Class UserAnnotationHandler
java.lang.Object
org.apache.shiro.aop.AnnotationHandler
org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
org.apache.shiro.authz.aop.UserAnnotationHandler
Checks to see if a @
RequiresUser annotation
is declared, and if so, ensures the calling Subject is either
authenticated or remembered via remember
me services before allowing access.
This annotation essentially ensures that subject.
.getPrincipal() != null
- Since:
- 0.9.0
-
Field Summary
Fields inherited from class org.apache.shiro.aop.AnnotationHandler
annotationClass -
Constructor Summary
ConstructorsConstructorDescriptionDefault no-argument constructor that ensures this handler looks for -
Method Summary
Modifier and TypeMethodDescriptionvoidEnsures that the callingSubjectis a user, that is, they are eitherauthenticatedor remembered via remember me services before allowing access, and if not, throws anAuthorizingExceptionindicating access is not allowed.Methods inherited from class org.apache.shiro.aop.AnnotationHandler
getAnnotationClass, getSubject, setAnnotationClass
-
Constructor Details
-
UserAnnotationHandler
public UserAnnotationHandler()Default no-argument constructor that ensures this handler looks forRequiresUserannotations.
-
-
Method Details
-
assertAuthorized
Ensures that the callingSubjectis a user, that is, they are eitherauthenticatedor remembered via remember me services before allowing access, and if not, throws anAuthorizingExceptionindicating access is not allowed.- Specified by:
assertAuthorizedin classAuthorizingAnnotationHandler- Parameters:
a- the RequiresUser annotation to check- Throws:
AuthorizationException- if the callingSubjectis not authenticated or remembered via rememberMe services.
-