Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.2.2 / apidocs / org / apache / shiro / mgt / SecurityManager.html
blob: 8709585ccd284f7614d037a375780f83115d1aee [file] [log] [blame]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc (version 1.7.0_21) on Thu May 30 15:02:18 PDT 2013 -->
<meta http-equiv="Content-Type" content="text/html" charset="UTF-8">
<title>SecurityManager (Apache Shiro 1.2.2 API)</title>
<meta name="date" content="2013-05-30">
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style">
</head>
<body>
<script type="text/javascript"><!--
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="SecurityManager (Apache Shiro 1.2.2 API)";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a name="navbar_top">
<!-- -->
</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/SecurityManager.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../../org/apache/shiro/mgt/RememberMeManager.html" title="interface in org.apache.shiro.mgt"><span class="strong">Prev Class</span></a></li>
<li><a href="../../../../org/apache/shiro/mgt/SessionsSecurityManager.html" title="class in org.apache.shiro.mgt"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../index.html?org/apache/shiro/mgt/SecurityManager.html" target="_top">Frames</a></li>
<li><a href="SecurityManager.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
<!-- ======== START OF CLASS DATA ======== -->
<div class="header">
<div class="subTitle">org.apache.shiro.mgt</div>
<h2 title="Interface SecurityManager" class="title">Interface SecurityManager</h2>
</div>
<div class="contentContainer">
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Superinterfaces:</dt>
<dd><a href="../../../../org/apache/shiro/authc/Authenticator.html" title="interface in org.apache.shiro.authc">Authenticator</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a>, <a href="../../../../org/apache/shiro/session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></dd>
</dl>
<dl>
<dt>All Known Subinterfaces:</dt>
<dd><a href="../../../../org/apache/shiro/web/mgt/WebSecurityManager.html" title="interface in org.apache.shiro.web.mgt">WebSecurityManager</a></dd>
</dl>
<dl>
<dt>All Known Implementing Classes:</dt>
<dd><a href="../../../../org/apache/shiro/mgt/AuthenticatingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthenticatingSecurityManager</a>, <a href="../../../../org/apache/shiro/mgt/AuthorizingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthorizingSecurityManager</a>, <a href="../../../../org/apache/shiro/mgt/CachingSecurityManager.html" title="class in org.apache.shiro.mgt">CachingSecurityManager</a>, <a href="../../../../org/apache/shiro/mgt/DefaultSecurityManager.html" title="class in org.apache.shiro.mgt">DefaultSecurityManager</a>, <a href="../../../../org/apache/shiro/web/mgt/DefaultWebSecurityManager.html" title="class in org.apache.shiro.web.mgt">DefaultWebSecurityManager</a>, <a href="../../../../org/apache/shiro/mgt/RealmSecurityManager.html" title="class in org.apache.shiro.mgt">RealmSecurityManager</a>, <a href="../../../../org/apache/shiro/mgt/SessionsSecurityManager.html" title="class in org.apache.shiro.mgt">SessionsSecurityManager</a></dd>
</dl>
<hr>
<br>
<pre>public interface <a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.57">SecurityManager</a>
extends <a href="../../../../org/apache/shiro/authc/Authenticator.html" title="interface in org.apache.shiro.authc">Authenticator</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a>, <a href="../../../../org/apache/shiro/session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></pre>
<div class="block">A <code>SecurityManager</code> executes all security operations for <em>all</em> Subjects (aka users) across a
single application.
<p/>
The interface itself primarily exists as a convenience - it extends the <a href="../../../../org/apache/shiro/authc/Authenticator.html" title="interface in org.apache.shiro.authc"><code>Authenticator</code></a>,
<a href="../../../../org/apache/shiro/authz/Authorizer.html" title="interface in org.apache.shiro.authz"><code>Authorizer</code></a>, and <a href="../../../../org/apache/shiro/session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt"><code>SessionManager</code></a> interfaces, thereby consolidating
these behaviors into a single point of reference. For most Shiro usages, this simplifies configuration and
tends to be a more convenient approach than referencing <code>Authenticator</code>, <code>Authorizer</code>, and
<code>SessionManager</code> instances separately; instead one only needs to interact with a single
<code>SecurityManager</code> instance.
<p/>
In addition to the above three interfaces, this interface provides a number of methods supporting
<a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject"><code>Subject</code></a> behavior. A <a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject"><code>Subject</code></a> executes
authentication, authorization, and session operations for a <em>single</em> user, and as such can only be
managed by <code>A SecurityManager</code> which is aware of all three functions. The three parent interfaces on the
other hand do not 'know' about <code>Subject</code>s to ensure a clean separation of concerns.
