Package org.apache.shiro.authz.aop

package org.apache.shiro.authz.aop

Contains AOP implementation support classes specifically used for authorization operations, particularly supporting AOP Method Interceptors and JSR-175 metadata Annotations.

Related Packages

Package	Description
org.apache.shiro.authz	Core interfaces and exceptions supporting Authorization (access control).
org.apache.shiro.authz.annotation	Annotations used to restrict which classes, instances, or methods may be accessed or invoked depending on the caller's access abilities or authentication state.
org.apache.shiro.authz.permission	Support and default implementations for Shiro's Permission interface.

Classes

Class	Description
AnnotationsAuthorizingMethodInterceptor	An AnnotationsAuthorizingMethodInterceptor is a MethodInterceptor that asserts a given method is authorized to execute based on one or more configured AuthorizingAnnotationMethodInterceptors.
AuthenticatedAnnotationHandler	Handles RequiresAuthentication annotations and ensures the calling subject is authenticated before allowing access.
AuthenticatedAnnotationMethodInterceptor	Checks to see if a @RequiresAuthenticated annotation is declared, and if so, ensures the calling Subject.isAuthenticated() before invoking the method.
AuthorizingAnnotationHandler	An AnnotationHandler that executes authorization (access control) behavior based on directive(s) found in a JSR-175 Annotation.
AuthorizingAnnotationMethodInterceptor	An AnnotationMethodInterceptor that asserts the calling code is authorized to execute the method before allowing the invocation to continue by inspecting code annotations to perform an access control check.
AuthorizingMethodInterceptor	Basic abstract class to support intercepting methods that perform authorization (access control) checks.
DenyAllAnnotationHandler	This AnnotationHandler denys access from any subject (anonymous or logged in user).
GuestAnnotationHandler	Checks to see if a @RequiresGuest annotation is declared, and if so, ensures the calling Subject does not have an identity before invoking the method.
GuestAnnotationMethodInterceptor	Checks to see if a @RequiresGuest annotation is declared, and if so, ensures the calling Subject does not have an identity before invoking the method.
PermissionAnnotationHandler	Checks to see if a @RequiresPermissions annotation is declared, and if so, performs a permission check to see if the calling Subject is allowed continued access.
PermissionAnnotationMethodInterceptor	Checks to see if a @RequiresPermissions annotation is declared, and if so, performs a permission check to see if the calling Subject is allowed to call the method.
PermitAllAnnotationHandler	This AnnotationHandler allows access from any subject (anonymous or logged in user).
RoleAnnotationHandler	Checks to see if a @RequiresRoles annotation is declared, and if so, performs a role check to see if the calling Subject is allowed to proceed.
RoleAnnotationMethodInterceptor	Checks to see if a @RequiresRoles annotation is declared, and if so, performs a role check to see if the calling Subject is allowed to invoke the method.
RolesAllowedAnnotationHandler	Checks to see if a @RolesAllowed annotation is declared, and if so, performs a role check to see if the calling Subject is allowed to proceed.
UserAnnotationHandler	Checks to see if a @RequiresUser annotation is declared, and if so, ensures the calling Subject is either authenticated or remembered via remember me services before allowing access.
UserAnnotationMethodInterceptor	Checks to see if a @RequiresUser annotation is declared, and if so, ensures the calling Subject is either authenticated or remembered via remember me services before invoking the method.