Package org.apache.shiro.web.mgt

Interface WebSecurityManager

  • All Superinterfaces:
    org.apache.shiro.authc.Authenticator, org.apache.shiro.authz.Authorizer, org.apache.shiro.mgt.SecurityManager, org.apache.shiro.session.mgt.SessionManager
    All Known Implementing Classes:
    DefaultWebSecurityManager
    public interface WebSecurityManager
extends org.apache.shiro.mgt.SecurityManager
    This interface represents a SecurityManager implementation that can used in web-enabled applications.
    Since:
    1.0

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean isHttpSessionMode()
      Security information needs to be retained from request to request, so Shiro makes use of a session for this.

      • Methods inherited from interface org.apache.shiro.authc.Authenticator

        authenticate

      • Methods inherited from interface org.apache.shiro.authz.Authorizer

        checkPermission, checkPermission, checkPermissions, checkPermissions, checkRole, checkRoles, checkRoles, hasAllRoles, hasRole, hasRoles, isPermitted, isPermitted, isPermitted, isPermitted, isPermittedAll, isPermittedAll

      • Methods inherited from interface org.apache.shiro.mgt.SecurityManager

        createSubject, login, logout

      • Methods inherited from interface org.apache.shiro.session.mgt.SessionManager

        getSession, start

    • Method Detail

      • isHttpSessionMode

        boolean isHttpSessionMode()
        Security information needs to be retained from request to request, so Shiro makes use of a session for this. Typically, a security manager will use the servlet container's HTTP session but custom session implementations, for example based on EhCache, may also be used. This method indicates whether the security manager is using the HTTP session or not.
        Returns:
        true if the security manager is using the HTTP session; otherwise, false.