<p/>
<b>Usage Note</b>: In actuality the large majority of application programmers won't interact with a SecurityManager
very often, if at all. <em>Most</em> application programmers only care about security operations for the currently
executing user, usually attained by calling
<a href="../../../../org/apache/shiro/SecurityUtils.html#getSubject()"><code>SecurityUtils.getSubject()</code></a>.
<p/>
Framework developers on the other hand might find working with an actual SecurityManager useful.</div>
<dl><dt><span class="strong">Since:</span></dt>
<dd>0.2</dd>
<dt><span class="strong">See Also:</span></dt><dd><a href="../../../../org/apache/shiro/mgt/DefaultSecurityManager.html" title="class in org.apache.shiro.mgt"><code>DefaultSecurityManager</code></a></dd></dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method_summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code><a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a></code></td>
<td class="colLast"><code><strong><a href="../../../../org/apache/shiro/mgt/SecurityManager.html#createSubject(org.apache.shiro.subject.SubjectContext)">createSubject</a></strong>(<a href="../../../../org/apache/shiro/subject/SubjectContext.html" title="interface in org.apache.shiro.subject">SubjectContext</a>&nbsp;context)</code>
<div class="block">Creates a <code>Subject</code> instance reflecting the specified contextual data.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code><a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a></code></td>
<td class="colLast"><code><strong><a href="../../../../org/apache/shiro/mgt/SecurityManager.html#login(org.apache.shiro.subject.Subject, org.apache.shiro.authc.AuthenticationToken)">login</a></strong>(<a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject,
<a href="../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a>&nbsp;authenticationToken)</code>
<div class="block">Logs in the specified Subject using the given <code>authenticationToken</code>, returning an updated Subject
instance reflecting the authenticated state if successful or throwing <code>AuthenticationException</code> if it is
not.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><strong><a href="../../../../org/apache/shiro/mgt/SecurityManager.html#logout(org.apache.shiro.subject.Subject)">logout</a></strong>(<a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject)</code>
<div class="block">Logs out the specified Subject from the system.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.authc.Authenticator">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.authc.<a href="../../../../org/apache/shiro/authc/Authenticator.html" title="interface in org.apache.shiro.authc">Authenticator</a></h3>
<code><a href="../../../../org/apache/shiro/authc/Authenticator.html#authenticate(org.apache.shiro.authc.AuthenticationToken)">authenticate</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.authz.Authorizer">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.authz.<a href="../../../../org/apache/shiro/authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a></h3>
<code><a href="../../../../org/apache/shiro/authz/Authorizer.html#checkPermission(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.authz.Permission)">checkPermission</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#checkPermission(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">checkPermission</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">checkPermissions</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">checkPermissions</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#checkRole(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">checkRole</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">checkRoles</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">checkRoles</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#hasAllRoles(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">hasAllRoles</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#hasRole(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">hasRole</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#hasRoles(org.apache.shiro.subject.PrincipalCollection, java.util.List)">hasRoles</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.util.List)">isPermitted</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, org.apache.shiro.authz.Permission)">isPermitted</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">isPermitted</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection, java.lang.String)">isPermitted</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection, java.util.Collection)">isPermittedAll</a>, <a href="../../../../org/apache/shiro/authz/Authorizer.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection, java.lang.String...)">isPermittedAll</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.session.mgt.SessionManager">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.session.mgt.<a href="../../../../org/apache/shiro/session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></h3>
<code><a href="../../../../org/apache/shiro/session/mgt/SessionManager.html#getSession(org.apache.shiro.session.mgt.SessionKey)">getSession</a>, <a href="../../../../org/apache/shiro/session/mgt/SessionManager.html#start(org.apache.shiro.session.mgt.SessionContext)">start</a></code></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method_detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a name="login(org.apache.shiro.subject.Subject, org.apache.shiro.authc.AuthenticationToken)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>login</h4>
<pre><a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.77">login</a>(<a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject,
<a href="../../../../org/apache/shiro/authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a>&nbsp;authenticationToken)
throws <a href="../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></pre>
<div class="block">Logs in the specified Subject using the given <code>authenticationToken</code>, returning an updated Subject
instance reflecting the authenticated state if successful or throwing <code>AuthenticationException</code> if it is
not.
