org.apache.shiro.authz.aop
Class GuestAnnotationHandler
java.lang.Object
org.apache.shiro.aop.AnnotationHandler
org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
org.apache.shiro.authz.aop.GuestAnnotationHandler
public class GuestAnnotationHandler
- extends AuthorizingAnnotationHandler
Checks to see if a @RequiresGuest
annotation
is declared, and if so, ensures the calling Subject
does not
have an identity
before invoking the method.
This annotation essentially ensures that subject.getPrincipal()
== null
.
- Since:
- 0.9.0
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
GuestAnnotationHandler
public GuestAnnotationHandler()
- Default no-argument constructor that ensures this interceptor looks for
RequiresGuest
annotations in a method
declaration.
assertAuthorized
public void assertAuthorized(Annotation a)
throws AuthorizationException
- Ensures that the calling
Subject
is NOT a user, that is, they do not
have an identity
before continuing. If they are
a user (Subject.getPrincipal()
!= null), an
AuthorizingException
will be thrown indicating that execution is not allowed to continue.
- Specified by:
assertAuthorized
in class AuthorizingAnnotationHandler
- Parameters:
a
- the annotation to check for one or more roles
- Throws:
AuthorizationException
- if the calling Subject
is not a "guest".
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.