Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.10.0 / shiro-core / apidocs / org / apache / shiro / subject / Subject.html
blob: f7a1006f823fbcbf99892d426e254e2eff087ff7 [file] [log] [blame]
<!DOCTYPE HTML>
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc -->
<title>Subject (Apache Shiro :: Core 1.10.0 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../script.js"></script>
<script type="text/javascript" src="../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
try {
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="Subject (Apache Shiro :: Core 1.10.0 API)";
}
}
catch(err) {
}
//-->
var data = {"i0":6,"i1":6,"i2":6,"i3":6,"i4":6,"i5":6,"i6":6,"i7":6,"i8":6,"i9":6,"i10":6,"i11":6,"i12":6,"i13":6,"i14":6,"i15":6,"i16":6,"i17":6,"i18":6,"i19":6,"i20":6,"i21":6,"i22":6,"i23":6,"i24":6,"i25":6,"i26":6,"i27":6,"i28":6,"i29":6,"i30":6,"i31":6};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav"><!-- Matomo --> <script> var _paq = window._paq = window._paq || []; /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ /* We explicitly disable cookie tracking to avoid privacy issues */ _paq.push(['disableCookies']); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="//matomo.privacy.apache.org/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '2']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script> <!-- End Matomo Code -->
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a id="navbar.top">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/Subject.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li><a href="#nested.class.summary">Nested</a>&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>
<!-- ======== START OF CLASS DATA ======== -->
<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.apache.shiro.subject</a></div>
<h2 title="Interface Subject" class="title">Interface Subject</h2>
</div>
<div class="contentContainer">
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Known Implementing Classes:</dt>
<dd><code><a href="support/DelegatingSubject.html" title="class in org.apache.shiro.subject.support">DelegatingSubject</a></code></dd>
</dl>
<hr>
<pre>public interface <a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.60">Subject</a></pre>
<div class="block">A <code>Subject</code> represents state and security operations for a <em>single</em> application user.
These operations include authentication (login/logout), authorization (access control), and
session access. It is Shiro's primary mechanism for single-user security functionality.
<h3>Acquiring a Subject</h3>
To acquire the currently-executing <code>Subject</code>, application developers will almost always use
<code>SecurityUtils</code>:
<pre>
<a href="../SecurityUtils.html" title="class in org.apache.shiro"><code>SecurityUtils</code></a>.<a href="../SecurityUtils.html#getSubject()"><code>getSubject()</code></a></pre>
Almost all security operations should be performed with the <code>Subject</code> returned from this method.
<h3>Permission methods</h3>
Note that there are many *Permission methods in this interface overloaded to accept String arguments instead of
<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> instances. They are a convenience allowing the caller to use a String representation of
a <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> if desired. The underlying Authorization subsystem implementations will usually
simply convert these String values to <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> instances and then just call the corresponding
type-safe method. (Shiro's default implementations do String-to-Permission conversion for these methods using
<a href="../authz/permission/PermissionResolver.html" title="interface in org.apache.shiro.authz.permission"><code>PermissionResolver</code></a>s.)
<p/>
These overloaded *Permission methods forgo type-safety for the benefit of convenience and simplicity,
so you should choose which ones to use based on your preferences and needs.</div>
<dl>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.1</dd>
</dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ======== NESTED CLASS SUMMARY ======== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="nested.class.summary">
<!-- -->
</a>
<h3>Nested Class Summary</h3>
<table class="memberSummary">
<caption><span>Nested Classes</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Interface</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static class&nbsp;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="Subject.Builder.html" title="class in org.apache.shiro.subject">Subject.Builder</a></span></code></th>
<td class="colLast">
<div class="block">Builder design pattern implementation for creating <a href="Subject.html" title="interface in org.apache.shiro.subject"><code>Subject</code></a> instances in a simplified way without
requiring knowledge of Shiro's construction techniques.</div>
</td>
</tr>
</table>
</li>
</ul>
</section>
<!-- ========== METHOD SUMMARY =========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Runnable.html?is-external=true" title="class or interface in java.lang" class="externalLink">Runnable</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#associateWith(java.lang.Runnable)">associateWith</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Runnable.html?is-external=true" title="class or interface in java.lang" class="externalLink">Runnable</a>&nbsp;runnable)</code></th>
<td class="colLast">
<div class="block">Returns a <code>Runnable</code> instance matching the given argument while additionally ensuring that it will
retain and execute under this Subject's identity.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>&lt;V&gt;&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Callable.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink">Callable</a>&lt;V&gt;</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#associateWith(java.util.concurrent.Callable)">associateWith</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Callable.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink">Callable</a>&lt;V&gt;&nbsp;callable)</code></th>
<td class="colLast">
<div class="block">Returns a <code>Callable</code> instance matching the given argument while additionally ensuring that it will
retain and execute under this Subject's identity.</div>
</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermission(java.lang.String)">checkPermission</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permission)</code></th>
<td class="colLast">
