IniRealm(Ini) - Constructor for class org.apache.shiro.realm.text.IniRealm
-
This constructor will immediately process the definitions in the
Ini
argument. - IniSecurityManagerFactory - Class in org.apache.shiro.config
-
Deprecated.use Shiro's
Environment
mechanisms instead. - IniSecurityManagerFactory() - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Creates a new instance.
- IniSecurityManagerFactory(String) - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- IniSecurityManagerFactory(Ini) - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- init() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Initializes this realm and potentially enables an authentication cache, depending on configuration.
- InvalidPermissionStringException - Exception in org.apache.shiro.authz.permission
-
Thrown by
PermissionResolver.resolvePermission(String)
when the String being parsed is not valid for that resolver. - InvalidPermissionStringException(String, String) - Constructor for exception org.apache.shiro.authz.permission.InvalidPermissionStringException
-
Constructs a new exception with the given message and permission string.
- InvalidResourceUsageException - Exception in org.apache.shiro.dao
-
Root exception indicating invalid or incorrect usage of a data access resource.
- InvalidResourceUsageException(String) - Constructor for exception org.apache.shiro.dao.InvalidResourceUsageException
-
Constructs an InvalidResourceUsageException with a message explaining the cause of the exception.
- InvalidResourceUsageException(String, Throwable) - Constructor for exception org.apache.shiro.dao.InvalidResourceUsageException
-
Constructs a InvalidResourceUsageException with a message explaining the cause of the exception.
- InvalidSessionException - Exception in org.apache.shiro.session
-
Exception thrown when attempting to interact with the system under an established session when that session is considered invalid.
- InvalidSessionException() - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Creates a new InvalidSessionException.
- InvalidSessionException(String) - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Constructs a new InvalidSessionException.
- InvalidSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Constructs a new InvalidSessionException.
- InvalidSessionException(Throwable) - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Constructs a new InvalidSessionException.
- invoke(MethodInvocation) - Method in interface org.apache.shiro.aop.MethodInterceptor
-
Invokes the specified
MethodInvocation
, allowing implementations to perform pre/post/finally surrounding the actual invocation. - invoke(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
-
Ensures the
methodInvocation
is allowed to execute first before proceeding by calling theassertAuthorized
method first. - invoke(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
-
Invokes the specified method (
methodInvocation.
if authorization is allowed by first callingproceed
()assertAuthorized
. - invokeAll(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- invokeAll(Collection<? extends Callable<T>>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- invokeAny(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- invokeAny(Collection<? extends Callable<T>>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- isAtLeastVersion14() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Convenience method to determine if the current JVM is at least Java 1.4.
- isAtLeastVersion15() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Convenience method to determine if the current JVM is at least Java 1.5 (Java 5).
- isAtLeastVersion16() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Convenience method to determine if the current JVM is at least Java 1.6 (Java 6).
- isAuthenticated() - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject/user proved their identity during their current session by providing valid credentials matching those known to the system,false
otherwise. - isAuthenticated() - Method in interface org.apache.shiro.subject.SubjectContext
-
Returns
true
if the constructedSubject
should be considered authenticated,false
otherwise. - isAuthenticated() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- isAuthenticated() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isAuthenticationCachingEnabled() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns
true
if authentication caching should be utilized if aCacheManager
has beenconfigured
,false
otherwise. - isAuthenticationCachingEnabled(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns
true
if authentication caching should be utilized based on the specifiedAuthenticationToken
and/orAuthenticationInfo
,false
otherwise. - isAuthorizationCachingEnabled() - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Returns
true
if authorization caching should be utilized if aCacheManager
has beenconfigured
,false
otherwise. - isAutoApplyRealms(SecurityManager) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- isCachingEnabled() - Method in class org.apache.shiro.realm.CachingRealm
- isCaseSensitive() - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Return true if this resolver produces case sensitive permissions.
- isCredentialsExpired() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns whether or not the Account's credentials are expired.
- isDeleteInvalidSessions() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Returns
true
if sessions should be automatically deleted after they are discovered to be invalid,false
if invalid sessions will be manually deleted by some process external to Shiro's control. - isEmpty() - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns
true
if this collection is empty,false
otherwise. - isEmpty() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- isEmpty() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- isEmpty() - Method in class org.apache.shiro.util.MapContext
- isEmpty(Collection) - Static method in class org.apache.shiro.util.CollectionUtils
- isEmpty(Map) - Static method in class org.apache.shiro.util.CollectionUtils
- isEmpty(PrincipalCollection) - Static method in class org.apache.shiro.util.CollectionUtils
-
Deprecated.Use PrincipalCollection.isEmpty() directly.
- isEnabled() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- isEnabled() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler
-
Returns
true
if this Scheduler is enabled and ready to begin validation at the appropriate time,false
otherwise. - isExpired() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Returns true if this session has expired, false otherwise.
- isHashSalted() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Deprecated.since Shiro 1.1. Hash salting is now expected to be based on if the
AuthenticationInfo
returned from theRealm
is aSaltedAuthenticationInfo
instance and itsgetCredentialsSalt()
method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if theRealm
does not returnSaltedAuthenticationInfo
instances, but it is highly recommended thatRealm
implementations that support hashed credentials start returningSaltedAuthenticationInfo
instances as soon as possible. This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0. - isLocked() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns
true
if this Account is locked and thus cannot be used to login,false
otherwise. - isPattern(String) - Method in class org.apache.shiro.util.AntPathMatcher
- isPermitted(String) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject is permitted to perform an action or access a resource summarized by the specified permission string. - isPermitted(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(String...) - Method in interface org.apache.shiro.subject.Subject
-
Checks if this Subject implies the given permission strings and returns a boolean array indicating which permissions are implied.
- isPermitted(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(List<Permission>) - Method in interface org.apache.shiro.subject.Subject
-
Checks if this Subject implies the given Permissions and returns a boolean array indicating which permissions are implied.
- isPermitted(List<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(List<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(Permission) - Method in class org.apache.shiro.authz.SimpleRole
- isPermitted(Permission) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject is permitted to perform an action or access a resource summarized by the specified permission. - isPermitted(Permission) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(Permission, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding subject/user is permitted to perform an action or access a resource summarized by the specified permission string.
- isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, String)
returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Checks if the corresponding Subject implies the given permission strings and returns a boolean array indicating which permissions are implied.
- isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermittedAll(org.apache.shiro.subject.PrincipalCollection, String...)
call returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, List<Permission>) - Method in interface org.apache.shiro.authz.Authorizer
-
Checks if the corresponding Subject/user implies the given Permissions and returns a boolean array indicating which permissions are implied.
- isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, List)
call returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, Permission) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding subject/user is permitted to perform an action or access a resource summarized by the specified permission.
- isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission)
call returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermittedAll(String...) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject implies all of the specified permission strings,false
otherwise. - isPermittedAll(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermittedAll(Collection<Permission>) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject implies all of the specified permissions,false
otherwise. - isPermittedAll(Collection<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermittedAll(Collection<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermittedAll(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user implies all of the specified permission strings, false otherwise.
- isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, String)
call returnstrue
for all of the specified string permissions,false
otherwise. - isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user implies all of the specified permissions, false otherwise.
- isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission)
call returnstrue
for all of the specified Permissions,false
otherwise. - isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPoolingConnections(Object) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns
true
if LDAP connection pooling should be used when acquiring a connection based on the specified account principal,false
otherwise. - isPoolingEnabled() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns whether or not connection pooling should be used when possible and appropriate.
- isRemembered() - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if thisSubject
has an identity (it is not anonymous) and the identity (akaprincipals
) is remembered from a successful authentication during a previous session. - isRemembered() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isRememberMe() - Method in interface org.apache.shiro.authc.RememberMeAuthenticationToken
-
Returns
true
if the submitting user wishes their identity (principal(s)) to be remembered across sessions,false
otherwise. - isRememberMe() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns true if the submitting user wishes their identity (principal(s)) to be remembered across sessions, false otherwise.
- isRememberMe(AuthenticationToken) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Determines whether or not remember me services should be performed for the specified token.
- isResourceRef() - Method in class org.apache.shiro.jndi.JndiLocator
-
Return whether the lookup occurs in a J2EE container.
- isRolename(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- isRunAs() - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if thisSubject
is 'running as' another identity other than its original one orfalse
otherwise (normalSubject
state). - isRunAs() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isSessionCreationEnabled() - Method in interface org.apache.shiro.subject.SubjectContext
-
Returns
true
if the constructedSubject
should be allowed to create a session,false
otherwise. - isSessionCreationEnabled() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- isSessionCreationEnabled() - Method in class org.apache.shiro.subject.support.DelegatingSubject
-
Returns
true
if this Subject is allowed to create sessions,false
otherwise. - isSessionStorageEnabled() - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
-
Returns
true
if any Subject'sSession
may be used to persist thatSubject
's state,false
otherwise. - isSessionStorageEnabled(Subject) - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
-
This implementation functions as follows: If the specified Subject already has an existing
Session
(typically because an application developer has calledsubject.getSession()
already), Shiro will use that existing session to store subject state. If a Subject does not yet have a Session, this implementation checks thesessionStorageEnabled
property: IfsessionStorageEnabled
is true (the default setting), a new session may be created to persist Subject state if necessary. IfsessionStorageEnabled
isfalse
, a new session will not be created to persist session state. Most applications use Sessions and are OK with the defaulttrue
setting forsessionStorageEnabled
. - isSessionStorageEnabled(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Determines if the subject's session will be used to persist subject state or not.
- isSessionStorageEnabled(Subject) - Method in interface org.apache.shiro.mgt.SessionStorageEvaluator
-
Returns
true
if the specifiedSubject
'ssession
may be used to persist that Subject's state,false
otherwise. - isSessionValidationSchedulerEnabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- isShutdown() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- isSingleton() - Method in class org.apache.shiro.util.AbstractFactory
- isStopped() - Method in class org.apache.shiro.session.mgt.SimpleSession
- isStoredCredentialsHexEncoded() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns
true
if the system's stored credential hash is Hex encoded,false
if it is Base64 encoded. - isTerminated() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- isTimedOut() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Determines if this session is expired.
- isUsername(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- isValid() - Method in class org.apache.shiro.session.mgt.SimpleSession
- isValid() - Method in interface org.apache.shiro.session.mgt.ValidatingSession
- isValid(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- isValid(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns
true
if the associated session is valid (it exists and is not stopped nor expired),false
otherwise. - iterator() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- iterator() - Method in class org.apache.shiro.subject.SimplePrincipalMap
J
- JAVA_13 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.3.x JVM (JDK 1.3).
- JAVA_14 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.4.x JVM (J2SE 1.4).
- JAVA_15 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.5 JVM (Java 5).
- JAVA_16 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.6 JVM (Java 6).
- JAVA_17 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.7 JVM.
- JAVA_18 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.8 JVM.
- JavaEnvironment - Class in org.apache.shiro.util
-
Deprecated.This class is no longer used in Shiro and will be removed in the next major version.
- JavaEnvironment() - Constructor for class org.apache.shiro.util.JavaEnvironment
-
Deprecated.
