Class PermitAllAnnotationHandler

java.lang.Object

org.apache.shiro.aop.AnnotationHandler

org.apache.shiro.authz.aop.AuthorizingAnnotationHandler

org.apache.shiro.authz.aop.PermitAllAnnotationHandler

public class PermitAllAnnotationHandler
extends AuthorizingAnnotationHandler

This AnnotationHandler allows access from any subject (anonymous or logged in user). It is largely a no-op or for documentation. However, this annotation WILL override a DenyAll or RolesAllowed annotation if those annotations are placed at the class level and PermitAll is placed on a method.

Since:

2.0

Field Summary

Fields inherited from class org.apache.shiro.aop.AnnotationHandler

annotationClass

Constructor Summary

Constructors

Constructor	Description
PermitAllAnnotationHandler()	Default no-argument constructor that ensures this interceptor looks for a PermitAll annotation in a method declaration.

Method Summary

Modifier and Type	Method	Description
void	assertAuthorized(Annotation a)	No-op, the PermitAll annotation allows all subjects (including guests/anonymous).

Methods inherited from class org.apache.shiro.aop.AnnotationHandler

getAnnotationClass, getSubject, setAnnotationClass

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

PermitAllAnnotationHandler

public PermitAllAnnotationHandler()

Default no-argument constructor that ensures this interceptor looks for a PermitAll annotation in a method declaration.

Method Details

assertAuthorized

public void assertAuthorized(Annotation a)

No-op, the PermitAll annotation allows all subjects (including guests/anonymous).

Specified by:

assertAuthorized in class AuthorizingAnnotationHandler

Parameters:

a - the annotation to check for one or more roles