Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.2.2 / apidocs / org / apache / shiro / web / filter / authz / AuthorizationFilter.html
blob: 4880dcd74ea3672e7cdb5a1af032c42eb2a13e39 [file] [log] [blame]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!-- NewPage -->
<html lang="en">
<head>
<!-- Generated by javadoc (version 1.7.0_21) on Thu May 30 15:02:19 PDT 2013 -->
<meta http-equiv="Content-Type" content="text/html" charset="UTF-8">
<title>AuthorizationFilter (Apache Shiro 1.2.2 API)</title>
<meta name="date" content="2013-05-30">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
</head>
<body>
<script type="text/javascript"><!--
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="AuthorizationFilter (Apache Shiro 1.2.2 API)";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a name="navbar_top">
<!-- -->
</a><a href="#skip-navbar_top" title="Skip navigation links"></a><a name="navbar_top_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/AuthorizationFilter.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li>Prev Class</li>
<li><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../../../index.html?org/apache/shiro/web/filter/authz/AuthorizationFilter.html" target="_top">Frames</a></li>
<li><a href="AuthorizationFilter.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="#fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
<!-- ======== START OF CLASS DATA ======== -->
<div class="header">
<div class="subTitle">org.apache.shiro.web.filter.authz</div>
<h2 title="Class AuthorizationFilter" class="title">Class AuthorizationFilter</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li>
<li>
<ul class="inheritance">
<li><a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.ServletContextSupport</a></li>
<li>
<ul class="inheritance">
<li><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AbstractFilter</a></li>
<li>
<ul class="inheritance">
<li><a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.NameableFilter</a></li>
<li>
<ul class="inheritance">
<li><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.OncePerRequestFilter</a></li>
<li>
<ul class="inheritance">
<li><a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AdviceFilter</a></li>
<li>
<ul class="inheritance">
<li><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.PathMatchingFilter</a></li>
<li>
<ul class="inheritance">
<li><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.AccessControlFilter</a></li>
<li>
<ul class="inheritance">
<li>org.apache.shiro.web.filter.authz.AuthorizationFilter</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/Filter.html?is-external=true" title="class or interface in javax.servlet">Filter</a>, <a href="../../../../../../org/apache/shiro/util/Nameable.html" title="interface in org.apache.shiro.util">Nameable</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathConfigProcessor.html" title="interface in org.apache.shiro.web.filter">PathConfigProcessor</a></dd>
</dl>
<dl>
<dt>Direct Known Subclasses:</dt>
<dd><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz">HostFilter</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">PermissionsAuthorizationFilter</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/PortFilter.html" title="class in org.apache.shiro.web.filter.authz">PortFilter</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">RolesAuthorizationFilter</a></dd>
</dl>
<hr>
<br>
<pre>public abstract class <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.39">AuthorizationFilter</a>
extends <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></pre>
<div class="block">Superclass for authorization-related filters. If an request is unauthorized, response handling is delegated to the
<a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)"><code>onAccessDenied</code></a> method, which
provides reasonable handling for most applications.</div>
<dl><dt><span class="strong">Since:</span></dt>
<dd>0.9</dd>
<dt><span class="strong">See Also:</span></dt><dd><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)"><code>onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)</code></a></dd></dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- =========== FIELD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="field_summary">
<!-- -->
</a>
<h3>Field Summary</h3>
<ul class="blockList">
<li class="blockList"><a name="fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">
<!-- -->
</a>
<h3>Fields inherited from class&nbsp;org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#DEFAULT_LOGIN_URL">DEFAULT_LOGIN_URL</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#GET_METHOD">GET_METHOD</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#POST_METHOD">POST_METHOD</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="fields_inherited_from_class_org.apache.shiro.web.filter.PathMatchingFilter">
<!-- -->
</a>
<h3>Fields inherited from class&nbsp;org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#appliedPaths">appliedPaths</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathMatcher">pathMatcher</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="fields_inherited_from_class_org.apache.shiro.web.servlet.OncePerRequestFilter">
<!-- -->
</a>
<h3>Fields inherited from class&nbsp;org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#ALREADY_FILTERED_SUFFIX">ALREADY_FILTERED_SUFFIX</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="fields_inherited_from_class_org.apache.shiro.web.servlet.AbstractFilter">
<!-- -->
</a>
<h3>Fields inherited from class&nbsp;org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#filterConfig">filterConfig</a></code></li>
</ul>
</li>
</ul>
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor_summary">
<!-- -->
</a>
<h3>Constructor Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colOne" scope="col">Constructor and Description</th>
</tr>
<tr class="altColor">
<td class="colOne"><code><strong><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#AuthorizationFilter()">AuthorizationFilter</a></strong>()</code>&nbsp;</td>
</tr>
</table>
</li>
</ul>
<!-- ========== METHOD SUMMARY =========== -->
<ul class="blockList">
<li class="blockList"><a name="method_summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="overviewSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation">
<caption><span>Methods</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colLast" scope="col">Method and Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code><a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td>
<td class="colLast"><code><strong><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl()">getUnauthorizedUrl</a></strong>()</code>
<div class="block">Returns the URL to which users should be redirected if they are denied access to an underlying path or resource,
or <code>null</code> if a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response should be issued (401 Unauthorized).</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>protected boolean</code></td>
<td class="colLast"><code><strong><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">onAccessDenied</a></strong>(<a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a>&nbsp;request,