- JavaUuidSessionIdGenerator - Class in org.apache.shiro.session.mgt.eis
-
SessionIdGenerator
that generates String values of JDKUUID
's as the session IDs. - JavaUuidSessionIdGenerator() - Constructor for class org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator
- JdbcRealm - Class in org.apache.shiro.realm.jdbc
-
Realm that allows authentication and authorization via JDBC calls.
- JdbcRealm() - Constructor for class org.apache.shiro.realm.jdbc.JdbcRealm
- JdbcRealm.SaltStyle - Enum in org.apache.shiro.realm.jdbc
-
Password hash salt configuration.
- JdbcUtils - Class in org.apache.shiro.util
-
A set of static helper methods for managing JDBC API objects.
- JndiCallback - Interface in org.apache.shiro.jndi
-
Callback interface to be implemented by classes that need to perform an operation (such as a lookup) in a JNDI context.
- JndiLdapContextFactory - Class in org.apache.shiro.realm.ldap
-
LdapContextFactory
implementation using the default Sun/Oracle JNDI Ldap API, utilizing JNDI environment properties and anInitialContext
. - JndiLdapContextFactory() - Constructor for class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Default no-argument constructor that initializes the backing
environment template
with thecontextFactoryClassName
equal tocom.sun.jndi.ldap.LdapCtxFactory
(the Sun/Oracle default) and the defaultreferral
behavior tofollow
. - JndiLdapRealm - Class in org.apache.shiro.realm.ldap
-
Deprecated.Renamed to
DefaultLdapRealm
, this class will be removed prior to 2.0 - JndiLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.JndiLdapRealm
-
Deprecated.
- JndiLocator - Class in org.apache.shiro.jndi
-
Convenient superclass for JNDI accessors, providing "jndiTemplate" and "jndiEnvironment" bean properties.
- JndiLocator() - Constructor for class org.apache.shiro.jndi.JndiLocator
- JndiObjectFactory<T> - Class in org.apache.shiro.jndi
-
A factory implementation intended to be used to look up objects in jndi.
- JndiObjectFactory() - Constructor for class org.apache.shiro.jndi.JndiObjectFactory
- JndiRealmFactory - Class in org.apache.shiro.realm.jndi
-
Looks up one or more Realm instances from JNDI using specified
jndiNames
. - JndiRealmFactory() - Constructor for class org.apache.shiro.realm.jndi.JndiRealmFactory
- JndiTemplate - Class in org.apache.shiro.jndi
-
Helper class that simplifies JNDI operations.
- JndiTemplate() - Constructor for class org.apache.shiro.jndi.JndiTemplate
-
Create a new JndiTemplate instance.
- JndiTemplate(Properties) - Constructor for class org.apache.shiro.jndi.JndiTemplate
-
Create a new JndiTemplate instance, using the given environment.
K
- keySet() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- keySet() - Method in class org.apache.shiro.util.MapContext
L
- LdapContextFactory - Interface in org.apache.shiro.realm.ldap
-
Interface that encapsulates the creation of
LdapContext
objects that are used byDefaultLdapRealm
s to perform authentication attempts and query for authorization data. - LdapUtils - Class in org.apache.shiro.realm.ldap
-
Utility class providing static methods to make working with LDAP easier.
- LdapUtils() - Constructor for class org.apache.shiro.realm.ldap.LdapUtils
- loadDefaultClassPathIni() - Static method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Returns a new Ini instance created from the default
classpath:shiro.ini
file, ornull
if the file does not exist. - LockedAccountException - Exception in org.apache.shiro.authc
-
A special kind of DisabledAccountException, this exception is thrown when attempting to authenticate and the corresponding account has been disabled explicitly due to being locked.
- LockedAccountException() - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Creates a new LockedAccountException.
- LockedAccountException(String) - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Constructs a new LockedAccountException.
- LockedAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Constructs a new LockedAccountException.
- LockedAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Constructs a new LockedAccountException.
- logical() - Method in annotation type org.apache.shiro.authz.annotation.RequiresPermissions
-
The logical operation for the permission checks in case multiple roles are specified.
- logical() - Method in annotation type org.apache.shiro.authz.annotation.RequiresRoles
-
The logical operation for the permission check in case multiple roles are specified.
- Logical - Enum in org.apache.shiro.authz.annotation
-
An enum for specifying a logical operation that can be used for interpreting authorization annotations
- login(AuthenticationToken) - Method in interface org.apache.shiro.subject.Subject
-
Performs a login attempt for this Subject/user.
- login(AuthenticationToken) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- login(Subject, AuthenticationToken) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
First authenticates the
AuthenticationToken
argument, and if successful, constructs aSubject
instance representing the authenticated account's identity. - login(Subject, AuthenticationToken) - Method in interface org.apache.shiro.mgt.SecurityManager
-
Logs in the specified Subject using the given
authenticationToken
, returning an updated Subject instance reflecting the authenticated state if successful or throwingAuthenticationException
if it is not. - logout() - Method in interface org.apache.shiro.subject.Subject
-
Logs out this Subject and invalidates and/or removes any associated entities, such as a
Session
and authorization data. - logout() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- logout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- logout(Subject) - Method in interface org.apache.shiro.mgt.SecurityManager
-
Logs out the specified Subject from the system.
- LogoutAware - Interface in org.apache.shiro.authc
-
An SPI interface allowing cleanup logic to be executed during logout of a previously authenticated Subject/user.
- lookup(String) - Method in class org.apache.shiro.jndi.JndiLocator
-
Perform an actual JNDI lookup for the given name via the JndiTemplate.
- lookup(String) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Look up the object with the given name in the current JNDI context.
- lookup(String, Class) - Method in class org.apache.shiro.jndi.JndiLocator
-
Perform an actual JNDI lookup for the given name via the JndiTemplate.
- lookup(String, Class) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Look up the object with the given name in the current JNDI context.
- lookupSecurityManager() - Method in class org.apache.shiro.env.DefaultEnvironment
-
Looks up the
SecurityManager
instance in the backing map without performing any non-null guarantees.
M
- MAIN_SECTION_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- MapContext - Class in org.apache.shiro.util
-
A
MapContext
provides a common base for context-based data storage in aMap
. - MapContext() - Constructor for class org.apache.shiro.util.MapContext
- MapContext(Map<String, Object>) - Constructor for class org.apache.shiro.util.MapContext
- match(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
- matches(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
- matches(String, String) - Method in interface org.apache.shiro.util.PatternMatcher
-
Returns
true
if the givensource
matches the specifiedpattern
,false
otherwise. - matches(String, String) - Method in class org.apache.shiro.util.RegExPatternMatcher
-
Simple implementation that merely uses the default pattern comparison logic provided by the JDK.
- matchStart(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
- Md2CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Md2CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Md2CredentialsMatcher
-
Deprecated.
- Md5CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Md5CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Md5CredentialsMatcher
-
Deprecated.
- MemorySessionDAO - Class in org.apache.shiro.session.mgt.eis
-
Simple memory-based implementation of the SessionDAO that stores all of its sessions in an in-memory
ConcurrentMap
. - MemorySessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- MergableAuthenticationInfo - Interface in org.apache.shiro.authc
-
An extension of the
AuthenticationInfo
interface to be implemented by classes that support merging with otherAuthenticationInfo
instances. - merge(AuthenticationInfo) - Method in interface org.apache.shiro.authc.MergableAuthenticationInfo
-
Merges the given
AuthenticationInfo
into this instance. - merge(AuthenticationInfo) - Method in class org.apache.shiro.authc.SimpleAccount
-
Merges the specified
AuthenticationInfo
into thisAccount
. - merge(AuthenticationInfo) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Takes the specified
info
argument and adds its principals and credentials into this instance. - merge(AuthenticationInfo, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Merges the specified
info
argument into theaggregate
argument and then returns an aggregate for continued use throughout the login process. - merge(AuthenticationInfo, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
-
Returns the specified
aggregate
instance if is non null and valid (that is, has principals and they are not empty) immediately, or, if it is null or not valid, theinfo
argument is returned instead. - mergeAuthenticationState(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Merges the Subject's current authentication state with whatever may be in any available session.
- mergePrincipals(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Merges the Subject's current
Subject.getPrincipals()
with whatever may be in any available session. - MethodInterceptor - Interface in org.apache.shiro.aop
-
A MethodInterceptor intercepts a MethodInvocation to perform before or after logic (aka 'advice').
- methodInterceptors - Variable in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
The method interceptors to execute for the annotated method.
- MethodInterceptorSupport - Class in org.apache.shiro.aop
-
This class is an abstraction of AOP method interceptor behavior specific to Shiro that leaves AOP implementation specifics to be handled by subclass implementations.
- MethodInterceptorSupport() - Constructor for class org.apache.shiro.aop.MethodInterceptorSupport
-
Default no-argument constructor for subclasses.
- MethodInvocation - Interface in org.apache.shiro.aop
-
3rd-party API independent representation of a method invocation.
- MILLIS_PER_HOUR - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
- MILLIS_PER_HOUR - Static variable in class org.apache.shiro.session.mgt.SimpleSession
- MILLIS_PER_MINUTE - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
- MILLIS_PER_MINUTE - Static variable in class org.apache.shiro.session.mgt.SimpleSession
- MILLIS_PER_SECOND - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
- MILLIS_PER_SECOND - Static variable in class org.apache.shiro.session.mgt.SimpleSession
- ModularRealmAuthenticator - Class in org.apache.shiro.authc.pam
-
A
ModularRealmAuthenticator
delegates account lookups to a pluggable (modular) collection ofRealm
s. - ModularRealmAuthenticator() - Constructor for class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Default no-argument constructor which
enables
anAtLeastOneSuccessfulStrategy
by default. - ModularRealmAuthorizer - Class in org.apache.shiro.authz
-
A ModularRealmAuthorizer is an Authorizer implementation that consults one or more configured
Realm
s during an authorization operation. - ModularRealmAuthorizer() - Constructor for class org.apache.shiro.authz.ModularRealmAuthorizer
-
Default no-argument constructor, does nothing.
- ModularRealmAuthorizer(Collection<Realm>) - Constructor for class org.apache.shiro.authz.ModularRealmAuthorizer
-
Constructor that accepts the
Realm
s to consult during an authorization check. - MutablePrincipalCollection - Interface in org.apache.shiro.subject
-
A
PrincipalCollection
that allows modification.
N
- name - Variable in class org.apache.shiro.authz.SimpleRole
- NamedObjectEnvironment - Interface in org.apache.shiro.env
-
An environment that supports object lookup by name.
- NativeSessionManager - Interface in org.apache.shiro.session.mgt
-
A
Native
session manager is one that manages sessions natively - that is, it is directly responsible for the creation, persistence and removal ofSession
instances and their lifecycles. - newHashInstance() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns a new, uninitialized instance, without its byte array set.
