/** * Default no-argument constructor that ensures this interceptor looks for * {@link org.apache.shiro.authz.annotation.RequiresGuest RequiresGuest} annotations in a method * declaration. */ public GuestAnnotationMethodInterceptor() { super(new GuestAnnotationHandler()); }
/** * Ensures that the calling <code>Subject</code> is NOT a <em>user</em>, that is, they do not * have an {@link org.apache.shiro.subject.Subject#getPrincipal() identity} before continuing. If they are * a user ({@link org.apache.shiro.subject.Subject#getPrincipal() Subject.getPrincipal()} != null), an * <code>AuthorizingException</code> will be thrown indicating that execution is not allowed to continue. * * @param a the annotation to check for one or more roles * @throws org.apache.shiro.authz.AuthorizationException * if the calling <code>Subject</code> is not a "guest". */ public void assertAuthorized(Annotation a) throws AuthorizationException { if (a instanceof RequiresGuest && getSubject().getPrincipal() != null) { throw new UnauthenticatedException("Attempting to perform a guest-only operation. The current Subject is " + "not a guest (they have been authenticated or remembered from a previous login). Access " + "denied."); } } }
/** * @param resolver * @since 1.1 */ public GuestAnnotationMethodInterceptor(AnnotationResolver resolver) { super(new GuestAnnotationHandler(), resolver); }
/** * Ensures that the calling <code>Subject</code> is NOT a <em>user</em>, that is, they do not * have an {@link org.apache.shiro.subject.Subject#getPrincipal() identity} before continuing. If they are * a user ({@link org.apache.shiro.subject.Subject#getPrincipal() Subject.getPrincipal()} != null), an * <code>AuthorizingException</code> will be thrown indicating that execution is not allowed to continue. * * @param a the annotation to check for one or more roles * @throws org.apache.shiro.authz.AuthorizationException * if the calling <code>Subject</code> is not a "guest". */ public void assertAuthorized(Annotation a) throws AuthorizationException { if (a instanceof RequiresGuest && getSubject().getPrincipal() != null) { throw new UnauthenticatedException("Attempting to perform a guest-only operation. The current Subject is " + "not a guest (they have been authenticated or remembered from a previous login). Access " + "denied."); } } }
private static AuthorizingAnnotationHandler createHandler(Annotation annotation) { Class<?> t = annotation.annotationType(); if (RequiresPermissions.class.equals(t)) return new PermissionAnnotationHandler(); else if (RequiresRoles.class.equals(t)) return new RoleAnnotationHandler(); else if (RequiresUser.class.equals(t)) return new UserAnnotationHandler(); else if (RequiresGuest.class.equals(t)) return new GuestAnnotationHandler(); else if (RequiresAuthentication.class.equals(t)) return new AuthenticatedAnnotationHandler(); else throw new IllegalArgumentException("Cannot create a handler for the unknown for annotation " + t); }
/** * Ensures that the calling <code>Subject</code> is NOT a <em>user</em>, that is, they do not * have an {@link org.apache.shiro.subject.Subject#getPrincipal() identity} before continuing. If they are * a user ({@link org.apache.shiro.subject.Subject#getPrincipal() Subject.getPrincipal()} != null), an * <code>AuthorizingException</code> will be thrown indicating that execution is not allowed to continue. * * @param a the annotation to check for one or more roles * @throws org.apache.shiro.authz.AuthorizationException * if the calling <code>Subject</code> is not a "guest". */ public void assertAuthorized(Annotation a) throws AuthorizationException { if (a instanceof RequiresGuest && getSubject().getPrincipal() != null) { throw new UnauthenticatedException("Attempting to perform a guest-only operation. The current Subject is " + "not a guest (they have been authenticated or remembered from a previous login). Access " + "denied."); } } }
/** * Default no-argument constructor that ensures this interceptor looks for * {@link org.apache.shiro.authz.annotation.RequiresGuest RequiresGuest} annotations in a method * declaration. */ public GuestAnnotationMethodInterceptor() { super(new GuestAnnotationHandler()); }
/** * @param resolver * @since 1.1 */ public GuestAnnotationMethodInterceptor(AnnotationResolver resolver) { super(new GuestAnnotationHandler(), resolver); }
/** * @param resolver * @since 1.1 */ public GuestAnnotationMethodInterceptor(AnnotationResolver resolver) { super(new GuestAnnotationHandler(), resolver); }
/** * Default no-argument constructor that ensures this interceptor looks for * {@link org.apache.shiro.authz.annotation.RequiresGuest RequiresGuest} annotations in a method * declaration. */ public GuestAnnotationMethodInterceptor() { super(new GuestAnnotationHandler()); }
private static AuthorizingAnnotationHandler createHandler(Annotation annotation) { Class<?> t = annotation.annotationType(); if (RequiresPermissions.class.equals(t)) return new PermissionAnnotationHandler(); else if (RequiresRoles.class.equals(t)) return new RoleAnnotationHandler(); else if (RequiresUser.class.equals(t)) return new UserAnnotationHandler(); else if (RequiresGuest.class.equals(t)) return new GuestAnnotationHandler(); else if (RequiresAuthentication.class.equals(t)) return new AuthenticatedAnnotationHandler(); else throw new IllegalArgumentException("Cannot create a handler for the unknown for annotation " + t); }