Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.11.0 / shiro-core / apidocs / org / apache / shiro / mgt / AuthorizingSecurityManager.html
blob: 52ce61e6a2ad71588731848639a71f09168210d3 [file] [log] [blame]
<!DOCTYPE HTML>
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc -->
<title>AuthorizingSecurityManager (Apache Shiro :: Core 1.11.0 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../script.js"></script>
<script type="text/javascript" src="../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
try {
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="AuthorizingSecurityManager (Apache Shiro :: Core 1.11.0 API)";
}
}
catch(err) {
}
//-->
var data = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10,"i6":10,"i7":10,"i8":10,"i9":10,"i10":10,"i11":10,"i12":10,"i13":10,"i14":10,"i15":10,"i16":10,"i17":10,"i18":10,"i19":10};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav"><!-- Matomo --> <script> var _paq = window._paq = window._paq || []; /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ /* We explicitly disable cookie tracking to avoid privacy issues */ _paq.push(['disableCookies']); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="//matomo.privacy.apache.org/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '2']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script> <!-- End Matomo Code -->
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a id="navbar.top">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/AuthorizingSecurityManager.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>
<!-- ======== START OF CLASS DATA ======== -->
<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.apache.shiro.mgt</a></div>
<h2 title="Class AuthorizingSecurityManager" class="title">Class AuthorizingSecurityManager</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang" class="externalLink">java.lang.Object</a></li>
<li>
<ul class="inheritance">
<li><a href="CachingSecurityManager.html" title="class in org.apache.shiro.mgt">org.apache.shiro.mgt.CachingSecurityManager</a></li>
<li>
<ul class="inheritance">
<li><a href="RealmSecurityManager.html" title="class in org.apache.shiro.mgt">org.apache.shiro.mgt.RealmSecurityManager</a></li>
<li>
<ul class="inheritance">
<li><a href="AuthenticatingSecurityManager.html" title="class in org.apache.shiro.mgt">org.apache.shiro.mgt.AuthenticatingSecurityManager</a></li>
<li>
<ul class="inheritance">
<li>org.apache.shiro.mgt.AuthorizingSecurityManager</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><code><a href="../authc/Authenticator.html" title="interface in org.apache.shiro.authc">Authenticator</a></code>, <code><a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a></code>, <code>org.apache.shiro.cache.CacheManagerAware</code>, <code>org.apache.shiro.event.EventBusAware</code>, <code><a href="SecurityManager.html" title="interface in org.apache.shiro.mgt">SecurityManager</a></code>, <code><a href="../session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></code>, <code>org.apache.shiro.util.Destroyable</code></dd>
</dl>
<dl>
<dt>Direct Known Subclasses:</dt>
<dd><code><a href="SessionsSecurityManager.html" title="class in org.apache.shiro.mgt">SessionsSecurityManager</a></code></dd>
</dl>
<hr>
<pre>public abstract class <a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.47">AuthorizingSecurityManager</a>
extends <a href="AuthenticatingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthenticatingSecurityManager</a></pre>
<div class="block">Shiro support of a <a href="SecurityManager.html" title="interface in org.apache.shiro.mgt"><code>SecurityManager</code></a> class hierarchy that delegates all
authorization (access control) operations to a wrapped <a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz"><code>Authorizer</code></a> instance. That is,
this class implements all the <tt>Authorizer</tt> methods in the <a href="SecurityManager.html" title="interface in org.apache.shiro.mgt"><code>SecurityManager</code></a>
interface, but in reality, those methods are merely passthrough calls to the underlying 'real'
<tt>Authorizer</tt> instance.
<p>All remaining <tt>SecurityManager</tt> methods not covered by this class or its parents (mostly Session support)
are left to be implemented by subclasses.