- newSessionInstance(SessionContext) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- newSubjectContextInstance() - Method in class org.apache.shiro.subject.Subject.Builder
-
Creates a new
SubjectContext
instance to be used to populate with subject contextual data that will then be sent to theSecurityManager
to create a newSubject
instance. - newSubjectInstance(PrincipalCollection, boolean, String, Session, SecurityManager) - Method in class org.apache.shiro.mgt.DefaultSubjectFactory
-
Deprecated.since 1.2 - override
DefaultSubjectFactory.createSubject(org.apache.shiro.subject.SubjectContext)
directly if you need to instantiate a customSubject
class. - NO_SALT - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
- notifyExpiration(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- notifyFailure(AuthenticationToken, AuthenticationException) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Notifies any registered
AuthenticationListener
s that authentication failed for the specifiedtoken
which resulted in the specifiedae
exception. - notifyLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Notifies any registered
AuthenticationListener
s that aSubject
has logged-out. - notifyStart(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Notifies any interested
SessionListener
s that a Session has started. - notifyStop(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- notifySuccess(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Notifies any registered
AuthenticationListener
s that authentication was successful for the specifiedtoken
which resulted in the specifiedinfo
. - nullSafePut(String, Object) - Method in class org.apache.shiro.util.MapContext
-
Places a value in this context map under the given key only if the given
value
argument is not null.
O
- objectPermissions - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Collection of all object-based permissions associated with the account.
- objects - Variable in class org.apache.shiro.env.DefaultEnvironment
- onChange(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- onChange(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- oneByType(Class<T>) - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns the first discovered principal assignable from the specified type, or
null
if there are none of the specified type. - oneByType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- oneByType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- onEquals(SimpleSession) - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Provides an attribute-based comparison (no ID comparison) - incurred only when 'this' or the session object being compared for equality do not have a session id.
- onExpiration(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- onExpiration(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- onExpiration(Session) - Method in interface org.apache.shiro.session.SessionListener
-
Notification callback that occurs when the corresponding Session has expired.
- onExpiration(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter
-
Adapter no-op implementation - does nothing and returns immediately.
- onExpiration(Session, ExpiredSessionException, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- onFailedLogin(AuthenticationToken, AuthenticationException, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- onFailedLogin(Subject, AuthenticationToken, AuthenticationException) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Reacts to a failed login by immediately
forgetting
any previously remembered identity. - onFailedLogin(Subject, AuthenticationToken, AuthenticationException) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Reacts to a failed authentication attempt, typically by forgetting any previously remembered principals for the Subject.
- onFailure(AuthenticationToken, AuthenticationException) - Method in interface org.apache.shiro.authc.AuthenticationListener
-
Callback triggered when an authentication attempt for a
Subject
has failed. - onInit() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Template method for subclasses to implement any initialization logic.
- onInit() - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Initializes this realm and potentially enables a cache, depending on configuration.
- onInit() - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- onInit() - Method in class org.apache.shiro.realm.text.IniRealm
- onInit() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- onInit() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
-
Will call 'processDefinitions' on startup.
- onInvalidation(Session, InvalidSessionException, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- onLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
This implementation merely calls
notifyLogout
to allow any registered listeners to react to the logout. - onLogout(PrincipalCollection) - Method in interface org.apache.shiro.authc.AuthenticationListener
-
Callback triggered when a
Subject
logs-out of the system. - onLogout(PrincipalCollection) - Method in interface org.apache.shiro.authc.LogoutAware
-
Callback triggered when a
Subject
logs out of the system. - onLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
First calls
super.onLogout(principals)
to ensure a logout notification is issued, and for each wrappedRealm
that implements theLogoutAware
interface, calls((LogoutAware)realm).onLogout(principals)
to allow each realm the opportunity to perform logout/cleanup operations during an user-logout. - onLogout(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
If caching is enabled, this will clear any cached data associated with the specified account identity.
- onLogout(Subject) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Reacts to a subject logging out of the application and immediately
forgets
any previously stored identity and returns. - onLogout(Subject) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Reacts to a Subject logging out of the application, typically by forgetting any previously remembered principals for the Subject.
- onRememberedPrincipalFailure(RuntimeException, SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Called when an exception is thrown while trying to retrieve principals.
- onStart(Session) - Method in interface org.apache.shiro.session.SessionListener
-
Notification callback that occurs when the corresponding Session has started.
- onStart(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter
-
Adapter no-op implementation - does nothing and returns immediately.
- onStart(Session, SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Template method that allows subclasses to react to a new session being created.
- onStop(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- onStop(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- onStop(Session) - Method in interface org.apache.shiro.session.SessionListener
-
Notification callback that occurs when the corresponding Session has stopped, either programmatically via
Session.stop()
or automatically upon a subject logging out. - onStop(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter
-
Adapter no-op implementation - does nothing and returns immediately.
- onStop(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- onSuccess(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.AuthenticationListener
-
Callback triggered when an authentication attempt for a
Subject
has succeeded. - onSuccessfulLogin(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- onSuccessfulLogin(Subject, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Reacts to the successful login attempt by first always
forgetting
any previously stored identity. - onSuccessfulLogin(Subject, AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Reacts to a successful authentication attempt, typically saving the principals to be retrieved ('remembered') for future system access.
- OR - org.apache.shiro.authz.annotation.Logical
- org.apache.shiro - package org.apache.shiro
-
This package primarily exists as a root classpath distinction, but it does contain two core classes widely used by applications,
SecurityUtils
andShiroException
. - org.apache.shiro.aop - package org.apache.shiro.aop
-
Components used to support the framework's AOP/interception support classes.
- org.apache.shiro.authc - package org.apache.shiro.authc
-
Core interfaces and exceptions concerning Authentication (the act of logging-in).
- org.apache.shiro.authc.credential - package org.apache.shiro.authc.credential
-
Support for validating credentials (such as passwords or X509 certificates) during authentication via the
CredentialsMatcher
interface and its supporting implementations. - org.apache.shiro.authc.pam - package org.apache.shiro.authc.pam
-
Support for PAM, or Pluggable Authentication Modules, which is the capability to authenticate a user against multiple configurable (pluggable) modules (Shiro calls these
Realm
s). - org.apache.shiro.authz - package org.apache.shiro.authz
-
Core interfaces and exceptions supporting Authorization (access control).
- org.apache.shiro.authz.annotation - package org.apache.shiro.authz.annotation
-
Annotations used to restrict which classes, instances, or methods may be accessed or invoked depending on the caller's access abilities or authentication state.
- org.apache.shiro.authz.aop - package org.apache.shiro.authz.aop
-
Contains AOP implementation support classes specifically used for authorization operations, particularly supporting AOP Method Interceptors and JSR-175 metadata Annotations.
- org.apache.shiro.authz.permission - package org.apache.shiro.authz.permission
-
Support and default implementations for Shiro's
Permission
interface. - org.apache.shiro.concurrent - package org.apache.shiro.concurrent
-
Executor
,ExecutorService
, andScheduledExecutorService
implementations for transparentSubject
association with threads in an asynchronous execution environment. - org.apache.shiro.config - package org.apache.shiro.config
- org.apache.shiro.dao - package org.apache.shiro.dao
-
Package containing various components useful when building Data Access Objects (DAOs), including a generic Data Access Exception hierarchy.
- org.apache.shiro.env - package org.apache.shiro.env
-
Concepts used to represent Shiro's aggregate state in an application.
- org.apache.shiro.jndi - package org.apache.shiro.jndi
-
Enables accessing objects located in JNDI that might be useful when configuring a Shiro-enabled application.
- org.apache.shiro.ldap - package org.apache.shiro.ldap
- org.apache.shiro.mgt - package org.apache.shiro.mgt
-
Provides the master
SecurityManager
interface and a default implementation hierarchy for managing all aspects of Shiro's functionality in an application. - org.apache.shiro.realm - package org.apache.shiro.realm
-
Components and sub-packages used in supporting the core
Realm
interface. - org.apache.shiro.realm.activedirectory - package org.apache.shiro.realm.activedirectory
-
Realms that acquire security data from a Microsoft Active Directory.
- org.apache.shiro.realm.jdbc - package org.apache.shiro.realm.jdbc
-
Realms that acquire security data from an RDBMS (Relational Database Management System) using the JDBC API.
- org.apache.shiro.realm.jndi - package org.apache.shiro.realm.jndi
-
Support for acquiring Realms from JNDI, particularly useful for configuring Shiro in JEE or EJB environments.
- org.apache.shiro.realm.ldap - package org.apache.shiro.realm.ldap
-
Realms that acquire security data from an LDAP (Lightweight Directory Access Protocol) server utilizing LDAP/Naming APIs.
- org.apache.shiro.realm.text - package org.apache.shiro.realm.text
-
Realms that acquire security data from text-based data sources such as
File
s or text streams. - org.apache.shiro.session - package org.apache.shiro.session
-
Components related to managing sessions, the time-based data contexts in which a Subject interacts with an application.
- org.apache.shiro.session.mgt - package org.apache.shiro.session.mgt
-
SessionManager
components supporting enterprise session management. - org.apache.shiro.session.mgt.eis - package org.apache.shiro.session.mgt.eis
-
EIS (Enterprise Information System)-tier components that can perform CRUD operations for sessions using any EIS API.
- org.apache.shiro.subject - package org.apache.shiro.subject
-
Components supporting the
Subject
interface, the most important concept in Shiro's API. - org.apache.shiro.subject.support - package org.apache.shiro.subject.support
-
Concrete support implementations of most of the
org.apache.shiro.subject
interfaces. - org.apache.shiro.util - package org.apache.shiro.util
-
Your run-of-the-mill 'util' package for components and logic widely used across the framework that can't find their home into a proper OO hierarchy (or, most likely for things used across many hierarchies).
P
- PART_DIVIDER_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- PasswordMatcher - Class in org.apache.shiro.authc.credential
-
A
CredentialsMatcher
that employs best-practices comparisons for hashed text passwords. - PasswordMatcher() - Constructor for class org.apache.shiro.authc.credential.PasswordMatcher
- PasswordService - Interface in org.apache.shiro.authc.credential
-
A
PasswordService
supports common use cases when using passwords as a credentials mechanism. - passwordsMatch(Object, String) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- passwordsMatch(Object, String) - Method in interface org.apache.shiro.authc.credential.PasswordService
-
Returns
true
if thesubmittedPlaintext
password matches the existingsaved
password,false
otherwise. - passwordsMatch(Object, Hash) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- passwordsMatch(Object, Hash) - Method in interface org.apache.shiro.authc.credential.HashingPasswordService
-
Returns
true
if thesubmittedPlaintext
password matches the existingsavedPasswordHash
,false
otherwise. - PatternMatcher - Interface in org.apache.shiro.util
-
Interface for components that can match source strings against a specified pattern string.
- Permission - Interface in org.apache.shiro.authz
-
A Permission represents the ability to perform an action or access a resource.
- PermissionAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresPermissions
annotation is declared, and if so, performs a permission check to see if the callingSubject
is allowed continued access. - PermissionAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationHandler
-
Default no-argument constructor that ensures this handler looks for
RequiresPermissions
annotations. - PermissionAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresPermissions
annotation is declared, and if so, performs a permission check to see if the callingSubject
is allowed to call the method. - PermissionAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresPermissions
annotations in a method declaration. - PermissionAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationMethodInterceptor
- permissionResolver - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer
-
A PermissionResolver to be used by all configured realms.
- PermissionResolver - Interface in org.apache.shiro.authz.permission
-
A
PermisisonResolver
resolves a String value and converts it into aPermission
instance. - PermissionResolverAware - Interface in org.apache.shiro.authz.permission
-
Interface implemented by a component that wishes to use any application-configured PermissionResolver that might already exist instead of potentially creating one itself.
