Package | Description |
---|---|
org.apache.shiro |
This package primarily exists as a root classpath distinction, but it does contain two core classes widely used
by applications,
SecurityUtils and
ShiroException . |
org.apache.shiro.config |
Components that support configuring Shiro in any application.
|
org.apache.shiro.env |
Concepts used to represent Shiro's aggregate state in an application.
|
org.apache.shiro.guice | |
org.apache.shiro.guice.web | |
org.apache.shiro.mgt |
Provides the master
SecurityManager interface and a default implementation
hierarchy for managing all aspects of Shiro's functionality in an application. |
org.apache.shiro.spring.remoting |
Support to enable Spring-based remote method invocations to carry a Shiro session ID as part of the
invocation payload, allowing remote clients to perform security operations.
|
org.apache.shiro.spring.security.interceptor |
Spring AOP support for enabling Shiro annotations in Spring-configured applications.
|
org.apache.shiro.spring.web |
Spring-specific components for use in Spring-based web applications.
|
org.apache.shiro.subject |
Components supporting the
Subject interface, the most important concept in
Shiro's API. |
org.apache.shiro.subject.support |
Concrete support implementations of most of the
org.apache.shiro.subject interfaces. |
org.apache.shiro.util |
Your run-of-the-mill 'util' pacakge for components and logic widely used across the framework that can't
find their home into a proper OO hierarchy (or, most likely for things used across many hierarchies).
|
org.apache.shiro.web.config |
Web-specific implementation extensions to the
org.apache.shiro.config components. |
org.apache.shiro.web.env |
Web-specific
Environment implementation and support. |
org.apache.shiro.web.mgt |
Components supporting web-specific
SecurityManager implementations. |
org.apache.shiro.web.subject |
Web-specific
Subject interfaces to enable Subject use in web
environments. |
org.apache.shiro.web.subject.support |
Supporting implementations of
org.apache.shiro.web.subject package interfaces. |
Modifier and Type | Method and Description |
---|---|
static SecurityManager |
SecurityUtils.getSecurityManager()
Returns the SecurityManager accessible to the calling code.
|
Modifier and Type | Method and Description |
---|---|
static void |
SecurityUtils.setSecurityManager(SecurityManager securityManager)
Sets a VM (static) singleton SecurityManager, specifically for transparent use in the
getSubject() implementation. |
Modifier and Type | Method and Description |
---|---|
protected SecurityManager |
IniSecurityManagerFactory.createDefaultInstance() |
protected SecurityManager |
IniSecurityManagerFactory.createInstance(Ini ini) |
Modifier and Type | Method and Description |
---|---|
protected void |
IniSecurityManagerFactory.applyRealmsToSecurityManager(Collection<Realm> realms,
SecurityManager securityManager) |
protected boolean |
IniSecurityManagerFactory.isAutoApplyRealms(SecurityManager securityManager) |
Modifier and Type | Method and Description |
---|---|
SecurityManager |
Environment.getSecurityManager()
Returns the application's
SecurityManager instance. |
SecurityManager |
DefaultEnvironment.getSecurityManager()
Returns the application's
SecurityManager instance accessible in the backing map using the
securityManagerName property as the lookup key. |
protected SecurityManager |
DefaultEnvironment.lookupSecurityManager()
Looks up the
SecurityManager instance in the backing map without performing any non-null guarantees. |
Modifier and Type | Method and Description |
---|---|
void |
DefaultEnvironment.setSecurityManager(SecurityManager securityManager) |
Modifier and Type | Method and Description |
---|---|
protected void |
ShiroModule.bindSecurityManager(com.google.inject.binder.AnnotatedBindingBuilder<? super SecurityManager> bind)
Binds the security manager.
|
Modifier and Type | Method and Description |
---|---|
protected void |
ShiroWebModule.bindSecurityManager(com.google.inject.binder.AnnotatedBindingBuilder<? super SecurityManager> bind) |
Modifier and Type | Class and Description |
---|---|
class |
AuthenticatingSecurityManager
Shiro support of a
SecurityManager class hierarchy that delegates all
authentication operations to a wrapped Authenticator instance. |
class |
AuthorizingSecurityManager
Shiro support of a
SecurityManager class hierarchy that delegates all
authorization (access control) operations to a wrapped Authorizer instance. |
class |
CachingSecurityManager
A very basic starting point for the SecurityManager interface that merely provides logging and caching
support.
|
class |
DefaultSecurityManager
The Shiro framework's default concrete implementation of the
SecurityManager interface,
based around a collection of Realm s. |
class |
RealmSecurityManager
Shiro support of a
SecurityManager class hierarchy based around a collection of
Realm s. |
class |
SessionsSecurityManager
Shiro support of a
SecurityManager class hierarchy that delegates all
session operations to a wrapped
SessionManager instance. |
Modifier and Type | Method and Description |
---|---|
protected Subject |
DefaultSubjectFactory.newSubjectInstance(PrincipalCollection principals,
boolean authenticated,
String host,
Session session,
SecurityManager securityManager)
Deprecated.