<p>In keeping with the other classes in this hierarchy and Shiro's desire to minimize configuration whenever
possible, suitable default instances for all dependencies will be created upon instantiation.</div>
<dl>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.9</dd>
</dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.summary">
<!-- -->
</a>
<h3>Constructor Summary</h3>
<table class="memberSummary">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Constructor</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="#%3Cinit%3E()">AuthorizingSecurityManager</a></span>()</code></th>
<td class="colLast">
<div class="block">Default no-arg constructor that initializes an internal default
<a href="../authz/ModularRealmAuthorizer.html" title="class in org.apache.shiro.authz"><code>ModularRealmAuthorizer</code></a>.</div>
</td>
</tr>
</table>
</li>
</ul>
</section>
<!-- ========== METHOD SUMMARY =========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code>protected void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#afterRealmsSet()">afterRealmsSet</a></span>()</code></th>
<td class="colLast">
<div class="block">First calls <code>super.afterRealmsSet()</code> and then sets these same <code>Realm</code> objects on this
instance's wrapped <a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz"><code>Authorizer</code></a>.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermission(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">checkPermission</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permission)</code></th>
<td class="colLast">
<div class="block">Ensures the corresponding Subject/user implies the specified permission String.</div>
</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermission(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">checkPermission</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)</code></th>
<td class="colLast">
<div class="block">Ensures a subject/user <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>Permission.implies(Permission)</code></a> implies} the specified <tt>Permission</tt>.</div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">checkPermissions</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Ensures the corresponding Subject/user
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">checkPermissions</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Ensures the corresponding Subject/user
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.</div>
</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">checkRole</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;role)</code></th>
<td class="colLast">
<div class="block">Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an
<a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">checkRoles</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;roles)</code></th>
<td class="colLast">
<div class="block">Same as <a href="../authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)"><code>checkRoles(PrincipalCollection subjectPrincipal, Collection&lt;String&gt; roleIdentifiers)</code></a> but doesn't require a collection
as an argument.</div>
</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">checkRoles</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roles)</code></th>
<td class="colLast">
<div class="block">Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or
throwing an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#destroy()">destroy</a></span>()</code></th>
<td class="colLast">
<div class="block">Destroys the <a href="CachingSecurityManager.html#getCacheManager()"><code>cacheManager</code></a> via <code>LifecycleUtils.destroy</code>.</div>
</td>
</tr>
<tr id="i9" class="rowColor">
<td class="colFirst"><code><a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#getAuthorizer()">getAuthorizer</a></span>()</code></th>
<td class="colLast">
<div class="block">Returns the underlying wrapped <tt>Authorizer</tt> instance to which this <tt>SecurityManager</tt>
implementation delegates all of its authorization calls.</div>
</td>
</tr>
<tr id="i10" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#hasAllRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">hasAllRoles</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</code></th>
<td class="colLast">
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user has all of the specified roles, <tt>false</tt> otherwise.</div>
</td>
</tr>
<tr id="i11" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#hasRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">hasRole</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;roleIdentifier)</code></th>
<td class="colLast">
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user has the specified role, <tt>false</tt> otherwise.</div>
</td>
</tr>
<tr id="i12" class="altColor">
<td class="colFirst"><code>boolean[]</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#hasRoles(org.apache.shiro.subject.PrincipalCollection,java.util.List)">hasRoles</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</code></th>
<td class="colLast">
<div class="block">Checks if the corresponding Subject/user has the specified roles, returning a boolean array indicating
which roles are associated with the given subject.</div>
</td>
</tr>
<tr id="i13" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">isPermitted</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permissionString)</code></th>
<td class="colLast">
<div class="block">Returns <tt>true</tt> if the corresponding subject/user is permitted to perform an action or access a resource
summarized by the specified permission string.</div>
</td>
</tr>
<tr id="i14" class="altColor">
<td class="colFirst"><code>boolean[]</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">isPermitted</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Checks if the corresponding Subject implies the given permission strings and returns a boolean array
indicating which permissions are implied.</div>
</td>
</tr>
<tr id="i15" class="rowColor">