- permissions - Variable in class org.apache.shiro.authz.SimpleRole
- permissionsLookupEnabled - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- permissionsQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- PermissionUtils - Class in org.apache.shiro.util
-
Utility class to help with String-to-Permission object resolution.
- PermissionUtils() - Constructor for class org.apache.shiro.util.PermissionUtils
- PrincipalCollection - Interface in org.apache.shiro.subject
-
A collection of all principals associated with a corresponding
Subject
. - PrincipalMap - Interface in org.apache.shiro.subject
-
EXPERIMENTAL - DO NOT USE YET
- principals - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
The principals identifying the account associated with this AuthenticationInfo instance.
- principals - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- principals(PrincipalCollection) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will reflect the specified principals (aka identity). - PRINCIPALS_SESSION_KEY - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext
-
The session key that is used to store subject principals.
- principalSuffix - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- principalSuffix - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- proceed() - Method in interface org.apache.shiro.aop.MethodInvocation
-
Continues the method invocation chain, or if the last in the chain, the method itself.
- processDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processRoleDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processRoleDefinitions(Map<String, String>) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processUserDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processUserDefinitions(Map<String, String>) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- PropertiesRealm - Class in org.apache.shiro.realm.text
-
A
TextConfigurationRealm
that defers all logic to the parent class, but just enablesProperties
based configuration in addition to the parent class's String configuration. - PropertiesRealm() - Constructor for class org.apache.shiro.realm.text.PropertiesRealm
- ProxiedSession - Class in org.apache.shiro.session
-
Simple
Session
implementation that immediately delegates all corresponding calls to an underlying proxied session instance. - ProxiedSession(Session) - Constructor for class org.apache.shiro.session.ProxiedSession
-
Constructs an instance that proxies the specified
target
. - publishEvent(Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Publishes events on the event bus if the event bus is non-null, otherwise does nothing.
- put(Object, Object) - Static method in class org.apache.shiro.util.ThreadContext
-
Binds value for the given
key
to the current thread. - put(String, Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- put(String, Object) - Method in class org.apache.shiro.util.MapContext
- putAll(Map<? extends String, ?>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- putAll(Map<? extends String, ?>) - Method in class org.apache.shiro.util.MapContext
Q
- queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
-
Builds an
AuthenticationInfo
object by querying the active directory LDAP context for the specified username. - queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Abstract method that should be implemented by subclasses to builds an
AuthenticationInfo
object by querying the LDAP context for the specified username. - queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
This implementation opens an LDAP connection using the token's
discovered principal
and providedcredentials
. - queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
-
Builds an
AuthorizationInfo
object by querying the active directory LDAP context for the groups that a user is a member of. - queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Abstract method that should be implemented by subclasses to builds an
AuthorizationInfo
object by querying the LDAP context for the specified principal. - queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Method that should be implemented by subclasses to build an
AuthorizationInfo
object by querying the LDAP context for the specified principal.
R
- RandomSessionIdGenerator - Class in org.apache.shiro.session.mgt.eis
-
Generates session IDs by using a
Random
instance to generate random IDs. - RandomSessionIdGenerator() - Constructor for class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
- readSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Retrieves the Session object from the underlying EIS identified by sessionId by delegating to the
AbstractSessionDAO.doReadSession(java.io.Serializable)
method. - readSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Attempts to acquire the Session from the cache first using the session ID as the cache key.
- readSession(Serializable) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Retrieves the session from the EIS uniquely identified by the specified
sessionId
. - Realm - Interface in org.apache.shiro.realm
-
A Realm is a security component that can access application-specific security entities such as users, roles, and permissions to determine authentication and authorization operations.
- RealmFactory - Interface in org.apache.shiro.realm
-
Enables Shiro end-users to configure and initialize one or more
Realm
instances in any manner desired. - realms - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer
-
The realms to consult during any authorization check.
- RealmSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy based around a collection ofRealm
s. - RealmSecurityManager() - Constructor for class org.apache.shiro.mgt.RealmSecurityManager
-
Default no-arg constructor.
- rebind(String, Object) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Rebind the given object to the current JNDI context, using the given name.
- referral - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- RegExPatternMatcher - Class in org.apache.shiro.util
-
PatternMatcher
implementation that uses standardjava.util.regex
objects. - RegExPatternMatcher() - Constructor for class org.apache.shiro.util.RegExPatternMatcher
- releaseRunAs() - Method in interface org.apache.shiro.subject.Subject
-
Releases the current 'run as' (assumed) identity and reverts back to the previous 'pre run as' identity that existed before
#runAs runAs
was called. - releaseRunAs() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- reloadIntervalSeconds - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- rememberIdentity(Subject, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Remembers a subject-unique identity for retrieval later.
- rememberIdentity(Subject, PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Remembers the specified account principals by first
converting
them to a byte array and thenremembers
that byte array. - RememberMeAuthenticationToken - Interface in org.apache.shiro.authc
-
An
AuthenticationToken
that indicates if the user wishes their identity to be remembered across sessions. - rememberMeFailedLogin(AuthenticationToken, AuthenticationException, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- rememberMeLogout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- rememberMeManager - Variable in class org.apache.shiro.mgt.DefaultSecurityManager
- RememberMeManager - Interface in org.apache.shiro.mgt
-
A RememberMeManager is responsible for remembering a Subject's identity across that Subject's sessions with the application.
- rememberMeSuccessfulLogin(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- rememberSerializedIdentity(Subject, byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Persists the identity bytes to a persistent store for retrieval later via the
AbstractRememberMeManager.getRememberedSerializedIdentity(SubjectContext)
method. - remove() - Static method in class org.apache.shiro.util.ThreadContext
-
Remove
s the underlyingThreadLocal
from the thread. - remove(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- remove(Object) - Method in class org.apache.shiro.util.MapContext
- remove(Object) - Static method in class org.apache.shiro.util.ThreadContext
-
Unbinds the value for the given
key
from the current thread. - removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- removeAttribute(Object) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- removeAttribute(Object) - Method in interface org.apache.shiro.session.Session
-
Removes (unbinds) the object bound to this session under the specified
key
name. - removeAttribute(SessionKey, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- removeAttribute(SessionKey, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Removes (unbinds) the object bound to associated
Session
under the givenattributeKey
. - removeFromSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Removes any existing subject state from the Subject's session (if the session exists).
- removeRealmPrincipal(String, String) - Method in interface org.apache.shiro.subject.PrincipalMap
- removeRealmPrincipal(String, String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- RequiredTypeException - Exception in org.apache.shiro.env
-
Exception thrown when attempting to acquire an object of a required type and that object does not equal, extend, or implement a specified
Class
. - RequiredTypeException(String) - Constructor for exception org.apache.shiro.env.RequiredTypeException
- RequiredTypeException(String, Throwable) - Constructor for exception org.apache.shiro.env.RequiredTypeException
- RequiresAuthentication - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current Subject to have been authenticated during their current session for the annotated class/instance/method to be accessed or invoked.
- RequiresGuest - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current Subject to be a "guest", that is, they are not authenticated or remembered from a previous session for the annotated class/instance/method to be accessed or invoked.
- RequiresPermissions - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current executor's Subject to imply a particular permission in order to execute the annotated method.
- RequiresRoles - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the currently executing
Subject
to have all of the specified roles. - RequiresUser - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current Subject to be an application user for the annotated class/instance/method to be accessed or invoked.
- resolveAuthenticated() - Method in interface org.apache.shiro.subject.SubjectContext
- resolveAuthenticated() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveContextSession(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- resolveDelimitedPermissions(String, PermissionResolver) - Static method in class org.apache.shiro.util.PermissionUtils
- resolveHost() - Method in interface org.apache.shiro.subject.SubjectContext
- resolveHost() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveIni() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Tries to resolve the Ini instance to use for configuration.
- resolvePermission(String) - Method in interface org.apache.shiro.authz.permission.PermissionResolver
-
Resolves a Permission based on the given String representation.
- resolvePermission(String) - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Returns a new
WildcardPermission
instance constructed based on the specified permissionString. - resolvePermissions(Collection<String>, PermissionResolver) - Static method in class org.apache.shiro.util.PermissionUtils
- resolvePermissionsInRole(String) - Method in interface org.apache.shiro.authz.permission.RolePermissionResolver
-
Resolves a Collection of Permissions based on the given String representation.
- resolvePrincipals() - Method in interface org.apache.shiro.subject.SubjectContext
- resolvePrincipals() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolvePrincipals(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Attempts to resolve an identity (a
PrincipalCollection
) for the context using heuristics. - resolveSecurityManager() - Method in interface org.apache.shiro.subject.SubjectContext
-
Resolves the
SecurityManager
instance that should be used to back the constructedSubject
instance (typically used to supportDelegatingSubject
implementations). - resolveSecurityManager() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveSession() - Method in interface org.apache.shiro.subject.SubjectContext
- resolveSession() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveSession(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Attempts to resolve any associated session based on the context and returns a context that represents this resolved
Session
to ensure it may be referenced if necessary by the invokedSubjectFactory
that performs actualSubject
construction. - resourcePath - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- restore() - Method in class org.apache.shiro.subject.support.SubjectThreadState
-
Remove
s all thread-state that was bound by this instance. - restore() - Method in interface org.apache.shiro.util.ThreadState
-
Restores a thread to its state before bind
bind
was invoked. - retrieveSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
Looks up a session from the underlying data store based on the specified session key.
- retrieveSession(SessionKey) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- retrieveSessionFromDataSource(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- RoleAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresRoles
annotation is declared, and if so, performs a role check to see if the callingSubject
is allowed to proceed. - RoleAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationHandler
-
Default no-argument constructor that ensures this handler looks for
RequiresRoles
annotations. - RoleAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresRoles
annotation is declared, and if so, performs a role check to see if the callingSubject
is allowed to invoke the method. - RoleAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresRoles
annotations in a method declaration. - RoleAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationMethodInterceptor
- roleExists(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- rolePermissionResolver - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer
-
A RolePermissionResolver to be used by all configured realms.
- RolePermissionResolver - Interface in org.apache.shiro.authz.permission
-
A RolePermissionResolver resolves a String value and converts it into a Collection of
Permission
instances. - RolePermissionResolverAware - Interface in org.apache.shiro.authz.permission
-
Interface implemented by a component that wishes to use any application-configured RolePermissionResolver that might already exist instead of potentially creating one itself.
- roles - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
The internal roles collection.
- roles - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- ROLES_LOCK - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- ROLES_SECTION_NAME - Static variable in class org.apache.shiro.realm.text.IniRealm
- run() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- run() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- run() - Method in class org.apache.shiro.subject.support.SubjectRunnable
-
Bind
s the Subject thread state, executes the targetRunnable
and then guarantees the previous thread state'srestoration
: - runAs(PrincipalCollection) - Method in interface org.apache.shiro.subject.Subject
-
Allows this subject to 'run as' or 'assume' another identity indefinitely.
- runAs(PrincipalCollection) - Method in class org.apache.shiro.subject.support.DelegatingSubject
S
- SaltedAuthenticationInfo - Interface in org.apache.shiro.authc
-
Interface representing account information that may use a salt when hashing credentials.
- saltIsBase64Encoded - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- saltStyle - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- save(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Saves the subject's state to a persistent location for future reference if necessary.