<div class="block">Ensures this Subject implies the specified permission String.</div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermission(org.apache.shiro.authz.Permission)">checkPermission</a></span>&#8203;(<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)</code></th>
<td class="colLast">
<div class="block">Ensures this Subject <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> the specified <code>Permission</code>.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermissions(java.lang.String...)">checkPermissions</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Ensures this Subject
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.</div>
</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermissions(java.util.Collection)">checkPermissions</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Ensures this Subject
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.</div>
</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkRole(java.lang.String)">checkRole</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;roleIdentifier)</code></th>
<td class="colLast">
<div class="block">Asserts this Subject has the specified role by returning quietly if they do or throwing an
<a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkRoles(java.lang.String...)">checkRoles</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;roleIdentifiers)</code></th>
<td class="colLast">
<div class="block">Same as <code>checkRoles(Collection<String>roleIdentifiers)</code> but
doesn't require a collection as a an argument.</div>
</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkRoles(java.util.Collection)">checkRoles</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</code></th>
<td class="colLast">
<div class="block">Asserts this Subject has all of the specified roles by returning quietly if they do or throwing an
<a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
</td>
</tr>
<tr id="i9" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#execute(java.lang.Runnable)">execute</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Runnable.html?is-external=true" title="class or interface in java.lang" class="externalLink">Runnable</a>&nbsp;runnable)</code></th>
<td class="colLast">
<div class="block">Associates the specified <code>Runnable</code> with this <code>Subject</code> instance and then executes it on the
currently running thread.</div>
</td>
</tr>
<tr id="i10" class="altColor">
<td class="colFirst"><code>&lt;V&gt;&nbsp;V</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#execute(java.util.concurrent.Callable)">execute</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Callable.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink">Callable</a>&lt;V&gt;&nbsp;callable)</code></th>
<td class="colLast">
<div class="block">Associates the specified <code>Callable</code> with this <code>Subject</code> instance and then executes it on the
currently running thread.</div>
</td>
</tr>
<tr id="i11" class="rowColor">
<td class="colFirst"><code><a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getPreviousPrincipals()">getPreviousPrincipals</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns the previous 'pre run as' identity of this <code>Subject</code> before assuming the current
<a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs</code></a> identity, or <code>null</code> if this <code>Subject</code> is not operating under an assumed
identity (normal state).</div>
</td>
</tr>
<tr id="i12" class="altColor">
<td class="colFirst"><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang" class="externalLink">Object</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getPrincipal()">getPrincipal</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns this Subject's application-wide uniquely identifying principal, or <code>null</code> if this
Subject is anonymous because it doesn't yet have any associated account data (for example,
if they haven't logged in).</div>
</td>
</tr>
<tr id="i13" class="rowColor">
<td class="colFirst"><code><a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getPrincipals()">getPrincipals</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns this Subject's principals (identifying attributes) in the form of a <code>PrincipalCollection</code> or
<code>null</code> if this Subject is anonymous because it doesn't yet have any associated account data (for example,
if they haven't logged in).</div>
</td>
</tr>
<tr id="i14" class="altColor">
<td class="colFirst"><code><a href="../session/Session.html" title="interface in org.apache.shiro.session">Session</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getSession()">getSession</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns the application <code>Session</code> associated with this Subject.</div>
</td>
</tr>
<tr id="i15" class="rowColor">
<td class="colFirst"><code><a href="../session/Session.html" title="interface in org.apache.shiro.session">Session</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getSession(boolean)">getSession</a></span>&#8203;(boolean&nbsp;create)</code></th>
<td class="colLast">
<div class="block">Returns the application <code>Session</code> associated with this Subject.</div>
</td>
</tr>
<tr id="i16" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#hasAllRoles(java.util.Collection)">hasAllRoles</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this Subject has all of the specified roles, <code>false</code> otherwise.</div>
</td>
</tr>
<tr id="i17" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#hasRole(java.lang.String)">hasRole</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;roleIdentifier)</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this Subject has the specified role, <code>false</code> otherwise.</div>
</td>
</tr>
<tr id="i18" class="altColor">
<td class="colFirst"><code>boolean[]</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#hasRoles(java.util.List)">hasRoles</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</code></th>
<td class="colLast">
<div class="block">Checks if this Subject has the specified roles, returning a boolean array indicating
which roles are associated.</div>
</td>
</tr>
<tr id="i19" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isAuthenticated()">isAuthenticated</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this Subject/user proved their identity <em>during their current session</em>
by providing valid credentials matching those known to the system, <code>false</code> otherwise.</div>
</td>
</tr>
<tr id="i20" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(java.lang.String)">isPermitted</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permission)</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this Subject is permitted to perform an action or access a resource summarized by the
