org.apache.shiro.authz.aop
Class AuthorizingAnnotationHandler

java.lang.Object
  extended by org.apache.shiro.aop.AnnotationHandler
      extended by org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
Direct Known Subclasses:
AuthenticatedAnnotationHandler, GuestAnnotationHandler, PermissionAnnotationHandler, RoleAnnotationHandler, UserAnnotationHandler

public abstract class AuthorizingAnnotationHandler
extends AnnotationHandler

An AnnotationHandler that executes authorization (access control) behavior based on directive(s) found in a JSR-175 Annotation.

Since:
0.9.0

Field Summary
 
Fields inherited from class org.apache.shiro.aop.AnnotationHandler
annotationClass
 
Constructor Summary
AuthorizingAnnotationHandler(Class<? extends Annotation> annotationClass)
          Constructs an AuthorizingAnnotationHandler who processes annotations of the specified type.
 
Method Summary
abstract  void assertAuthorized(Annotation a)
          Ensures the calling Subject is authorized to execute based on the directive(s) found in the given annotation.
 
Methods inherited from class org.apache.shiro.aop.AnnotationHandler
getAnnotationClass, getSubject, setAnnotationClass
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthorizingAnnotationHandler

public AuthorizingAnnotationHandler(Class<? extends Annotation> annotationClass)
Constructs an AuthorizingAnnotationHandler who processes annotations of the specified type. Immediately calls super(annotationClass).

Parameters:
annotationClass - the type of annotation this handler will process.
Method Detail

assertAuthorized

public abstract void assertAuthorized(Annotation a)
                               throws AuthorizationException
Ensures the calling Subject is authorized to execute based on the directive(s) found in the given annotation.

As this is an AnnotationMethodInterceptor, the implementations of this method typically inspect the annotation and perform a corresponding authorization check based.

Parameters:
a - the Annotation to check for performing an authorization check.
Throws:
AuthorizationException - if the class/instance/method is not allowed to proceed/execute.


Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.