<p/>
Note that most application developers should probably not call this method directly unless they have a good
reason for doing so. The preferred way to log in a Subject is to call
<code>subject.<a href="../../../../org/apache/shiro/subject/Subject.html#login(org.apache.shiro.authc.AuthenticationToken)"><code>login(authenticationToken)</code></a></code> (usually after
acquiring the Subject by calling <a href="../../../../org/apache/shiro/SecurityUtils.html#getSubject()"><code>SecurityUtils.getSubject()</code></a>).
<p/>
Framework developers on the other hand might find calling this method directly useful in certain cases.</div>
<dl><dt><span class="strong">Parameters:</span></dt><dd><code>subject</code> - the subject against which the authentication attempt will occur</dd><dd><code>authenticationToken</code> - the token representing the Subject's principal(s) and credential(s)</dd>
<dt><span class="strong">Returns:</span></dt><dd>the subject instance reflecting the authenticated state after a successful attempt</dd>
<dt><span class="strong">Throws:</span></dt>
<dd><code><a href="../../../../org/apache/shiro/authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></code> - if the login attempt failed.</dd><dt><span class="strong">Since:</span></dt>
<dd>1.0</dd></dl>
</li>
</ul>
<a name="logout(org.apache.shiro.subject.Subject)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>logout</h4>
<pre>void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.92">logout</a>(<a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject)</pre>
<div class="block">Logs out the specified Subject from the system.
<p/>
Note that most application developers should not call this method unless they have a good reason for doing
so. The preferred way to logout a Subject is to call
<code><a href="../../../../org/apache/shiro/subject/Subject.html#logout()"><code>Subject.logout()</code></a></code>, not the
<code>SecurityManager</code> directly.
<p/>
Framework developers on the other hand might find calling this method directly useful in certain cases.</div>
<dl><dt><span class="strong">Parameters:</span></dt><dd><code>subject</code> - the subject to log out.</dd><dt><span class="strong">Since:</span></dt>
<dd>1.0</dd></dl>
</li>
</ul>
<a name="createSubject(org.apache.shiro.subject.SubjectContext)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>createSubject</h4>
<pre><a href="../../../../org/apache/shiro/subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.112">createSubject</a>(<a href="../../../../org/apache/shiro/subject/SubjectContext.html" title="interface in org.apache.shiro.subject">SubjectContext</a>&nbsp;context)</pre>
<div class="block">Creates a <code>Subject</code> instance reflecting the specified contextual data.
<p/>
The context can be anything needed by this <code>SecurityManager</code> to construct a <code>Subject</code> instance.
Most Shiro end-users will never call this method - it exists primarily for
framework development and to support any underlying custom <a href="../../../../org/apache/shiro/mgt/SubjectFactory.html" title="interface in org.apache.shiro.mgt"><code>SubjectFactory</code></a> implementations
that may be used by the <code>SecurityManager</code>.
<h4>Usage</h4>
After calling this method, the returned instance is <em>not</em> bound to the application for further use.
Callers are expected to know that <code>Subject</code> instances have local scope only and any
other further use beyond the calling method must be managed explicitly.</div>
<dl><dt><span class="strong">Parameters:</span></dt><dd><code>context</code> - any data needed to direct how the Subject should be constructed.</dd>
<dt><span class="strong">Returns:</span></dt><dd>the <code>Subject</code> instance reflecting the specified initialization data.</dd><dt><span class="strong">Since:</span></dt>
<dd>1.0</dd>
<dt><span class="strong">See Also:</span></dt><dd><a href="../../../../org/apache/shiro/mgt/SubjectFactory.html#createSubject(org.apache.shiro.subject.SubjectContext)"><code>SubjectFactory.createSubject(SubjectContext)</code></a>,
<code>Subject.Builder</code></dd></dl>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>
<!-- ========= END OF CLASS DATA ========= -->
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a name="navbar_bottom">
<!-- -->
</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/SecurityManager.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li><a href="../../../../org/apache/shiro/mgt/RememberMeManager.html" title="interface in org.apache.shiro.mgt"><span class="strong">Prev Class</span></a></li>
<li><a href="../../../../org/apache/shiro/mgt/SessionsSecurityManager.html" title="class in org.apache.shiro.mgt"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../index.html?org/apache/shiro/mgt/SecurityManager.html" target="_top">Frames</a></li>
<li><a href="SecurityManager.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<p class="legalCopy"><small>Copyright &#169; 2004-2013 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.</small></p>
</body>
</html>