specified permission string.</div>
</td>
</tr>
<tr id="i21" class="rowColor">
<td class="colFirst"><code>boolean[]</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(java.lang.String...)">isPermitted</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Checks if this Subject implies the given permission strings and returns a boolean array indicating which
permissions are implied.</div>
</td>
</tr>
<tr id="i22" class="altColor">
<td class="colFirst"><code>boolean[]</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(java.util.List)">isPermitted</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Checks if this Subject implies the given Permissions and returns a boolean array indicating which permissions
are implied.</div>
</td>
</tr>
<tr id="i23" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(org.apache.shiro.authz.Permission)">isPermitted</a></span>&#8203;(<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this Subject is permitted to perform an action or access a resource summarized by the
specified permission.</div>
</td>
</tr>
<tr id="i24" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermittedAll(java.lang.String...)">isPermittedAll</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this Subject implies all of the specified permission strings, <code>false</code> otherwise.</div>
</td>
</tr>
<tr id="i25" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermittedAll(java.util.Collection)">isPermittedAll</a></span>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this Subject implies all of the specified permissions, <code>false</code> otherwise.</div>
</td>
</tr>
<tr id="i26" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isRemembered()">isRemembered</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this <code>Subject</code> has an identity (it is not anonymous) and the identity
(aka <a href="#getPrincipals()"><code>principals</code></a>) is remembered from a successful authentication during a previous
session.</div>
</td>
</tr>
<tr id="i27" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isRunAs()">isRunAs</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this <code>Subject</code> is 'running as' another identity other than its original one or
<code>false</code> otherwise (normal <code>Subject</code> state).</div>
</td>
</tr>
<tr id="i28" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#login(org.apache.shiro.authc.AuthenticationToken)">login</a></span>&#8203;(<a href="../authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a>&nbsp;token)</code></th>
<td class="colLast">
<div class="block">Performs a login attempt for this Subject/user.</div>
</td>
</tr>
<tr id="i29" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#logout()">logout</a></span>()</code></th>
<td class="colLast">
<div class="block">Logs out this Subject and invalidates and/or removes any associated entities,
such as a <a href="../session/Session.html" title="interface in org.apache.shiro.session"><code>Session</code></a> and authorization data.</div>
</td>
</tr>
<tr id="i30" class="altColor">
<td class="colFirst"><code><a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#releaseRunAs()">releaseRunAs</a></span>()</code></th>
<td class="colLast">
<div class="block">Releases the current 'run as' (assumed) identity and reverts back to the previous 'pre run as'
identity that existed before <code>#runAs runAs</code> was called.</div>
</td>
</tr>
<tr id="i31" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#runAs(org.apache.shiro.subject.PrincipalCollection)">runAs</a></span>&#8203;(<a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals)</code></th>
<td class="colLast">
<div class="block">Allows this subject to 'run as' or 'assume' another identity indefinitely.</div>
</td>
</tr>
</table>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ METHOD DETAIL ========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a id="getPrincipal()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getPrincipal</h4>
<pre class="methodSignature"><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang" class="externalLink">Object</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.91">getPrincipal</a>()</pre>
<div class="block">Returns this Subject's application-wide uniquely identifying principal, or <code>null</code> if this
Subject is anonymous because it doesn't yet have any associated account data (for example,
if they haven't logged in).
<p/>
The term <em>principal</em> is just a fancy security term for any identifying attribute(s) of an application
user, such as a username, or user id, or public key, or anything else you might use in your application to
identify a user.
<h4>Uniqueness</h4>
Although given names and family names (first/last) are technically considered principals as well,
Shiro expects the object returned from this method to be an identifying attribute unique across
your entire application.
<p/>
This implies that things like given names and family names are usually poor
candidates as return values since they are rarely guaranteed to be unique; Things often used for this value:
<ul>
<li>A <code>long</code> RDBMS surrogate primary key</li>
<li>An application-unique username</li>
<li>A <a href="https://docs.oracle.com/javase/8/docs/api/java/util/UUID.html?is-external=true" title="class or interface in java.util" class="externalLink"><code>UUID</code></a></li>
<li>An LDAP Unique ID</li>
</ul>
or any other similar suitable unique mechanism valuable to your application.
<p/>
Most implementations will simply return
<code><a href="#getPrincipals()"><code>getPrincipals()</code></a>.<a href="PrincipalCollection.html#getPrimaryPrincipal()"><code>getPrimaryPrincipal()</code></a></code></div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>this Subject's application-specific unique identity.</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="PrincipalCollection.html#getPrimaryPrincipal()"><code>PrincipalCollection.getPrimaryPrincipal()</code></a></dd>
</dl>
</li>
</ul>
<a id="getPrincipals()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getPrincipals</h4>
<pre class="methodSignature"><a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.106">getPrincipals</a>()</pre>
<div class="block">Returns this Subject's principals (identifying attributes) in the form of a <code>PrincipalCollection</code> or
<code>null</code> if this Subject is anonymous because it doesn't yet have any associated account data (for example,
if they haven't logged in).