- save(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Saves the subject's state to the subject's
session
only ifsessionStorageEnabled(subject)
. - save(Subject) - Method in interface org.apache.shiro.mgt.SubjectDAO
-
Persists the specified Subject's state for later access.
- saveToSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Saves the subject's state (it's principals and authentication state) to its
session
. - schedule(Runnable, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- schedule(Callable<V>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- scheduleAtFixedRate(Runnable, long, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- scheduler - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- scheduleWithFixedDelay(Runnable, long, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- searchBase - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- searchBase - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- searchFilter - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- SECURITY_MANAGER_KEY - Static variable in class org.apache.shiro.util.ThreadContext
- SECURITY_MANAGER_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- securityManager - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- SecurityManager - Interface in org.apache.shiro.mgt
-
A
SecurityManager
executes all security operations for all Subjects (aka users) across a single application. - SecurityUtils - Class in org.apache.shiro
-
Accesses the currently accessible
Subject
for the calling code depending on runtime environment. - SecurityUtils() - Constructor for class org.apache.shiro.SecurityUtils
- serialize(PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Serializes the given
principals
by serializing them to a byte array by using theserializer
'sserialize
method. - session - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- session(Session) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will use the specifiedSession
instance. - Session - Interface in org.apache.shiro.session
-
A
Session
is a stateful data context associated with a single Subject (user, daemon process, etc) who interacts with a software system over a period of time. - SESSION_CREATION_ENABLED - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext
- SessionContext - Interface in org.apache.shiro.session.mgt
-
A
SessionContext
is a 'bucket' of data presented to aSessionFactory
which interprets this data to constructSession
instances. - sessionCreationEnabled - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- sessionCreationEnabled(boolean) - Method in class org.apache.shiro.subject.Subject.Builder
-
Configures whether or not the created Subject instance can create a new
Session
if one does not already exist. - sessionDAO - Variable in class org.apache.shiro.session.mgt.DefaultSessionManager
- SessionDAO - Interface in org.apache.shiro.session.mgt.eis
-
Data Access Object design pattern specification to enable
Session
access to an EIS (Enterprise Information System). - SessionException - Exception in org.apache.shiro.session
-
General security exception attributed to problems during interaction with the system during a session.
- SessionException() - Constructor for exception org.apache.shiro.session.SessionException
-
Creates a new SessionException.
- SessionException(String) - Constructor for exception org.apache.shiro.session.SessionException
-
Constructs a new SessionException.
- SessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.SessionException
-
Constructs a new SessionException.
- SessionException(Throwable) - Constructor for exception org.apache.shiro.session.SessionException
-
Constructs a new SessionException.
- SessionFactory - Interface in org.apache.shiro.session.mgt
-
A simple factory class that instantiates concrete
Session
instances. - sessionId(Serializable) - Method in class org.apache.shiro.subject.Subject.Builder
- SessionIdGenerator - Interface in org.apache.shiro.session.mgt.eis
-
Interface allowing pluggable session ID generation strategies to be used with various
SessionDAO
implementations. - SessionKey - Interface in org.apache.shiro.session.mgt
-
A
SessionKey
is a key that allows look-up of any particularSession
instance. - SessionListener - Interface in org.apache.shiro.session
-
Interface to be implemented by components that wish to be notified of events that occur during a
Session
's life cycle. - SessionListenerAdapter - Class in org.apache.shiro.session
-
Simple adapter implementation of the
SessionListener
interface, effectively providing no-op implementations of all methods. - SessionListenerAdapter() - Constructor for class org.apache.shiro.session.SessionListenerAdapter
- SessionManager - Interface in org.apache.shiro.session.mgt
-
A SessionManager manages the creation, maintenance, and clean-up of all application
Session
s. - SessionsSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy that delegates allsession
operations to a wrappedSessionManager
instance. - SessionsSecurityManager() - Constructor for class org.apache.shiro.mgt.SessionsSecurityManager
-
Default no-arg constructor, internally creates a suitable default
SessionManager
delegate instance. - SessionStorageEvaluator - Interface in org.apache.shiro.mgt
-
Evaluates whether or not Shiro may use a
Subject
'sSession
to persist thatSubject
's internal state. - sessionValidationInterval - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- sessionValidationScheduler - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
Scheduler used to validate sessions on a regular basis.
- SessionValidationScheduler - Interface in org.apache.shiro.session.mgt
-
Interface that should be implemented by classes that can control validating sessions on a regular basis.
- sessionValidationSchedulerEnabled - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- setActions(Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setActiveSessionsCache(Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Sets the cache instance to use for storing active sessions.
- setActiveSessionsCacheName(String) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Sets the name of the active sessions cache to be returned by the
CacheManager
. - setAdditionalEnvironment(Map<String, String>) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.These entries are added to the environment map before initializing the LDAP context.
- setAnnotationClass(Class<? extends Annotation>) - Method in class org.apache.shiro.aop.AnnotationHandler
-
Sets the type of annotation this handler will inspect and process.
- setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setAttribute(Object, Object) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- setAttribute(Object, Object) - Method in interface org.apache.shiro.session.Session
-
Binds the specified
value
to this session, uniquely identified by the specifiedkey
name. - setAttribute(SessionKey, Object, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- setAttribute(SessionKey, Object, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Binds the specified
value
to the associated session uniquely identified by theattributeKey
. - setAttributes(Map<Object, Object>) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setAuthenticated(boolean) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets whether or not the constructed
Subject
instance should be considered as authenticated. - setAuthenticated(boolean) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setAuthentication(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Sets the type of LDAP authentication to perform when connecting to the LDAP server.
- setAuthenticationCache(Cache<Object, AuthenticationInfo>) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets an explicit
Cache
instance to use for authentication caching. - setAuthenticationCacheName(String) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets the name of a
Cache
to lookup from any availablecacheManager
if a cache is not explicitly configured viaAuthenticatingRealm.setAuthenticationCache(org.apache.shiro.cache.Cache)
. - setAuthenticationCachingEnabled(boolean) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets whether or not authentication caching should be utilized if a
CacheManager
has beenconfigured
,false
otherwise. - setAuthenticationInfo(AuthenticationInfo) - Method in interface org.apache.shiro.subject.SubjectContext
- setAuthenticationInfo(AuthenticationInfo) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setAuthenticationListeners(Collection<AuthenticationListener>) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Sets the
AuthenticationListener
s that should be notified during authentication attempts. - setAuthenticationMechanism(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the type of LDAP authentication mechanism to use when connecting to the LDAP server.
- setAuthenticationQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Overrides the default query used to retrieve a user's password during authentication.
- setAuthenticationStrategy(AuthenticationStrategy) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Allows overriding the default
AuthenticationStrategy
utilized during multi-realm log-in attempts. - setAuthenticationToken(AuthenticationToken) - Method in interface org.apache.shiro.subject.SubjectContext
- setAuthenticationToken(AuthenticationToken) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setAuthenticationTokenClass(Class<? extends AuthenticationToken>) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets the authenticationToken class supported by this realm.
- setAuthenticator(Authenticator) - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Sets the delegate
Authenticator
instance that this SecurityManager uses to perform all authentication operations. - setAuthorizationCache(Cache<Object, AuthorizationInfo>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setAuthorizationCacheName(String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setAuthorizationCachingEnabled(boolean) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Sets whether or not authorization caching should be utilized if a
CacheManager
has beenconfigured
,false
otherwise. - setAuthorizer(Authorizer) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
-
Sets the underlying Authorizer instance to which this SecurityManager implementation will delegate all of its authorization calls.
- setCacheManager(CacheManager) - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Sets the CacheManager used by this
SecurityManager
and potentially any of its children components. - setCacheManager(CacheManager) - Method in class org.apache.shiro.realm.CachingRealm
-
Sets the CacheManager to be used for data caching to reduce EIS round trips.
- setCacheManager(CacheManager) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- setCacheManager(CacheManager) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Sets the cacheManager to use for acquiring the
activeSessionsCache
if one is not configured. - setCachingEnabled(boolean) - Method in class org.apache.shiro.realm.CachingRealm
-
Sets whether or not caching should be used if a
CacheManager
has beenconfigured
. - setCaseSensitive(boolean) - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Set the case sensitivity of the resolved Wildcard permissions.
- setCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Convenience method that sets the cipher key to use for both encryption and decryption.
- setCipherService(CipherService) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the
CipherService
to use for encrypting and decrypting serialized identity data to prevent easy inspection of Subject identity data. - setContextFactory(LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication attempts and authorization queries.
- setContextFactoryClassName(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The context factory to use.
- setContextFactoryClassName(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
The name of the ContextFactory class to use.
- setCredentials(Object) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets this Account's credentials that verify one or more of the Account's
principals
, such as a password or private key. - setCredentials(Object) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Sets the credentials that verify the principals/identity of the associated Realm account.
- setCredentialsExpired(boolean) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets whether or not the Account's credentials are expired.
- setCredentialsMatcher(CredentialsMatcher) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets the CrendialsMatcher used during an authentication attempt to verify submitted credentials with those stored in the system.
- setCredentialsSalt(ByteSource) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the salt to use to hash this Account's credentials (eg for password hashing), or
null
if no salt is used or credentials are not hashed at all. - setCredentialsSalt(ByteSource) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Sets the salt used to hash the credentials, or
null
if no salt was used or credentials were not hashed at all. - setDataSource(DataSource) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Sets the datasource that should be used to retrieve connections used by this realm.
- setDecryptionCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the decryption key to use for decryption operations.
- setDefaults(Map<String, ?>) - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Sets the default objects used by this factory.
- setDeleteInvalidSessions(boolean) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Sets whether or not sessions should be automatically deleted after they are discovered to be invalid.
- setDomain(String) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setEncryptionCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the encryption key to use for encryption operations.
- setEnvironment(Map) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the base JNDI environment template to use when acquiring LDAP connections.
- setEnvironment(Properties) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Set the environment for the JNDI InitialContext.
- setEventBus(EventBus) - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Sets the EventBus used by this
SecurityManager
and potentially any of its children components. - setEventBus(EventBus) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Sets the EventBus to use to publish SessionEvents.
- setExpired(boolean) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setGlobalSessionTimeout(long) - Method in class org.apache.shiro.session.mgt.AbstractSessionManager
-
Sets the system-wide default time in milliseconds that any session may remain idle before expiring.
- setGroupRolesMap(Map<String, String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- setHandler(AnnotationHandler) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Sets the
AnnotationHandler
used to perform authorization behavior based on an annotation discovered at runtime. - setHashAlgorithmName(String) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Sets the
Hash
algorithmName
to use when performing hashes for credentials matching. - setHashFormat(HashFormat) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- setHashFormatFactory(HashFormatFactory) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- setHashIterations(int) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Sets the number of times a submitted
AuthenticationToken
's credentials will be hashed before comparing to the credentials stored in the system. - setHashSalted(boolean) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Deprecated.since Shiro 1.1. Hash salting is now expected to be based on if the
AuthenticationInfo
returned from theRealm
is aSaltedAuthenticationInfo
instance and itsgetCredentialsSalt()
method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if theRealm
does not returnSaltedAuthenticationInfo
instances, but it is highly recommended thatRealm
implementations that support hashed credentials start returningSaltedAuthenticationInfo
instances as soon as possible. This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0. - setHashService(HashService) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- setHost(String) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets the host name or IP string from where the authentication attempt occurs.