<a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</a>&nbsp;response)</code>
<div class="block">Handles the response when access has been denied.</div>
</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>void</code></td>
<td class="colLast"><code><strong><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl(java.lang.String)">setUnauthorizedUrl</a></strong>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;unauthorizedUrl)</code>
<div class="block">Sets the URL to which users should be redirected if they are denied access to an underlying path or resource.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getLoginUrl()">getLoginUrl</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getSubject(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">getSubject</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">isAccessAllowed</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isLoginRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">isLoginRequest</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">onAccessDenied</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onPreHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">onPreHandle</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#redirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">redirectToLogin</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequest(javax.servlet.ServletRequest)">saveRequest</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">saveRequestAndRedirectToLogin</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#setLoginUrl(java.lang.String)">setLoginUrl</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.web.filter.PathMatchingFilter">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#getPathWithinApplication(javax.servlet.ServletRequest)">getPathWithinApplication</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.String, java.lang.Object)">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch(java.lang.String, javax.servlet.ServletRequest)">pathsMatch</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch(java.lang.String, java.lang.String)">pathsMatch</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#preHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">preHandle</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#processPathConfig(java.lang.String, java.lang.String)">processPathConfig</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.web.servlet.AdviceFilter">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">AdviceFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#afterCompletion(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Exception)">afterCompletion</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#cleanup(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Exception)">cleanup</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#doFilterInternal(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">doFilterInternal</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#executeChain(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">executeChain</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#postHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">postHandle</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.web.servlet.OncePerRequestFilter">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">doFilter</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#getAlreadyFilteredAttributeName()">getAlreadyFilteredAttributeName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled()">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#setEnabled(boolean)">setEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#shouldNotFilter(javax.servlet.ServletRequest)">shouldNotFilter</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.web.servlet.NameableFilter">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">NameableFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#getName()">getName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#setName(java.lang.String)">setName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#toStringBuilder()">toStringBuilder</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.web.servlet.AbstractFilter">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#destroy()">destroy</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getFilterConfig()">getFilterConfig</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getInitParam(java.lang.String)">getInitParam</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#init(javax.servlet.FilterConfig)">init</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#onFilterConfigSet()">onFilterConfigSet</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#setFilterConfig(javax.servlet.FilterConfig)">setFilterConfig</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_org.apache.shiro.web.servlet.ServletContextSupport">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">ServletContextSupport</a></h3>
<code><a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextAttribute(java.lang.String)">getContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextInitParam(java.lang.String)">getContextInitParam</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getServletContext()">getServletContext</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#removeContextAttribute(java.lang.String)">removeContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setContextAttribute(java.lang.String, java.lang.Object)">setContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setServletContext(javax.servlet.ServletContext)">setServletContext</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#toString()">toString</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a name="methods_inherited_from_class_java.lang.Object">
<!-- -->
</a>
<h3>Methods inherited from class&nbsp;java.lang.<a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3>
<code><a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</a>, <a href="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</a></code></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<ul class="blockList">
<li class="blockList"><a name="constructor_detail">
<!-- -->
</a>
<h3>Constructor Detail</h3>
<a name="AuthorizationFilter()">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>AuthorizationFilter</h4>
<pre>public&nbsp;<a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.39">AuthorizationFilter</a>()</pre>
</li>
</ul>
</li>
</ul>
<!-- ============ METHOD DETAIL ========== -->
<ul class="blockList">
<li class="blockList"><a name="method_detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a name="getUnauthorizedUrl()">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>getUnauthorizedUrl</h4>
<pre>public&nbsp;<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;<a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.59">getUnauthorizedUrl</a>()</pre>
<div class="block">Returns the URL to which users should be redirected if they are denied access to an underlying path or resource,
or <code>null</code> if a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response should be issued (401 Unauthorized).