<td class="colFirst"><code>boolean[]</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.util.List)">isPermitted</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Checks if the corresponding Subject/user implies the given Permissions and returns a boolean array indicating
which permissions are implied.</div>
</td>
</tr>
<tr id="i16" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermitted(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">isPermitted</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)</code></th>
<td class="colLast">
<div class="block">Returns <tt>true</tt> if the corresponding subject/user is permitted to perform an action or access a resource
summarized by the specified permission.</div>
</td>
</tr>
<tr id="i17" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">isPermittedAll</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user implies all of the specified permission strings,
<tt>false</tt> otherwise.</div>
</td>
</tr>
<tr id="i18" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">isPermittedAll</a></span>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</code></th>
<td class="colLast">
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user implies all of the specified permissions, <tt>false</tt>
otherwise.</div>
</td>
</tr>
<tr id="i19" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#setAuthorizer(org.apache.shiro.authz.Authorizer)">setAuthorizer</a></span>&#8203;(<a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a>&nbsp;authorizer)</code></th>
<td class="colLast">
<div class="block">Sets the underlying <tt>Authorizer</tt> instance to which this <tt>SecurityManager</tt> implementation will
delegate all of its authorization calls.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.mgt.AuthenticatingSecurityManager">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.mgt.<a href="AuthenticatingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthenticatingSecurityManager</a></h3>
<code><a href="AuthenticatingSecurityManager.html#authenticate(org.apache.shiro.authc.AuthenticationToken)">authenticate</a>, <a href="AuthenticatingSecurityManager.html#getAuthenticator()">getAuthenticator</a>, <a href="AuthenticatingSecurityManager.html#setAuthenticator(org.apache.shiro.authc.Authenticator)">setAuthenticator</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.mgt.RealmSecurityManager">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.mgt.<a href="RealmSecurityManager.html" title="class in org.apache.shiro.mgt">RealmSecurityManager</a></h3>
<code><a href="RealmSecurityManager.html#afterCacheManagerSet()">afterCacheManagerSet</a>, <a href="RealmSecurityManager.html#afterEventBusSet()">afterEventBusSet</a>, <a href="RealmSecurityManager.html#applyCacheManagerToRealms()">applyCacheManagerToRealms</a>, <a href="RealmSecurityManager.html#applyEventBusToRealms()">applyEventBusToRealms</a>, <a href="RealmSecurityManager.html#getRealms()">getRealms</a>, <a href="RealmSecurityManager.html#setRealm(org.apache.shiro.realm.Realm)">setRealm</a>, <a href="RealmSecurityManager.html#setRealms(java.util.Collection)">setRealms</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.mgt.CachingSecurityManager">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.mgt.<a href="CachingSecurityManager.html" title="class in org.apache.shiro.mgt">CachingSecurityManager</a></h3>
<code><a href="CachingSecurityManager.html#applyEventBusToCacheManager()">applyEventBusToCacheManager</a>, <a href="CachingSecurityManager.html#getCacheManager()">getCacheManager</a>, <a href="CachingSecurityManager.html#getEventBus()">getEventBus</a>, <a href="CachingSecurityManager.html#setCacheManager(org.apache.shiro.cache.CacheManager)">setCacheManager</a>, <a href="CachingSecurityManager.html#setEventBus(org.apache.shiro.event.EventBus)">setEventBus</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.java.lang.Object">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;java.lang.<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang" class="externalLink">Object</a></h3>
<code><a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang" class="externalLink">clone</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang" class="externalLink">equals</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang" class="externalLink">finalize</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang" class="externalLink">getClass</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang" class="externalLink">hashCode</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang" class="externalLink">notify</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang" class="externalLink">notifyAll</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#toString()" title="class or interface in java.lang" class="externalLink">toString</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang" class="externalLink">wait</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang" class="externalLink">wait</a>, <a href="https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html?is-external=true#wait(long,int)" title="class or interface in java.lang" class="externalLink">wait</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.mgt.SecurityManager">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.mgt.<a href="SecurityManager.html" title="interface in org.apache.shiro.mgt">SecurityManager</a></h3>
<code><a href="SecurityManager.html#createSubject(org.apache.shiro.subject.SubjectContext)">createSubject</a>, <a href="SecurityManager.html#login(org.apache.shiro.subject.Subject,org.apache.shiro.authc.AuthenticationToken)">login</a>, <a href="SecurityManager.html#logout(org.apache.shiro.subject.Subject)">logout</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.session.mgt.SessionManager">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.session.mgt.<a href="../session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></h3>