<p/>
The word &quot;principals&quot; is nothing more than a fancy security term for identifying attributes associated
with a Subject, aka, application user. For example, user id, a surname (family/last name), given (first) name,
social security number, nickname, username, etc, are all examples of a principal.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>all of this Subject's principals (identifying attributes).</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#getPrincipal()"><code>getPrincipal()</code></a>,
<a href="PrincipalCollection.html#getPrimaryPrincipal()"><code>PrincipalCollection.getPrimaryPrincipal()</code></a></dd>
</dl>
</li>
</ul>
<a id="isPermitted(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.120">isPermitted</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permission)</pre>
<div class="block">Returns <code>true</code> if this Subject is permitted to perform an action or access a resource summarized by the
specified permission string.
<p/>
This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permission</code> - the String representation of a Permission that is being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if this Subject is permitted, false otherwise.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#isPermitted(org.apache.shiro.authz.Permission)"><code>isPermitted(Permission permission)</code></a></dd>
</dl>
</li>
</ul>
<a id="isPermitted(org.apache.shiro.authz.Permission)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.132">isPermitted</a>&#8203;(<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)</pre>
<div class="block">Returns <code>true</code> if this Subject is permitted to perform an action or access a resource summarized by the
specified permission.
<p/>
More specifically, this method determines if any <code>Permission</code>s associated
with the subject <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>imply</code></a> the specified permission.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permission</code> - the permission that is being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if this Subject is permitted, false otherwise.</dd>
</dl>
</li>
</ul>
<a id="isPermitted(java.lang.String...)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">boolean[]&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.148">isPermitted</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</pre>
<div class="block">Checks if this Subject implies the given permission strings and returns a boolean array indicating which
permissions are implied.
<p/>
This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permissions</code> - the String representations of the Permissions that are being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>a boolean array where indices correspond to the index of the
permissions in the given list. A true value at an index indicates this Subject is permitted for
for the associated <code>Permission</code> string in the list. A false value at an index
indicates otherwise.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
</dl>
</li>
</ul>
<a id="isPermitted(java.util.List)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">boolean[]&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.167">isPermitted</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</pre>
<div class="block">Checks if this Subject implies the given Permissions and returns a boolean array indicating which permissions
are implied.
<p/>
More specifically, this method should determine if each <code>Permission</code> in
the array is <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implied</code></a> by permissions
already associated with the subject.
<p/>
This is primarily a performance-enhancing method to help reduce the number of
<a href="#isPermitted(java.lang.String)"><code>isPermitted(java.lang.String)</code></a> invocations over the wire in client/server systems.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permissions</code> - the permissions that are being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>a boolean array where indices correspond to the index of the
permissions in the given list. A true value at an index indicates this Subject is permitted for
for the associated <code>Permission</code> object in the list. A false value at an index
indicates otherwise.</dd>
</dl>
</li>
</ul>
<a id="isPermittedAll(java.lang.String...)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermittedAll</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.180">isPermittedAll</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</pre>
<div class="block">Returns <code>true</code> if this Subject implies all of the specified permission strings, <code>false</code> otherwise.
<p/>
This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a>
variant. Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permissions</code> - the String representations of the Permissions that are being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if this Subject has all of the specified permissions, false otherwise.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#isPermittedAll(java.util.Collection)"><code>isPermittedAll(Collection)</code></a></dd>
</dl>
</li>
</ul>
<a id="isPermittedAll(java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermittedAll</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.191">isPermittedAll</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</pre>
<div class="block">Returns <code>true</code> if this Subject implies all of the specified permissions, <code>false</code> otherwise.
<p/>
More specifically, this method determines if all of the given <code>Permission</code>s are
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implied by</code></a> permissions already associated with this Subject.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permissions</code> - the permissions to check.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if this Subject has all of the specified permissions, false otherwise.</dd>
</dl>
</li>
</ul>
<a id="checkPermission(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermission</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.207">checkPermission</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permission)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block">Ensures this Subject implies the specified permission String.
<p/>
If this subject's existing associated permissions do not <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>Permission.implies(Permission)</code></a> imply}
the given permission, an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.
<p/>
This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permission</code> - the String representation of the Permission to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have the permission.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
</dl>
</li>
</ul>
<a id="checkPermission(org.apache.shiro.authz.Permission)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermission</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.219">checkPermission</a>&#8203;(<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block">Ensures this Subject <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> the specified <code>Permission</code>.
<p/>
If this subject's existing associated permissions do not <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>imply</code></a>
the given permission, an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permission</code> - the Permission to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if this Subject does not have the permission.</dd>
</dl>
</li>
</ul>
<a id="checkPermissions(java.lang.String...)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermissions</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.237">checkPermissions</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block">Ensures this Subject
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.