- setHost(String) - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- setHost(String) - Method in interface org.apache.shiro.session.mgt.SessionContext
-
Sets the originating host name or IP address (as a String) from where the
Subject
is initiating theSession
. - setHost(String) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setHost(String) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the host name or IP that should reflect the constructed
Subject
's originating location. - setHost(String) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setHostAddress(String) - Method in exception org.apache.shiro.authz.HostUnauthorizedException
-
Sets the host associated with this exception.
- setId(Serializable) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setIni(Ini) - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- setIni(Ini) - Method in class org.apache.shiro.realm.text.IniRealm
-
Sets the Ini instance used to configure this realm.
- setInterval(long) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- setJndiEnvironment(Properties) - Method in class org.apache.shiro.jndi.JndiLocator
-
Set the JNDI environment to use for JNDI lookups.
- setJndiNames(String) - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
-
Specifies a comma-delimited list of JNDI names to lookup, each one corresponding to a jndi-bound
Realm
. - setJndiNames(Collection<String>) - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
-
Sets the JNDI names that will be used to look up Realm(s) from JNDI.
- setJndiTemplate(JndiTemplate) - Method in class org.apache.shiro.jndi.JndiLocator
-
Set the JNDI template to use for JNDI lookups.
- setLastAccessTime(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setLdapContextFactory(LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Configures the
LdapContextFactory
implementation that is used to create LDAP connections for authentication and authorization. - setLocked(boolean) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets whether or not the account is locked and can be used to login.
- setMethodInterceptors(Collection<AuthorizingAnnotationMethodInterceptor>) - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Sets the method interceptors to execute for the annotated method.
- setName(String) - Method in class org.apache.shiro.authz.SimpleRole
- setName(String) - Method in class org.apache.shiro.realm.AuthenticatingRealm
- setName(String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setName(String) - Method in class org.apache.shiro.realm.CachingRealm
- setObject(String, Object) - Method in class org.apache.shiro.env.DefaultEnvironment
- setObjectPermissions(Set<Permission>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets all object-based permissions assigned directly to this Account (not any of its realms).
- setObjectPermissions(Set<Permission>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Sets the object-based permissions assigned directly to the account.
- setParts(String) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- setParts(String, boolean) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- setParts(String, Set<String>, Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setParts(List<Set<String>>) - Method in class org.apache.shiro.authz.permission.WildcardPermission
-
Sets the pre-split String parts of this
WildcardPermission
. - setPassword(char[]) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets the password for submission during an authentication attempt.
- setPasswordService(PasswordService) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- setPathSeparator(String) - Method in class org.apache.shiro.util.AntPathMatcher
-
Set the path separator to use for pattern parsing.
- setPermissionResolver(PermissionResolver) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the specified
PermissionResolver
on all of the wrapped realms that implement thePermissionResolverAware
interface. - setPermissionResolver(PermissionResolver) - Method in interface org.apache.shiro.authz.permission.PermissionResolverAware
-
Sets the specified PermissionResolver on this instance.
- setPermissionResolver(PermissionResolver) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setPermissions(Set<Permission>) - Method in class org.apache.shiro.authz.SimpleRole
- setPermissionsLookupEnabled(boolean) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Enables lookup of permissions during authorization.
- setPermissionsQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Overrides the default query used to retrieve a user's permissions during authorization.
- setPoolingEnabled(boolean) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets whether or not connection pooling should be used when possible and appropriate.
- setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this Account.
- setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Sets the identifying principal(s) represented by this instance.
- setPrincipals(PrincipalCollection) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the principals (aka identity) that the constructed
Subject
should reflect. - setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setPrincipalSuffix(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setPrincipalSuffix(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.A suffix appended to the username.
- setRandom(Random) - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
- setRealm(Realm) - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Convenience method for applications using a single realm that merely wraps the realm in a list and then invokes the
RealmSecurityManager.setRealms(java.util.Collection<org.apache.shiro.realm.Realm>)
method. - setRealmPrincipal(String, String, Object) - Method in interface org.apache.shiro.subject.PrincipalMap
- setRealmPrincipal(String, String, Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- setRealmPrincipals(String, Map<String, Object>) - Method in interface org.apache.shiro.subject.PrincipalMap
- setRealmPrincipals(String, Map<String, Object>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- setRealms(Collection<Realm>) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Sets all realms used by this Authenticator, providing PAM (Pluggable Authentication Module) configuration.
- setRealms(Collection<Realm>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the realms wrapped by this
Authorizer
which are consulted during an authorization check. - setRealms(Collection<Realm>) - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Sets the realms managed by this SecurityManager instance.
- setReferral(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Sets the LDAP referral property.
- setReferral(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the LDAP referral behavior when creating a connection.
- setReflectionBuilder(ReflectionBuilder) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Sets the ReflectionBuilder that will be used to create the SecurityManager based on the contents of the Ini configuration.
- setReloadIntervalSeconds(int) - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Sets the interval in seconds at which the property file will be checked for changes and reloaded.
- setRememberMe(boolean) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets if the submitting user wishes their identity (principal(s)) to be remembered across sessions.
- setRememberMeManager(RememberMeManager) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- setRequiredType(Class<? extends T>) - Method in class org.apache.shiro.jndi.JndiObjectFactory
- setResolver(AnnotationResolver) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns the
AnnotationResolver
to use to acquire annotations from intercepted methods at runtime. - setResourceName(String) - Method in class org.apache.shiro.jndi.JndiObjectFactory
- setResourcePath(String) - Method in class org.apache.shiro.realm.text.IniRealm
- setResourcePath(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Sets the path of the properties file to load user, role, and permission information from.
- setResourceRef(boolean) - Method in class org.apache.shiro.jndi.JndiLocator
-
Set whether the lookup occurs in a J2EE container, i.e.
- setResources(Map<Object, Object>) - Static method in class org.apache.shiro.util.ThreadContext
-
Allows a caller to explicitly set the entire resource map.
- setRoleDefinitions(String) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
-
Sets a newline (\n) delimited String that defines role-to-permission definitions.
- setRolePermissionResolver(RolePermissionResolver) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the specified
RolePermissionResolver
on all of the wrapped realms that implement thePermissionResolverAware
interface. - setRolePermissionResolver(RolePermissionResolver) - Method in interface org.apache.shiro.authz.permission.RolePermissionResolverAware
-
Sets the specified RolePermissionResolver on this instance.
- setRolePermissionResolver(RolePermissionResolver) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setRoles(Set<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the Account's assigned roles.
- setRoles(Set<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Sets the roles assigned to the account.
- setSaltIsBase64Encoded(boolean) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Makes it possible to switch off base64 encoding of password salt.
- setSaltStyle(JdbcRealm.SaltStyle) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Sets the salt style.
- setSearchBase(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setSearchBase(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.this attribute existed, but was never used in Shiro 1.x. It will be removed prior to Shiro 2.0.
- setSearchFilter(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- setSecurityManager(SecurityManager) - Method in class org.apache.shiro.env.DefaultEnvironment
- setSecurityManager(SecurityManager) - Static method in class org.apache.shiro.SecurityUtils
-
Sets a VM (static) singleton SecurityManager, specifically for transparent use in the
getSubject()
implementation. - setSecurityManager(SecurityManager) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the SecurityManager instance that should be used to back the constructed
Subject
instance (typically used to supportDelegatingSubject
implementations). - setSecurityManager(SecurityManager) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSecurityManagerName(String) - Method in class org.apache.shiro.env.DefaultEnvironment
-
Sets the name of the
SecurityManager
instance in the backing map. - setSerializer(Serializer<PrincipalCollection>) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the
Serializer
used to serialize and deserializePrincipalCollection
instances for persistent remember me storage. - setSession(Session) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the
Session
to use when building theSubject
instance. - setSession(Session) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSessionCreationEnabled(boolean) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets whether or not the constructed
Subject
instance should be allowed to create a session,false
otherwise. - setSessionCreationEnabled(boolean) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSessionDAO(SessionDAO) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- setSessionFactory(SessionFactory) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Sets the
SessionFactory
used to generate newSession
instances. - setSessionId(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- setSessionId(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionKey
- setSessionId(Serializable) - Method in interface org.apache.shiro.session.mgt.SessionContext
- setSessionId(Serializable) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the session id of the session that should be associated with the constructed
Subject
instance. - setSessionId(Serializable) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSessionIdGenerator(SessionIdGenerator) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Sets the
SessionIdGenerator
used by theAbstractSessionDAO.generateSessionId(org.apache.shiro.session.Session)
method. - setSessionListeners(Collection<SessionListener>) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- setSessionManager(SessionManager) - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Sets the underlying delegate
SessionManager
instance that will be used to support this implementation's SessionManager method calls. - setSessionManager(ValidatingSessionManager) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- setSessionStorageEnabled(boolean) - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
-
Sets if any Subject's
Session
may be used to persist thatSubject
's state. - setSessionStorageEvaluator(SessionStorageEvaluator) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Sets the
SessionStorageEvaluator
that will determine if aSubject
's state may be persisted in the Subject's session. - setSessionValidationInterval(long) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
If using the underlying default SessionValidationScheduler (that is, the
setSessionValidationScheduler
method is never called) , this method allows one to specify how frequently session should be validated (to check for orphans). - setSessionValidationScheduler(SessionValidationScheduler) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- setSessionValidationSchedulerEnabled(boolean) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- setSingleton(boolean) - Method in class org.apache.shiro.util.AbstractFactory
- setStartTimestamp(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setStopAfterFirstSuccess(boolean) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
- setStopTimestamp(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setStoredCredentialsHexEncoded(boolean) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Sets the indicator if this system's stored credential hash is Hex encoded or not.
- setStringPermissions(Set<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the String-based permissions assigned to this Account.
- setStringPermissions(Set<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Sets the string-based permissions assigned directly to the account.
- setSubject(Subject) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the existing
Subject
that may be in use at the time the newSubject
instance is being created. - setSubject(Subject) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSubjectDAO(SubjectDAO) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Sets the
SubjectDAO
responsible for persisting Subject state, typically used after login or when an Subject identity is discovered (eg after RememberMe services). - setSubjectFactory(SubjectFactory) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Sets the
SubjectFactory
responsible for creatingSubject
instances exposed to the application. - setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The system password that will be used when connecting to the LDAP server to retrieve authorization information about a user.
- setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the password of the
systemUsername
that will be used when creating an LDAP connection used for authorization queries. - setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The system username that will be used when connecting to the LDAP server to retrieve authorization information about a user.
- setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the system username that will be used when creating an LDAP connection used for authorization queries.
- setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
-
Sets target Executor instance that will actually execute the subject-associated Runnable instances.
- setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- setTargetExecutorService(ExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- setTargetExecutorService(ExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- setTargets(Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setTargetScheduledExecutorService(ScheduledExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- setThreadNamePrefix(String) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- setTimeout(long) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- setTimeout(long) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - setTimeout(long) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setTimeout(long) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- setTimeout(long) - Method in interface org.apache.shiro.session.Session
-
Sets the time in milliseconds that the session may remain idle before expiring.