<code><a href="../session/mgt/SessionManager.html#getSession(org.apache.shiro.session.mgt.SessionKey)">getSession</a>, <a href="../session/mgt/SessionManager.html#start(org.apache.shiro.session.mgt.SessionContext)">start</a></code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.detail">
<!-- -->
</a>
<h3>Constructor Detail</h3>
<a id="&lt;init&gt;()">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>AuthorizingSecurityManager</h4>
<pre>public&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.58">AuthorizingSecurityManager</a>()</pre>
<div class="block">Default no-arg constructor that initializes an internal default
<a href="../authz/ModularRealmAuthorizer.html" title="class in org.apache.shiro.authz"><code>ModularRealmAuthorizer</code></a>.</div>
</li>
</ul>
</li>
</ul>
</section>
<!-- ============ METHOD DETAIL ========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a id="getAuthorizer()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getAuthorizer</h4>
<pre class="methodSignature">public&nbsp;<a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.69">getAuthorizer</a>()</pre>
<div class="block">Returns the underlying wrapped <tt>Authorizer</tt> instance to which this <tt>SecurityManager</tt>
implementation delegates all of its authorization calls.</div>
<dl>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the wrapped <tt>Authorizer</tt> used by this <tt>SecurityManager</tt> implementation.</dd>
</dl>
</li>
</ul>
<a id="setAuthorizer(org.apache.shiro.authz.Authorizer)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setAuthorizer</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.80">setAuthorizer</a>&#8203;(<a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a>&nbsp;authorizer)</pre>
<div class="block">Sets the underlying <tt>Authorizer</tt> instance to which this <tt>SecurityManager</tt> implementation will
delegate all of its authorization calls.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>authorizer</code> - the <tt>Authorizer</tt> this <tt>SecurityManager</tt> should wrap and delegate all of its
authorization calls to.</dd>
</dl>
</li>
</ul>
<a id="afterRealmsSet()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>afterRealmsSet</h4>
<pre class="methodSignature">protected&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.99">afterRealmsSet</a>()</pre>
<div class="block">First calls <code>super.afterRealmsSet()</code> and then sets these same <code>Realm</code> objects on this
instance's wrapped <a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz"><code>Authorizer</code></a>.
<p/>
The setting of realms the Authorizer will only occur if it is an instance of
<a href="../authz/ModularRealmAuthorizer.html" title="class in org.apache.shiro.authz"><code>ModularRealmAuthorizer</code></a>, that is:
<pre>
if ( this.authorizer instanceof ModularRealmAuthorizer ) {
((ModularRealmAuthorizer)this.authorizer).setRealms(realms);
}</pre></div>
<dl>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="AuthenticatingSecurityManager.html#afterRealmsSet()">afterRealmsSet</a></code>&nbsp;in class&nbsp;<code><a href="AuthenticatingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthenticatingSecurityManager</a></code></dd>
</dl>
</li>
</ul>
<a id="destroy()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>destroy</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.106">destroy</a>()</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from class:&nbsp;<code><a href="CachingSecurityManager.html#destroy()">CachingSecurityManager</a></code></span></div>
<div class="block">Destroys the <a href="CachingSecurityManager.html#getCacheManager()"><code>cacheManager</code></a> via <code>LifecycleUtils.destroy</code>.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code>destroy</code>&nbsp;in interface&nbsp;<code>org.apache.shiro.util.Destroyable</code></dd>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="AuthenticatingSecurityManager.html#destroy()">destroy</a></code>&nbsp;in class&nbsp;<code><a href="AuthenticatingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthenticatingSecurityManager</a></code></dd>
</dl>
</li>
</ul>
<a id="isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.112">isPermitted</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permissionString)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">Authorizer</a></code></span></div>
<div class="block">Returns <tt>true</tt> if the corresponding subject/user is permitted to perform an action or access a resource
summarized by the specified permission string.
<p>This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permissionString</code> - the String representation of a Permission that is being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if the corresponding Subject/user is permitted, false otherwise.</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)"><code>Authorizer.isPermitted(PrincipalCollection principals,Permission permission)</code></a></dd>
</dl>
</li>
</ul>
<a id="isPermitted(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.116">isPermitted</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">Authorizer</a></code></span></div>
<div class="block">Returns <tt>true</tt> if the corresponding subject/user is permitted to perform an action or access a resource
summarized by the specified permission.
<p>More specifically, this method determines if any <tt>Permission</tt>s associated
with the subject <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>imply</code></a> the specified permission.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permission</code> - the permission that is being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if the corresponding Subject/user is permitted, false otherwise.</dd>
</dl>
</li>
</ul>
<a id="isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">public&nbsp;boolean[]&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.120">isPermitted</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">Authorizer</a></code></span></div>
<div class="block">Checks if the corresponding Subject implies the given permission strings and returns a boolean array
indicating which permissions are implied.