<p/>
The default is <code>null</code>, ensuring default web server behavior. Override this default by calling the
<a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl(java.lang.String)"><code>setUnauthorizedUrl</code></a> method with a meaningful path within your application
if you would like to show the user a 'nice' page in the event of unauthorized access.</div>
<dl><dt><span class="strong">Returns:</span></dt><dd>the URL to which users should be redirected if they are denied access to an underlying path or resource,
or <code>null</code> if a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response should be issued (401 Unauthorized).</dd></dl>
</li>
</ul>
<a name="setUnauthorizedUrl(java.lang.String)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>setUnauthorizedUrl</h4>
<pre>public&nbsp;void&nbsp;<a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.77">setUnauthorizedUrl</a>(<a href="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>&nbsp;unauthorizedUrl)</pre>
<div class="block">Sets the URL to which users should be redirected if they are denied access to an underlying path or resource.
<p/>
If the value is <code>null</code> a raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response will
be issued (401 Unauthorized), retaining default web server behavior.
<p/>
Unless overridden by calling this method, the default value is <code>null</code>. If desired, you can specify a
meaningful path within your application if you would like to show the user a 'nice' page in the event of
unauthorized access.</div>
<dl><dt><span class="strong">Parameters:</span></dt><dd><code>unauthorizedUrl</code> - the URL to which users should be redirected if they are denied access to an underlying
path or resource, or <code>null</code> to a ensure raw <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> response is
issued (401 Unauthorized).</dd></dl>
</li>
</ul>
<a name="onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>onAccessDenied</h4>
<pre>protected&nbsp;boolean&nbsp;<a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/AuthorizationFilter.html#line.106">onAccessDenied</a>(<a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a>&nbsp;request,
<a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</a>&nbsp;response)
throws <a href="http://java.sun.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></pre>
<div class="block">Handles the response when access has been denied. It behaves as follows:
<ul>
<li>If the <code>Subject</code> is unknown<sup><a href="#known">[1]</a></sup>:
<ol><li>The incoming request will be saved and they will be redirected to the login page for authentication
(via the <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)"><code>AccessControlFilter.saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)</code></a>
method).</li>
<li>Once successfully authenticated, they will be redirected back to the originally attempted page.</li></ol>
</li>
<li>If the Subject is known:</li>
<ol>
<li>The HTTP <a href="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletResponse.html?is-external=true#SC_UNAUTHORIZED" title="class or interface in javax.servlet.http"><code>HttpServletResponse.SC_UNAUTHORIZED</code></a> header will be set (401 Unauthorized)</li>
<li>If the <a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl()"><code>unauthorizedUrl</code></a> has been configured, a redirect will be issued to that
URL. Otherwise the 401 response is rendered normally</li>
</ul>
<code><a name="known">[1]</a></code>: A <code>Subject</code> is 'known' when
<code>subject.<a href="../../../../../../org/apache/shiro/subject/Subject.html#getPrincipal()"><code>getPrincipal()</code></a></code> is not <code>null</code>,
which implicitly means that the subject is either currently authenticated or they have been remembered via
'remember me' services.</div>
<dl>
<dt><strong>Specified by:</strong></dt>
<dd><code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">onAccessDenied</a></code>&nbsp;in class&nbsp;<code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></code></dd>
<dt><span class="strong">Parameters:</span></dt><dd><code>request</code> - the incoming <code>ServletRequest</code></dd><dd><code>response</code> - the outgoing <code>ServletResponse</code></dd>
<dt><span class="strong">Returns:</span></dt><dd><code>false</code> always for this implementation.</dd>
<dt><span class="strong">Throws:</span></dt>
<dd><code><a href="http://java.sun.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></code> - if there is any servlet error.</dd></dl>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>
<!-- ========= END OF CLASS DATA ========= -->
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a name="navbar_bottom">
<!-- -->
</a><a href="#skip-navbar_bottom" title="Skip navigation links"></a><a name="navbar_bottom_firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../../overview-summary.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/AuthorizationFilter.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList">
<li>Prev Class</li>
<li><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="strong">Next Class</span></a></li>
</ul>
<ul class="navList">
<li><a href="../../../../../../index.html?org/apache/shiro/web/filter/authz/AuthorizationFilter.html" target="_top">Frames</a></li>
<li><a href="AuthorizationFilter.html" target="_top">No Frames</a></li>
</ul>
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="#fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">Field</a>&nbsp;|&nbsp;</li>
<li><a href="#constructor_summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li><a href="#constructor_detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="#method_detail">Method</a></li>
</ul>
</div>
<a name="skip-navbar_bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<p class="legalCopy"><small>Copyright &#169; 2004-2013 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.</small></p>
</body>
</html>