Package org.apache.shiro.authz.aop
Class GuestAnnotationHandler
- java.lang.Object
-
- org.apache.shiro.aop.AnnotationHandler
-
- org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
-
- org.apache.shiro.authz.aop.GuestAnnotationHandler
-
public class GuestAnnotationHandler extends AuthorizingAnnotationHandler
Checks to see if a @RequiresGuestannotation is declared, and if so, ensures the callingSubjectdoes not have anidentitybefore invoking the method.This annotation essentially ensures that
subject..getPrincipal()== null- Since:
- 0.9.0
-
-
Field Summary
-
Fields inherited from class org.apache.shiro.aop.AnnotationHandler
annotationClass
-
-
Constructor Summary
Constructors Constructor Description GuestAnnotationHandler()Default no-argument constructor that ensures this interceptor looks forRequiresGuestannotations in a method declaration.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidassertAuthorized(Annotation a)Ensures that the callingSubjectis NOT a user, that is, they do not have anidentitybefore continuing.-
Methods inherited from class org.apache.shiro.aop.AnnotationHandler
getAnnotationClass, getSubject, setAnnotationClass
-
-
-
-
Constructor Detail
-
GuestAnnotationHandler
public GuestAnnotationHandler()
Default no-argument constructor that ensures this interceptor looks forRequiresGuestannotations in a method declaration.
-
-
Method Detail
-
assertAuthorized
public void assertAuthorized(Annotation a) throws AuthorizationException
Ensures that the callingSubjectis NOT a user, that is, they do not have anidentitybefore continuing. If they are a user (Subject.getPrincipal()!= null), anAuthorizingExceptionwill be thrown indicating that execution is not allowed to continue.- Specified by:
assertAuthorizedin classAuthorizingAnnotationHandler- Parameters:
a- the annotation to check for one or more roles- Throws:
AuthorizationException- if the callingSubjectis not a "guest".
-
-