<p>This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permissions</code> - the String representations of the Permissions that are being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>an array of booleans whose indices correspond to the index of the
permissions in the given list. A true value at an index indicates the user is permitted for
for the associated <tt>Permission</tt> string in the list. A false value at an index
indicates otherwise.</dd>
</dl>
</li>
</ul>
<a id="isPermitted(org.apache.shiro.subject.PrincipalCollection,java.util.List)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermitted</h4>
<pre class="methodSignature">public&nbsp;boolean[]&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.124">isPermitted</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.util.List)">Authorizer</a></code></span></div>
<div class="block">Checks if the corresponding Subject/user implies the given Permissions and returns a boolean array indicating
which permissions are implied.
<p>More specifically, this method should determine if each <tt>Permission</tt> in
the array is <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implied</code></a> by permissions
already associated with the subject.
<p>This is primarily a performance-enhancing method to help reduce the number of
<a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String)"><code>Authorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, java.lang.String)</code></a> invocations over the wire in client/server systems.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permissions</code> - the permissions that are being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>an array of booleans whose indices correspond to the index of the
permissions in the given list. A true value at an index indicates the user is permitted for
for the associated <tt>Permission</tt> object in the list. A false value at an index
indicates otherwise.</dd>
</dl>
</li>
</ul>
<a id="isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermittedAll</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.128">isPermittedAll</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">Authorizer</a></code></span></div>
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user implies all of the specified permission strings,
<tt>false</tt> otherwise.
<p>This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permissions</code> - the String representations of the Permissions that are being checked.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if the user has all of the specified permissions, false otherwise.</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../authz/Authorizer.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)"><code>Authorizer.isPermittedAll(PrincipalCollection,Collection)</code></a></dd>
</dl>
</li>
</ul>
<a id="isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>isPermittedAll</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.132">isPermittedAll</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">Authorizer</a></code></span></div>
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user implies all of the specified permissions, <tt>false</tt>
otherwise.
<p>More specifically, this method determines if all of the given <tt>Permission</tt>s are
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implied by</code></a> permissions already associated with the subject.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permissions</code> - the permissions to check.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if the user has all of the specified permissions, false otherwise.</dd>
</dl>
</li>
</ul>
<a id="checkPermission(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermission</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.136">checkPermission</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;permission)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#checkPermission(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">Authorizer</a></code></span></div>
<div class="block">Ensures the corresponding Subject/user implies the specified permission String.
<p>If the subject's existing associated permissions do not <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>Permission.implies(Permission)</code></a> imply}
the given permission, an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.
<p>This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permission</code> - the String representation of the Permission to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have the permission.</dd>
</dl>
</li>
</ul>
<a id="checkPermission(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermission</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.140">checkPermission</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&nbsp;permission)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#checkPermission(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">Authorizer</a></code></span></div>
<div class="block">Ensures a subject/user <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>Permission.implies(Permission)</code></a> implies} the specified <tt>Permission</tt>.
If the subject's existing associated permissions do not <a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>Permission.implies(Permission)</code></a> imply}
the given permission, an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permission</code> - the Permission to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have the permission.</dd>
</dl>
</li>
</ul>
<a id="checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermissions</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.144">checkPermissions</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;permissions)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">Authorizer</a></code></span></div>
<div class="block">Ensures the corresponding Subject/user
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.
If the subject's existing associated permissions do not
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>imply</code></a> all of the given permissions,
an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.
<p>This is an overloaded method for the corresponding type-safe <a href="../authz/Permission.html" title="interface in org.apache.shiro.authz"><code>Permission</code></a> variant.
Please see the class-level JavaDoc for more information on these String-based permission methods.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permissions</code> - the string representations of Permissions to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have all of the given permissions.</dd>
</dl>
</li>
</ul>
<a id="checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkPermissions</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.148">checkPermissions</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="../authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</a>&gt;&nbsp;permissions)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">Authorizer</a></code></span></div>
<div class="block">Ensures the corresponding Subject/user
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>implies</code></a> all of the
specified permission strings.