<p/>
If this subject's existing associated permissions do not
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>imply</code></a> all of the given permissions,
an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.
<p/>
This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permissions</code> - the string representations of Permissions to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if this Subject does not have all of the given permissions.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
</dl>
</li>
</ul>
<a id="checkPermissions(java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermissions</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.251">checkPermissions</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block">Ensures this Subject
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.
<p/>
If this subject's existing associated permissions do not
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>imply</code></a> all of the given permissions,
an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>permissions</code> - the Permissions to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if this Subject does not have all of the given permissions.</dd>
</dl>
</li>
</ul>
<a id="hasRole(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>hasRole</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.259">hasRole</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;roleIdentifier)</pre>
<div class="block">Returns <code>true</code> if this Subject has the specified role, <code>false</code> otherwise.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>roleIdentifier</code> - the application-specific role identifier (usually a role id or role name).</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>true</code> if this Subject has the specified role, <code>false</code> otherwise.</dd>
</dl>
</li>
</ul>
<a id="hasRoles(java.util.List)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>hasRoles</h4>
<pre class="methodSignature">boolean[]&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.273">hasRoles</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</pre>
<div class="block">Checks if this Subject has the specified roles, returning a boolean array indicating
which roles are associated.
<p/>
This is primarily a performance-enhancing method to help reduce the number of
<a href="#hasRole(java.lang.String)"><code>hasRole(java.lang.String)</code></a> invocations over the wire in client/server systems.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>roleIdentifiers</code> - the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>a boolean array where indices correspond to the index of the
roles in the given identifiers. A true value indicates this Subject has the
role at that index. False indicates this Subject does not have the role at that index.</dd>
</dl>
</li>
</ul>
<a id="hasAllRoles(java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>hasAllRoles</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.281">hasAllRoles</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</pre>
<div class="block">Returns <code>true</code> if this Subject has all of the specified roles, <code>false</code> otherwise.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>roleIdentifiers</code> - the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if this Subject has all the roles, false otherwise.</dd>
</dl>
</li>
</ul>
<a id="checkRole(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkRole</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.291">checkRole</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;roleIdentifier)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block">Asserts this Subject has the specified role by returning quietly if they do or throwing an
<a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>roleIdentifier</code> - the application-specific role identifier (usually a role id or role name ).</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if this Subject does not have the role.</dd>
</dl>
</li>
</ul>
<a id="checkRoles(java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkRoles</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.301">checkRoles</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block">Asserts this Subject has all of the specified roles by returning quietly if they do or throwing an
<a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>roleIdentifiers</code> - the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if this Subject does not have all of the specified roles.</dd>
</dl>
</li>
</ul>
<a id="checkRoles(java.lang.String...)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkRoles</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.314">checkRoles</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;roleIdentifiers)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block">Same as <code>checkRoles(Collection<String>roleIdentifiers)</code> but
doesn't require a collection as a an argument.
Asserts this Subject has all of the specified roles by returning quietly if they do or throwing an
<a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>roleIdentifiers</code> - roleIdentifiers the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - org.apache.shiro.authz.AuthorizationException
if this Subject does not have all of the specified roles.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.1.0</dd>
</dl>
</li>
</ul>
<a id="login(org.apache.shiro.authc.AuthenticationToken)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>login</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.332">login</a>&#8203;(<a href="../authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a>&nbsp;token)
throws <a href="../authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></pre>
<div class="block">Performs a login attempt for this Subject/user. If unsuccessful,
an <a href="../authc/AuthenticationException.html" title="class in org.apache.shiro.authc"><code>AuthenticationException</code></a> is thrown, the subclass of which identifies why the attempt failed.
If successful, the account data associated with the submitted principals/credentials will be
associated with this <code>Subject</code> and the method will return quietly.
<p/>
Upon returning quietly, this <code>Subject</code> instance can be considered
authenticated and <a href="#getPrincipal()"><code>getPrincipal()</code></a> will be non-null and
<a href="#isAuthenticated()"><code>isAuthenticated()</code></a> will be <code>true</code>.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>token</code> - the token encapsulating the subject's principals and credentials to be passed to the
Authentication subsystem for verification.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></code> - if the authentication attempt fails.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
</dl>
</li>
</ul>
<a id="isAuthenticated()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isAuthenticated</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.346">isAuthenticated</a>()</pre>
<div class="block">Returns <code>true</code> if this Subject/user proved their identity <em>during their current session</em>
by providing valid credentials matching those known to the system, <code>false</code> otherwise.