- setTimeout(SessionKey, long) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- setTimeout(SessionKey, long) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Sets the time in milliseconds that the associated session may remain idle before expiring.
- setUrl(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setUrl(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The LDAP url to connect to.
- setUrl(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
The LDAP url to connect to.
- setUsePooling(boolean) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Determines whether or not LdapContext pooling is enabled for connections made using the system user account.
- setUserDefinitions(String) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
-
Sets a newline (\n) delimited String that defines user-to-password-and-role(s) key/value pairs according to the following format:
- setUserDnTemplate(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime.
- setUsername(String) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets the username for submission during an authentication attempt.
- setUserRolesQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Overrides the default query used to retrieve a user's roles during authorization.
- setUseXmlFormat(boolean) - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Determines whether or not the properties XML format should be used.
- Sha1CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha1CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha1CredentialsMatcher
-
Deprecated.
- Sha256CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha256CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha256CredentialsMatcher
-
Deprecated.
- Sha384CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha384CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha384CredentialsMatcher
-
Deprecated.
- Sha512CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha512CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha512CredentialsMatcher
-
Deprecated.
- ShortCircuitIterationException - Exception in org.apache.shiro.authc.pam
-
Exception thrown during the authentication process using
FirstSuccessfulStrategy
, withstopAfterFirstSuccess
set. - ShortCircuitIterationException() - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Creates a new ShortCircuitIterationException.
- ShortCircuitIterationException(String) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Constructs a new ShortCircuitIterationException.
- ShortCircuitIterationException(String, Throwable) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Constructs a new ShortCircuitIterationException.
- ShortCircuitIterationException(Throwable) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Constructs a new ShortCircuitIterationException.
- shouldImplicitlyCreateRealm(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Returns
true
if the Ini contains account data and aRealm
should be implicitlycreated
to reflect the account data,false
if no realm should be implicitly created. - shutdown() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- shutdownNow() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SIMPLE_AUTHENTICATION_MECHANISM_NAME - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
- SimpleAccount - Class in org.apache.shiro.authc
-
Simple implementation of the
Account
interface that contains principal and credential and authorization information (roles and permissions) as instance variables and exposes them via getters and setters using standard JavaBean notation. - SimpleAccount() - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Default no-argument constructor.
- SimpleAccount(Object, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
- SimpleAccount(Object, Object, String, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principal and credentials, with the the assigned roles and permissions.
- SimpleAccount(Object, Object, ByteSource, String) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals, hashedCredentials and credentials salt used when hashing the credentials.
- SimpleAccount(Collection, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
- SimpleAccount(Collection, Object, String, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials, with the the assigned roles and permissions.
- SimpleAccount(PrincipalCollection, Object) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified principals and credentials.
- SimpleAccount(PrincipalCollection, Object, Set<String>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified principals and credentials, with the assigned roles.
- SimpleAccount(PrincipalCollection, Object, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance from the given principals and credentials, with the the assigned roles and permissions.
- SimpleAccount(PrincipalCollection, Object, ByteSource) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified principals and credentials.
- SimpleAccountRealm - Class in org.apache.shiro.realm
-
A simple implementation of the
Realm
interface that uses a set of configured user accounts and roles to support authentication and authorization. - SimpleAccountRealm() - Constructor for class org.apache.shiro.realm.SimpleAccountRealm
- SimpleAccountRealm(String) - Constructor for class org.apache.shiro.realm.SimpleAccountRealm
- SimpleAuthenticationInfo - Class in org.apache.shiro.authc
-
Simple implementation of the
MergableAuthenticationInfo
interface that holds the principals and credentials. - SimpleAuthenticationInfo() - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Default no-argument constructor.
- SimpleAuthenticationInfo(Object, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in a single 'primary' principal of the account and its corresponding credentials, associated with the specified realm.
- SimpleAuthenticationInfo(Object, Object, ByteSource, String) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in a single 'primary' principal of the account, its corresponding hashed credentials, the salt used to hash the credentials, and the name of the realm to associate with the principals.
- SimpleAuthenticationInfo(PrincipalCollection, Object) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in an account's identifying principal(s) and its corresponding credentials that verify the principals.
- SimpleAuthenticationInfo(PrincipalCollection, Object, ByteSource) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in an account's identifying principal(s), hashed credentials used to verify the principals, and the salt used when hashing the credentials.
- SimpleAuthorizationInfo - Class in org.apache.shiro.authz
-
Simple POJO implementation of the
AuthorizationInfo
interface that stores roles and permissions as internal attributes. - SimpleAuthorizationInfo() - Constructor for class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Default no-argument constructor.
- SimpleAuthorizationInfo(Set<String>) - Constructor for class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Creates a new instance with the specified roles and no permissions.
- SimpleCredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Simple CredentialsMatcher implementation.
- SimpleCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
- SimplePrincipalCollection - Class in org.apache.shiro.subject
-
A simple implementation of the
MutablePrincipalCollection
interface that tracks principals internally by storing them in aLinkedHashMap
. - SimplePrincipalCollection() - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalCollection(Object, String) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalCollection(Collection, String) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalCollection(PrincipalCollection) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalMap - Class in org.apache.shiro.subject
-
Default implementation of the
PrincipalMap
interface. - SimplePrincipalMap() - Constructor for class org.apache.shiro.subject.SimplePrincipalMap
- SimplePrincipalMap(Map<String, Map<String, Object>>) - Constructor for class org.apache.shiro.subject.SimplePrincipalMap
- SimpleRole - Class in org.apache.shiro.authz
-
A simple representation of a security role that has a name and a collection of permissions.
- SimpleRole() - Constructor for class org.apache.shiro.authz.SimpleRole
- SimpleRole(String) - Constructor for class org.apache.shiro.authz.SimpleRole
- SimpleRole(String, Set<Permission>) - Constructor for class org.apache.shiro.authz.SimpleRole
- SimpleSession - Class in org.apache.shiro.session.mgt
-
Simple
Session
JavaBeans-compatible POJO implementation, intended to be used on the business/server tier. - SimpleSession() - Constructor for class org.apache.shiro.session.mgt.SimpleSession
- SimpleSession(String) - Constructor for class org.apache.shiro.session.mgt.SimpleSession
- SimpleSessionFactory - Class in org.apache.shiro.session.mgt
-
SessionFactory
implementation that generatesSimpleSession
instances. - SimpleSessionFactory() - Constructor for class org.apache.shiro.session.mgt.SimpleSessionFactory
- size() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- size() - Method in class org.apache.shiro.util.MapContext
- size(Collection) - Static method in class org.apache.shiro.util.CollectionUtils
-
Returns the size of the specified collection or
0
if the collection isnull
. - size(Map) - Static method in class org.apache.shiro.util.CollectionUtils
-
Returns the size of the specified map or
0
if the map isnull
. - start(SessionContext) - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- start(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- start(SessionContext) - Method in interface org.apache.shiro.session.mgt.SessionManager
-
Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.
- startReloadThread() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- stop() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- stop() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - stop() - Method in class org.apache.shiro.session.mgt.SimpleSession
- stop() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- stop() - Method in interface org.apache.shiro.session.Session
-
Explicitly stops (invalidates) this session and releases all associated resources.
- stop(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- stop(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Explicitly stops the associated session, thereby releasing all of its resources.
- StoppedSessionException - Exception in org.apache.shiro.session
-
Exception thrown when attempting to interact with the system under a session that has been stopped.
- StoppedSessionException() - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Creates a new StoppedSessionException.
- StoppedSessionException(String) - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Constructs a new StoppedSessionException.
- StoppedSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Constructs a new StoppedSessionException.
- StoppedSessionException(Throwable) - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Constructs a new StoppedSessionException.
- stopSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- storeSession(Serializable, Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- stringPermissions - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Collection of all string-based permissions associated with the account.
- Subject - Interface in org.apache.shiro.subject
-
A
Subject
represents state and security operations for a single application user. - SUBJECT_KEY - Static variable in class org.apache.shiro.util.ThreadContext
- Subject.Builder - Class in org.apache.shiro.subject
-
Builder design pattern implementation for creating
Subject
instances in a simplified way without requiring knowledge of Shiro's construction techniques. - SubjectAwareExecutor - Class in org.apache.shiro.concurrent
- SubjectAwareExecutor() - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutor
- SubjectAwareExecutor(Executor) - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutor
- SubjectAwareExecutorService - Class in org.apache.shiro.concurrent
-
ExecutorService
implementation that will automatically first associate any argumentRunnable
orCallable
instances with thecurrently available subject
and then dispatch the Subject-enabled runnable or callable to an underlying delegateExecutorService
instance. - SubjectAwareExecutorService() - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SubjectAwareExecutorService(ExecutorService) - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SubjectAwareScheduledExecutorService - Class in org.apache.shiro.concurrent
-
Same concept as the
SubjectAwareExecutorService
but additionally supports theScheduledExecutorService
interface. - SubjectAwareScheduledExecutorService() - Constructor for class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- SubjectAwareScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- SubjectCallable<V> - Class in org.apache.shiro.subject.support
- SubjectCallable(Subject, Callable<V>) - Constructor for class org.apache.shiro.subject.support.SubjectCallable
- SubjectCallable(ThreadState, Callable<V>) - Constructor for class org.apache.shiro.subject.support.SubjectCallable
- SubjectContext - Interface in org.apache.shiro.subject
-
A
SubjectContext
is a 'bucket' of data presented to aSecurityManager
which interprets this data to constructSubject
instances. - subjectDAO - Variable in class org.apache.shiro.mgt.DefaultSecurityManager
- SubjectDAO - Interface in org.apache.shiro.mgt
-
A
SubjectDAO
is responsible for persisting a Subject instance's internal state such that the Subject instance can be recreated at a later time if necessary. - subjectFactory - Variable in class org.apache.shiro.mgt.DefaultSecurityManager
- SubjectFactory - Interface in org.apache.shiro.mgt
-
A
SubjectFactory
is responsible for constructingSubject
instances as needed. - SubjectRunnable - Class in org.apache.shiro.subject.support
-
A
SubjectRunnable
ensures that a target/delegateRunnable
will execute such that any call toSecurityUtils.
getSubject()
during theRunnable
's execution will return the associatedSubject
instance. - SubjectRunnable(Subject, Runnable) - Constructor for class org.apache.shiro.subject.support.SubjectRunnable
-
Creates a new
SubjectRunnable
that, when executed, will execute the targetdelegate
, but guarantees that it will run associated with the specifiedSubject
. - SubjectRunnable(ThreadState, Runnable) - Constructor for class org.apache.shiro.subject.support.SubjectRunnable
-
Creates a new
SubjectRunnable
that, when executed, will perform thread statebinding
and guaranteedrestoration
before and after theRunnable
's execution, respectively. - SubjectThreadState - Class in org.apache.shiro.subject.support
-
Manages thread-state for
Subject
access (supportingSecurityUtils.
getSubject()
calls) during a thread's execution. - SubjectThreadState(Subject) - Constructor for class org.apache.shiro.subject.support.SubjectThreadState
-
Creates a new
SubjectThreadState
that will bind and unbind the specifiedSubject
to the thread - submit(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- submit(Runnable, T) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- submit(Callable<T>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SUBPART_DIVIDER_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- SUN_CONNECTION_POOLING_PROPERTY - Static variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The Sun LDAP property used to enable connection pooling.