If the subject's existing associated permissions do not
<a href="../authz/Permission.html#implies(org.apache.shiro.authz.Permission)"><code>imply</code></a> all of the given permissions,
an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> will be thrown.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>permissions</code> - the Permissions to check.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have all of the given permissions.</dd>
</dl>
</li>
</ul>
<a id="hasRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>hasRole</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.152">hasRole</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;roleIdentifier)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#hasRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">Authorizer</a></code></span></div>
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user has the specified role, <tt>false</tt> otherwise.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>roleIdentifier</code> - the application-specific role identifier (usually a role id or role name).</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><tt>true</tt> if the corresponding subject has the specified role, <tt>false</tt> otherwise.</dd>
</dl>
</li>
</ul>
<a id="hasRoles(org.apache.shiro.subject.PrincipalCollection,java.util.List)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>hasRoles</h4>
<pre class="methodSignature">public&nbsp;boolean[]&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.156">hasRoles</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/List.html?is-external=true" title="class or interface in java.util" class="externalLink">List</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#hasRoles(org.apache.shiro.subject.PrincipalCollection,java.util.List)">Authorizer</a></code></span></div>
<div class="block">Checks if the corresponding Subject/user has the specified roles, returning a boolean array indicating
which roles are associated with the given subject.
<p>This is primarily a performance-enhancing method to help reduce the number of
<a href="../authz/Authorizer.html#hasRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)"><code>Authorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, java.lang.String)</code></a> invocations over the wire in client/server systems.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>roleIdentifiers</code> - the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>an array of booleans whose indices correspond to the index of the
roles in the given identifiers. A true value indicates the user has the
role at that index. False indicates the user does not have the role at that index.</dd>
</dl>
</li>
</ul>
<a id="hasAllRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>hasAllRoles</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.160">hasAllRoles</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roleIdentifiers)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#hasAllRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">Authorizer</a></code></span></div>
<div class="block">Returns <tt>true</tt> if the corresponding Subject/user has all of the specified roles, <tt>false</tt> otherwise.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>roleIdentifiers</code> - the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>true if the user has all the roles, false otherwise.</dd>
</dl>
</li>
</ul>
<a id="checkRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkRole</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.164">checkRole</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&nbsp;role)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#checkRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">Authorizer</a></code></span></div>
<div class="block">Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an
<a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>role</code> - the application-specific role identifier (usually a role id or role name ).</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have the role.</dd>
</dl>
</li>
</ul>
<a id="checkRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>checkRoles</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.168">checkRoles</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/util/Collection.html?is-external=true" title="class or interface in java.util" class="externalLink">Collection</a>&lt;<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>&gt;&nbsp;roles)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">Authorizer</a></code></span></div>
<div class="block">Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or
throwing an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>roles</code> - the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have all of the specified roles.</dd>
</dl>
</li>
</ul>
<a id="checkRoles(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>checkRoles</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/AuthorizingSecurityManager.html#line.172">checkRoles</a>&#8203;(<a href="../subject/PrincipalCollection.html" title="interface in org.apache.shiro.subject">PrincipalCollection</a>&nbsp;principals,
<a href="https://docs.oracle.com/javase/8/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang" class="externalLink">String</a>...&nbsp;roles)
throws <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">Authorizer</a></code></span></div>
<div class="block">Same as <a href="../authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)"><code>checkRoles(PrincipalCollection subjectPrincipal, Collection&lt;String&gt; roleIdentifiers)</code></a> but doesn't require a collection
as an argument.
Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or
throwing an <a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz"><code>AuthorizationException</code></a> if they do not.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principals</code> - the application-specific subject/user identifier.</dd>
<dd><code>roles</code> - the application-specific role identifiers to check (usually role ids or role names).</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authz/AuthorizationException.html" title="class in org.apache.shiro.authz">AuthorizationException</a></code> - if the user does not have all of the specified roles.</dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>
<!-- ========= END OF CLASS DATA ========= -->
<footer role="contentinfo">
<nav role="navigation">
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a id="navbar.bottom">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/AuthorizingSecurityManager.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
</nav>
<p class="legalCopy"><small>Copyright &#169; 2004&#x2013;2023 <a href="https://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</small></p>
</footer>
</body>
</html>