<p/>
Note that even if this Subject's identity has been remembered via 'remember me' services, this method will
still return <code>false</code> unless the user has actually logged in with proper credentials <em>during their
current session</em>. See the <a href="#isRemembered()"><code>isRemembered()</code></a> method JavaDoc for more.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>true</code> if this Subject proved their identity during their current session
by providing valid credentials matching those known to the system, <code>false</code> otherwise.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
</dl>
</li>
</ul>
<a id="isRemembered()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isRemembered</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.398">isRemembered</a>()</pre>
<div class="block">Returns <code>true</code> if this <code>Subject</code> has an identity (it is not anonymous) and the identity
(aka <a href="#getPrincipals()"><code>principals</code></a>) is remembered from a successful authentication during a previous
session.
<p/>
Although the underlying implementation determines exactly how this method functions, most implementations have
this method act as the logical equivalent to this code:
<pre>
<a href="#getPrincipal()"><code>getPrincipal()</code></a> != null && !<a href="#isAuthenticated()"><code>isAuthenticated()</code></a></pre>
<p/>
Note as indicated by the above code example, if a <code>Subject</code> is remembered, they are
<em>NOT</em> considered authenticated. A check against <a href="#isAuthenticated()"><code>isAuthenticated()</code></a> is a more
strict check than that reflected by this method. For example, a check to see if a subject can access financial
information should almost always depend on <a href="#isAuthenticated()"><code>isAuthenticated()</code></a> to <em>guarantee</em> a
verified identity, and not this method.
<p/>
Once the subject is authenticated, they are no longer considered only remembered because their identity would
have been verified during the current session.
<h4>Remembered vs Authenticated</h4>
Authentication is the process of <em>proving</em> you are who you say you are. When a user is only remembered,
the remembered identity gives the system an idea who that user probably is, but in reality, has no way of
absolutely <em>guaranteeing</em> if the remembered <code>Subject</code> represents the user currently
using the application.
<p/>
So although many parts of the application can still perform user-specific logic based on the remembered
<a href="#getPrincipals()"><code>principals</code></a>, such as customized views, it should never perform highly-sensitive
operations until the user has legitimately verified their identity by executing a successful authentication
attempt.
<p/>
We see this paradigm all over the web, and we will use <a href="http://www.amazon.com">Amazon.com</a> as an
example:
<p/>
When you visit Amazon.com and perform a login and ask it to 'remember me', it will set a cookie with your
identity. If you don't log out and your session expires, and you come back, say the next day, Amazon still knows
who you <em>probably</em> are: you still see all of your book and movie recommendations and similar user-specific
features since these are based on your (remembered) user id.
<p/>
BUT, if you try to do something sensitive, such as access your account's billing data, Amazon forces you
to do an actual log-in, requiring your username and password.
<p/>
This is because although amazon.com assumed your identity from 'remember me', it recognized that you were not
actually authenticated. The only way to really guarantee you are who you say you are, and therefore allow you
access to sensitive account data, is to force you to perform an actual successful authentication. You can
check this guarantee via the <a href="#isAuthenticated()"><code>isAuthenticated()</code></a> method and not via this method.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>true</code> if this <code>Subject</code>'s identity (aka <a href="#getPrincipals()"><code>principals</code></a>) is
remembered from a successful authentication during a previous session, <code>false</code> otherwise.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
</dl>
</li>
</ul>
<a id="getSession()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getSession</h4>
<pre class="methodSignature"><a href="../session/Session.html" title="interface in org.apache.shiro.session">Session</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.408">getSession</a>()</pre>
<div class="block">Returns the application <code>Session</code> associated with this Subject. If no session exists when this
method is called, a new session will be created, associated with this Subject, and then returned.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the application <code>Session</code> associated with this Subject.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.2</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#getSession(boolean)"><code>getSession(boolean)</code></a></dd>
</dl>
</li>
</ul>
<a id="getSession(boolean)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getSession</h4>
<pre class="methodSignature"><a href="../session/Session.html" title="interface in org.apache.shiro.session">Session</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.426">getSession</a>&#8203;(boolean&nbsp;create)</pre>
<div class="block">Returns the application <code>Session</code> associated with this Subject. Based on the boolean argument,
this method functions as follows:
<ul>
<li>If there is already an existing session associated with this <code>Subject</code>, it is returned and
the <code>create</code> argument is ignored.</li>
<li>If no session exists and <code>create</code> is <code>true</code>, a new session will be created, associated with
this <code>Subject</code> and then returned.</li>
<li>If no session exists and <code>create</code> is <code>false</code>, <code>null</code> is returned.</li>
</ul></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>create</code> - boolean argument determining if a new session should be created or not if there is no existing session.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the application <code>Session</code> associated with this <code>Subject</code> or <code>null</code> based
on the above described logic.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.2</dd>
</dl>
</li>
</ul>
<a id="logout()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>logout</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.444">logout</a>()</pre>
<div class="block">Logs out this Subject and invalidates and/or removes any associated entities,
such as a <a href="../session/Session.html" title="interface in org.apache.shiro.session"><code>Session</code></a> and authorization data. After this method is called, the Subject is
considered 'anonymous' and may continue to be used for another log-in if desired.
