Package org.apache.shiro.authz.aop
Class RoleAnnotationHandler
- java.lang.Object
-
- org.apache.shiro.aop.AnnotationHandler
-
- org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
-
- org.apache.shiro.authz.aop.RoleAnnotationHandler
-
public class RoleAnnotationHandler extends AuthorizingAnnotationHandler
Checks to see if a @RequiresRolesannotation is declared, and if so, performs a role check to see if the callingSubjectis allowed to proceed.- Since:
- 0.9.0
-
-
Field Summary
-
Fields inherited from class org.apache.shiro.aop.AnnotationHandler
annotationClass
-
-
Constructor Summary
Constructors Constructor Description RoleAnnotationHandler()Default no-argument constructor that ensures this handler looks forRequiresRolesannotations.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidassertAuthorized(Annotation a)Ensures that the callingSubjecthas the Annotation's specified roles, and if not, throws anAuthorizingExceptionindicating that access is denied.-
Methods inherited from class org.apache.shiro.aop.AnnotationHandler
getAnnotationClass, getSubject, setAnnotationClass
-
-
-
-
Constructor Detail
-
RoleAnnotationHandler
public RoleAnnotationHandler()
Default no-argument constructor that ensures this handler looks forRequiresRolesannotations.
-
-
Method Detail
-
assertAuthorized
public void assertAuthorized(Annotation a) throws AuthorizationException
Ensures that the callingSubjecthas the Annotation's specified roles, and if not, throws anAuthorizingExceptionindicating that access is denied.- Specified by:
assertAuthorizedin classAuthorizingAnnotationHandler- Parameters:
a- the RequiresRoles annotation to use to check for one or more roles- Throws:
AuthorizationException- if the callingSubjectdoes not have the role(s) necessary to proceed.
-
-