- SUN_CONNECTION_POOLING_PROPERTY - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
The Sun LDAP property used to enable connection pooling.
- supports(MethodInvocation) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns
true
if this interceptor supports, that is, should inspect, the specifiedMethodInvocation
,false
otherwise. - supports(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Convenience implementation that returns getAuthenticationTokenClass().isAssignableFrom( token.getClass() );.
- supports(AuthenticationToken) - Method in interface org.apache.shiro.realm.Realm
-
Returns true if this realm wishes to authenticate the Subject represented by the given
AuthenticationToken
instance, false otherwise. - systemPassword - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- systemPassword - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- systemUsername - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- systemUsername - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
T
- TextConfigurationRealm - Class in org.apache.shiro.realm.text
-
A SimpleAccountRealm that enables text-based configuration of the initial User, Role, and Permission objects created at startup.
- TextConfigurationRealm() - Constructor for class org.apache.shiro.realm.text.TextConfigurationRealm
- ThreadContext - Class in org.apache.shiro.util
-
A ThreadContext provides a means of binding and unbinding objects to the current thread based on key/value pairs.
- ThreadContext() - Constructor for class org.apache.shiro.util.ThreadContext
-
Default no-argument constructor.
- threadState - Variable in class org.apache.shiro.subject.support.SubjectCallable
- threadState - Variable in class org.apache.shiro.subject.support.SubjectRunnable
- ThreadState - Interface in org.apache.shiro.util
-
A
ThreadState
instance manages any state that might need to be bound and/or restored during a thread's execution. - throwImmutableException() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Simply throws an
InvalidSessionException
indicating that this proxy is immutable. - toLines(String) - Static method in class org.apache.shiro.realm.text.TextConfigurationRealm
- toMap(Collection<String>) - Static method in class org.apache.shiro.realm.text.TextConfigurationRealm
- toPermissionStrings(String) - Static method in class org.apache.shiro.util.PermissionUtils
- toSet(String, String) - Static method in class org.apache.shiro.realm.SimpleAccountRealm
- toString() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns
principals
.toString() if they are not null, otherwise prints out the string "empty" - toString() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Simple implementation that merely returns
principals
.toString() - toString() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the String representation.
- toString() - Method in class org.apache.shiro.authz.permission.WildcardPermission
- toString() - Method in class org.apache.shiro.authz.SimpleRole
- toString() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Returns the string representation of this SimpleSession, equal to
getClass().getName() + ",id=" + getId()
. - toString() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
-
Returns a simple string representation suitable for printing.
- touch() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- touch() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - touch() - Method in class org.apache.shiro.session.mgt.SimpleSession
- touch() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- touch() - Method in interface org.apache.shiro.session.Session
-
Explicitly updates the
lastAccessTime
of this session to the current time when this method is invoked. - touch(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- touch(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Updates the last accessed time of the session identified by
sessionId
.
U
- UnauthenticatedException - Exception in org.apache.shiro.authz
-
Exception thrown when attempting to execute an authorization action when a successful authentication hasn't yet occurred.
- UnauthenticatedException() - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Creates a new UnauthenticatedException.
- UnauthenticatedException(String) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Constructs a new UnauthenticatedException.
- UnauthenticatedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Constructs a new UnauthenticatedException.
- UnauthenticatedException(Throwable) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Constructs a new UnauthenticatedException.
- UnauthorizedException - Exception in org.apache.shiro.authz
-
Thrown to indicate a requested operation or access to a requested resource is not allowed.
- UnauthorizedException() - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Creates a new UnauthorizedException.
- UnauthorizedException(String) - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Constructs a new UnauthorizedException.
- UnauthorizedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Constructs a new UnauthorizedException.
- UnauthorizedException(Throwable) - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Constructs a new UnauthorizedException.
- UnavailableSecurityManagerException - Exception in org.apache.shiro
-
Exception thrown when attempting to acquire the application's
SecurityManager
instance, but Shiro's lookup heuristics cannot find one. - UnavailableSecurityManagerException(String) - Constructor for exception org.apache.shiro.UnavailableSecurityManagerException
- UnavailableSecurityManagerException(String, Throwable) - Constructor for exception org.apache.shiro.UnavailableSecurityManagerException
-
Deprecated.This constructor is NOT used by Shiro directly, and will be removed in the future.
- unbind(String) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Remove the binding for the given name from the current JNDI context.
- unbind(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Deprecated.in Shiro 1.2 in favor of
DefaultSecurityManager.delete(org.apache.shiro.subject.Subject)
- unbindSecurityManager() - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies removal of the application's SecurityManager instance from the thread.
- unbindSubject() - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies removal of a thread-local Subject from the thread.
- uncache(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Removes the specified Session from the cache.
- UnknownAccountException - Exception in org.apache.shiro.authc
-
Thrown when attempting to authenticate with a principal that doesn't exist in the system (e.g.
- UnknownAccountException() - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Creates a new UnknownAccountException.
- UnknownAccountException(String) - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Constructs a new UnknownAccountException.
- UnknownAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Constructs a new UnknownAccountException.
- UnknownAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Constructs a new UnknownAccountException.
- UnknownSessionException - Exception in org.apache.shiro.session
-
Exception thrown when attempting to interact with the system under the pretense of a particular session (e.g.
- UnknownSessionException() - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Creates a new UnknownSessionException.
- UnknownSessionException(String) - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Constructs a new UnknownSessionException.
- UnknownSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Constructs a new UnknownSessionException.
- UnknownSessionException(Throwable) - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Constructs a new UnknownSessionException.
- UnsupportedAuthenticationMechanismException - Exception in org.apache.shiro.ldap
-
Exception thrown when a configured LDAP Authentication Mechanism is unsupported by the target LDAP server.
- UnsupportedAuthenticationMechanismException(String) - Constructor for exception org.apache.shiro.ldap.UnsupportedAuthenticationMechanismException
- UnsupportedAuthenticationMechanismException(String, Throwable) - Constructor for exception org.apache.shiro.ldap.UnsupportedAuthenticationMechanismException
- UnsupportedTokenException - Exception in org.apache.shiro.authc.pam
-
Exception thrown during the authentication process when an
AuthenticationToken
implementation is encountered that is not supported by one or more configuredRealm
s. - UnsupportedTokenException() - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Creates a new UnsupportedTokenException.
- UnsupportedTokenException(String) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Constructs a new UnsupportedTokenException.
- UnsupportedTokenException(String, Throwable) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Constructs a new UnsupportedTokenException.
- UnsupportedTokenException(Throwable) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Constructs a new UnsupportedTokenException.
- update(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Updates the state of the given session to the EIS by first delegating to
CachingSessionDAO.doUpdate(org.apache.shiro.session.Session)
. - update(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- update(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Updates (persists) data from a previously created Session instance in the EIS identified by
{@link Session#getId() session.getId()}
. - url - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- url - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- UserAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresUser
annotation is declared, and if so, ensures the callingSubject
is eitherauthenticated
or remembered via remember me services before allowing access. - UserAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.UserAnnotationHandler
-
Default no-argument constructor that ensures this handler looks for
RequiresUser
annotations. - UserAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresUser
annotation is declared, and if so, ensures the callingSubject
is eitherauthenticated
or remembered via remember me services before invoking the method. - UserAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.UserAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresUser
annotations in a method declaration. - UserAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.UserAnnotationMethodInterceptor
- UsernamePasswordToken - Class in org.apache.shiro.authc
-
A simple username/password authentication token to support the most widely-used authentication mechanism.
- UsernamePasswordToken() - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
JavaBeans compatible no-arg constructor.
- UsernamePasswordToken(String, char[]) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted during an authentication attempt, with a null
host
and a rememberMe default of false. - UsernamePasswordToken(String, char[], boolean) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user wishes their identity to be remembered across sessions.
- UsernamePasswordToken(String, char[], boolean, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.
- UsernamePasswordToken(String, char[], String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the inetAddress from where the attempt is occurring, and a default rememberMe value of false
- UsernamePasswordToken(String, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted during an authentication attempt, with a null
host
and a rememberMe default of false - UsernamePasswordToken(String, String, boolean) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user wishes their identity to be remembered across sessions.
- UsernamePasswordToken(String, String, boolean, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.
- UsernamePasswordToken(String, String, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the inetAddress from where the attempt is occurring, and a default rememberMe value of false
- userRolesQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- users - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- USERS_LOCK - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- USERS_SECTION_NAME - Static variable in class org.apache.shiro.realm.text.IniRealm
- useXmlFormat - Variable in class org.apache.shiro.realm.text.PropertiesRealm
V
- validate() - Method in class org.apache.shiro.session.mgt.SimpleSession
- validate() - Method in interface org.apache.shiro.session.mgt.ValidatingSession
- validate(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- validateAuthenticationInfo(Hashtable<String, Object>) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Validates the configuration in the JNDI
environment
settings and throws an exception if a problem exists. - validateSessions() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- validateSessions() - Method in interface org.apache.shiro.session.mgt.ValidatingSessionManager
-
Performs session validation for all open/active sessions in the system (those that have not been stopped or expired), and validates each one.
- ValidatingSession - Interface in org.apache.shiro.session.mgt
-
A
ValidatingSession
is aSession
that is capable of determining it is valid or not and is able to validate itself if necessary. - ValidatingSessionManager - Interface in org.apache.shiro.session.mgt
-
A ValidatingSessionManager is a SessionManager that can proactively validate any or all sessions that may be expired.
- value() - Method in annotation type org.apache.shiro.authz.annotation.RequiresPermissions
-
The permission string which will be passed to
Subject.isPermitted(String)
to determine if the user is allowed to invoke the code protected by this annotation. - value() - Method in annotation type org.apache.shiro.authz.annotation.RequiresRoles
-
A single String role name or multiple comma-delimited role names required in order for the method invocation to be allowed.
- valueOf(String) - Static method in enum org.apache.shiro.authz.annotation.Logical
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
-
Returns the enum constant of this type with the specified name.
- values() - Static method in enum org.apache.shiro.authz.annotation.Logical
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Static method in enum org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- values() - Method in class org.apache.shiro.util.MapContext
W
- WILDCARD_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- WildcardPermission - Class in org.apache.shiro.authz.permission
-
A
WildcardPermission
is a very flexible permission construct supporting multiple levels of permission matching. - WildcardPermission() - Constructor for class org.apache.shiro.authz.permission.WildcardPermission
-
Default no-arg constructor for subclasses only - end-user developers instantiating Permission instances must provide a wildcard string at a minimum, since Permission instances are immutable once instantiated.
- WildcardPermission(String) - Constructor for class org.apache.shiro.authz.permission.WildcardPermission
- WildcardPermission(String, boolean) - Constructor for class org.apache.shiro.authz.permission.WildcardPermission
- WildcardPermissionResolver - Class in org.apache.shiro.authz.permission
-
PermissionResolver implementation that returns a new
WildcardPermission
based on the input string. - WildcardPermissionResolver() - Constructor for class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Default constructor.
- WildcardPermissionResolver(boolean) - Constructor for class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Constructor to specify case sensitivity for the resolved premissions.
All Classes All Packages