<h3>Web Environment Warning</h3>
Calling this method in web environments will usually remove any associated session cookie as part of
session invalidation. Because cookies are part of the HTTP header, and headers can only be set before the
response body (html, image, etc) is sent, this method in web environments must be called before <em>any</em>
content has been rendered.
<p/>
The typical approach most applications use in this scenario is to redirect the user to a different
location (e.g. home page) immediately after calling this method. This is an effect of the HTTP protocol
itself and not a reflection of Shiro's implementation.
<p/>
Non-HTTP environments may of course use a logged-out subject for login again if desired.</div>
</li>
</ul>
<a id="execute(java.util.concurrent.Callable)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>execute</h4>
<pre class="methodSignature">&lt;V&gt;&nbsp;V&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.457">execute</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Callable.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink">Callable</a>&lt;V&gt;&nbsp;callable)
throws <a href="ExecutionException.html" title="class in org.apache.shiro.subject">ExecutionException</a></pre>
<div class="block">Associates the specified <code>Callable</code> with this <code>Subject</code> instance and then executes it on the
currently running thread. If you want to execute the <code>Callable</code> on a different thread, it is better to
use the <a href="#associateWith(java.util.concurrent.Callable)"><code>associateWith(Callable)</code></a> method instead.</div>
<dl>
<dt><span class="paramLabel">Type Parameters:</span></dt>
<dd><code>V</code> - the type of return value the <code>Callable</code> will return</dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>callable</code> - the Callable to associate with this subject and then execute.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the resulting object returned by the <code>Callable</code>'s execution.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="ExecutionException.html" title="class in org.apache.shiro.subject">ExecutionException</a></code> - if the <code>Callable</code>'s <a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Callable.html?is-external=true#call()" title="class or interface in java.util.concurrent" class="externalLink"><code>call</code></a> method throws an exception.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
</dl>
</li>
</ul>
<a id="execute(java.lang.Runnable)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>execute</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.471">execute</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Runnable.html?is-external=true" title="class or interface in java.lang" class="externalLink">Runnable</a>&nbsp;runnable)</pre>
<div class="block">Associates the specified <code>Runnable</code> with this <code>Subject</code> instance and then executes it on the
currently running thread. If you want to execute the <code>Runnable</code> on a different thread, it is better to
use the <a href="#associateWith(java.lang.Runnable)"><code>associateWith(Runnable)</code></a> method instead.
<p/>
<b>Note</b>: This method is primarily provided to execute existing/legacy Runnable implementations. It is better
for new code to use <a href="#execute(java.util.concurrent.Callable)"><code>execute(Callable)</code></a> since that supports the ability to return values and catch
exceptions.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>runnable</code> - the <code>Runnable</code> to associate with this <code>Subject</code> and then execute.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
</dl>
</li>
</ul>
<a id="associateWith(java.util.concurrent.Callable)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>associateWith</h4>
<pre class="methodSignature">&lt;V&gt;&nbsp;<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Callable.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink">Callable</a>&lt;V&gt;&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.487">associateWith</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Callable.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink">Callable</a>&lt;V&gt;&nbsp;callable)</pre>
<div class="block">Returns a <code>Callable</code> instance matching the given argument while additionally ensuring that it will
retain and execute under this Subject's identity. The returned object can be used with an
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/ExecutorService.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink"><code>ExecutorService</code></a> to execute as this Subject.
<p/>
This will effectively ensure that any calls to
<code>SecurityUtils</code>.<a href="../SecurityUtils.html#getSubject()"><code>getSubject()</code></a> and related functionality will continue
to function properly on any thread that executes the returned <code>Callable</code> instance.</div>
<dl>
<dt><span class="paramLabel">Type Parameters:</span></dt>
<dd><code>V</code> - the <code>Callable</code>s return value type</dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>callable</code> - the callable to execute as this <code>Subject</code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>a <code>Callable</code> that can be run as this <code>Subject</code>.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
</dl>
</li>
</ul>
<a id="associateWith(java.lang.Runnable)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>associateWith</h4>
<pre class="methodSignature"><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Runnable.html?is-external=true" title="class or interface in java.lang" class="externalLink">Runnable</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.507">associateWith</a>&#8203;(<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Runnable.html?is-external=true" title="class or interface in java.lang" class="externalLink">Runnable</a>&nbsp;runnable)</pre>
<div class="block">Returns a <code>Runnable</code> instance matching the given argument while additionally ensuring that it will
retain and execute under this Subject's identity. The returned object can be used with an
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/concurrent/Executor.html?is-external=true" title="class or interface in java.util.concurrent" class="externalLink"><code>Executor</code></a> or another thread to execute as this Subject.
<p/>
This will effectively ensure that any calls to
<code>SecurityUtils</code>.<a href="../SecurityUtils.html#getSubject()"><code>getSubject()</code></a> and related functionality will continue
to function properly on any thread that executes the returned <code>Runnable</code> instance.