since 1.2 - override
DefaultSubjectFactory.createSubject(org.apache.shiro.subject.SubjectContext) directly if you
need to instantiate a custom Subject class. |
Modifier and Type | Method and Description |
---|---|
void |
SecureRemoteInvocationExecutor.setSecurityManager(SecurityManager securityManager) |
Modifier and Type | Field and Description |
---|---|
protected SecurityManager |
AuthorizationAttributeSourceAdvisor.securityManager |
Modifier and Type | Method and Description |
---|---|
SecurityManager |
AuthorizationAttributeSourceAdvisor.getSecurityManager() |
Modifier and Type | Method and Description |
---|---|
void |
AuthorizationAttributeSourceAdvisor.setSecurityManager(SecurityManager securityManager) |
Modifier and Type | Method and Description |
---|---|
SecurityManager |
ShiroFilterFactoryBean.getSecurityManager()
Sets the application
SecurityManager instance to be used by the constructed Shiro Filter. |
Modifier and Type | Method and Description |
---|---|
void |
ShiroFilterFactoryBean.setSecurityManager(SecurityManager securityManager)
Sets the application
SecurityManager instance to be used by the constructed Shiro Filter. |
Modifier and Type | Method and Description |
---|---|
SecurityManager |
SubjectContext.getSecurityManager()
Returns the SecurityManager instance that should be used to back the constructed
Subject instance or
null if one has not yet been provided to this context. |
SecurityManager |
SubjectContext.resolveSecurityManager()
Resolves the
SecurityManager instance that should be used to back the constructed Subject
instance (typically used to support DelegatingSubject implementations). |
Modifier and Type | Method and Description |
---|---|
void |
SubjectContext.setSecurityManager(SecurityManager securityManager)
Sets the SecurityManager instance that should be used to back the constructed
Subject instance
(typically used to support DelegatingSubject implementations). |
Constructor and Description |
---|
Builder(SecurityManager securityManager)
Constructs a new
Subject.Builder instance which will use the specified SecurityManager when
building the Subject instance. |
Modifier and Type | Field and Description |
---|---|
protected SecurityManager |
DelegatingSubject.securityManager |
Modifier and Type | Method and Description |
---|---|
SecurityManager |
DelegatingSubject.getSecurityManager() |
SecurityManager |
DefaultSubjectContext.getSecurityManager() |
SecurityManager |
DefaultSubjectContext.resolveSecurityManager() |
Modifier and Type | Method and Description |
---|---|
void |
DefaultSubjectContext.setSecurityManager(SecurityManager securityManager) |
Constructor and Description |
---|
DelegatingSubject(PrincipalCollection principals,
boolean authenticated,
String host,
Session session,
boolean sessionCreationEnabled,
SecurityManager securityManager) |
DelegatingSubject(PrincipalCollection principals,
boolean authenticated,
String host,
Session session,
SecurityManager securityManager) |
DelegatingSubject(SecurityManager securityManager) |
Modifier and Type | Method and Description |
---|---|
static SecurityManager |
ThreadContext.getSecurityManager()
Convenience method that simplifies retrieval of the application's SecurityManager instance from the current
thread.
|
static SecurityManager |
ThreadContext.unbindSecurityManager()
Convenience method that simplifies removal of the application's SecurityManager instance from the thread.
|
Modifier and Type | Method and Description |
---|---|
static void |
ThreadContext.bind(SecurityManager securityManager)
Convenience method that simplifies binding the application's SecurityManager instance to the ThreadContext.
|
Modifier and Type | Method and Description |
---|---|
protected SecurityManager |
WebIniSecurityManagerFactory.createDefaultInstance()
Simply returns
new to ensure a web-capable
SecurityManager is available by default. |
Modifier and Type | Method and Description |
---|---|
SecurityManager |
DefaultWebEnvironment.getSecurityManager() |
Modifier and Type | Method and Description |
---|---|
void |
DefaultWebEnvironment.setSecurityManager(SecurityManager securityManager) |
Modifier and Type | Interface and Description |
---|---|
interface |
WebSecurityManager
This interface represents a
SecurityManager implementation that can used in web-enabled applications. |
Modifier and Type | Class and Description |
---|---|
class |
DefaultWebSecurityManager
Default
WebSecurityManager implementation used in web-based applications or any
application that requires HTTP connectivity (SOAP, http remoting, etc). |
Modifier and Type | Method and Description |
---|---|
protected Subject |
DefaultWebSubjectFactory.newSubjectInstance(PrincipalCollection principals,
boolean authenticated,
String host,
Session session,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
SecurityManager securityManager)
Deprecated.
since 1.2 - override
DefaultWebSubjectFactory.createSubject(org.apache.shiro.subject.SubjectContext) directly if you
need to instantiate a custom Subject class. |
Constructor and Description |
---|
Builder(SecurityManager securityManager,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response)
Constructs a new
Web.Builder instance using the specified SecurityManager instance to
create the WebSubject instance. |
Constructor and Description |
---|
WebDelegatingSubject(PrincipalCollection principals,
boolean authenticated,
String host,
Session session,
boolean sessionEnabled,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
SecurityManager securityManager) |
WebDelegatingSubject(PrincipalCollection principals,
boolean authenticated,
String host,
Session session,
javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
SecurityManager securityManager) |
Copyright © 2004–2017 The Apache Software Foundation. All rights reserved.