<p/>
*Note that if you need a return value to be returned as a result of the runnable's execution or if you need to
react to any Exceptions, it is highly recommended to use the
<a href="#associateWith(java.util.concurrent.Callable)"><code>createCallable</code></a> method instead of this one.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>runnable</code> - the runnable to execute as this <code>Subject</code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>a <code>Runnable</code> that can be run as this <code>Subject</code> on another thread.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#associateWith(java.util.concurrent.Callable)"><code>(java.util.concurrent.Callable)</code></a></dd>
</dl>
</li>
</ul>
<a id="runAs(org.apache.shiro.subject.PrincipalCollection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>runAs</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.529">runAs</a>&#8203;(<a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals)
throws <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/NullPointerException.html?is-external=true" title="class or interface in java.lang" class="externalLink">NullPointerException</a>,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang" class="externalLink">IllegalStateException</a></pre>
<div class="block">Allows this subject to 'run as' or 'assume' another identity indefinitely. This can only be
called when the <code>Subject</code> instance already has an identity (i.e. they are remembered from a previous
log-in or they have authenticated during their current session).
<p/>
Some notes about <code>runAs</code>:
<ul>
<li>You can tell if a <code>Subject</code> is 'running as' another identity by calling the
<a href="#isRunAs()"><code>isRunAs()</code></a> method.</li>
<li>If running as another identity, you can determine what the previous 'pre run as' identity
was by calling the <a href="#getPreviousPrincipals()"><code>getPreviousPrincipals()</code></a> method.</li>
<li>When you want a <code>Subject</code> to stop running as another identity, you can return to its previous
'pre run as' identity by calling the <a href="#releaseRunAs()"><code>releaseRunAs()</code></a> method.</li>
</ul></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the identity to 'run as', aka the identity to <em>assume</em> indefinitely.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/NullPointerException.html?is-external=true" title="class or interface in java.lang" class="externalLink">NullPointerException</a></code> - if the specified principals collection is <code>null</code> or empty.</dd>
<dd><code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/IllegalStateException.html?is-external=true" title="class or interface in java.lang" class="externalLink">IllegalStateException</a></code> - if this <code>Subject</code> does not yet have an identity of its own.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
</dl>
</li>
</ul>
<a id="isRunAs()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isRunAs</h4>
<pre class="methodSignature">boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.541">isRunAs</a>()</pre>
<div class="block">Returns <code>true</code> if this <code>Subject</code> is 'running as' another identity other than its original one or
<code>false</code> otherwise (normal <code>Subject</code> state). See the <a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs</code></a> method for more
information.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>true</code> if this <code>Subject</code> is 'running as' another identity other than its original one or
<code>false</code> otherwise (normal <code>Subject</code> state).</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs(org.apache.shiro.subject.PrincipalCollection)</code></a></dd>
</dl>
</li>
</ul>
<a id="getPreviousPrincipals()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getPreviousPrincipals</h4>
<pre class="methodSignature"><a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.554">getPreviousPrincipals</a>()</pre>
<div class="block">Returns the previous 'pre run as' identity of this <code>Subject</code> before assuming the current
<a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs</code></a> identity, or <code>null</code> if this <code>Subject</code> is not operating under an assumed
identity (normal state). See the <a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs</code></a> method for more information.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the previous 'pre run as' identity of this <code>Subject</code> before assuming the current
<a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs</code></a> identity, or <code>null</code> if this <code>Subject</code> is not operating under an assumed
identity (normal state).</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs(org.apache.shiro.subject.PrincipalCollection)</code></a></dd>
</dl>
</li>
</ul>
<a id="releaseRunAs()">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>releaseRunAs</h4>
<pre class="methodSignature"><a href="PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/subject/Subject.html#line.568">releaseRunAs</a>()</pre>
<div class="block">Releases the current 'run as' (assumed) identity and reverts back to the previous 'pre run as'
identity that existed before <code>#runAs runAs</code> was called.
<p/>
This method returns 'run as' (assumed) identity being released or <code>null</code> if this <code>Subject</code> is not
operating under an assumed identity.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the 'run as' (assumed) identity being released or <code>null</code> if this <code>Subject</code> is not operating
under an assumed identity.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="#runAs(org.apache.shiro.subject.PrincipalCollection)"><code>runAs(org.apache.shiro.subject.PrincipalCollection)</code></a></dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>
<!-- ========= END OF CLASS DATA ========= -->
<footer role="contentinfo">
<nav role="navigation">
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a id="navbar.bottom">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/Subject.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li><a href="#nested.class.summary">Nested</a>&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
</nav>
<p class="legalCopy"><small>Copyright &#169; 2004&#x2013;2022 <a href="https://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</small></p>
</footer>
</body>
</html>