src/site/assets/static/1.2.3/apidocs/org/apache/shiro/authz/Permission.html - shiro-site - Git at Google

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <!--NewPage-->
 <HTML>
 <HEAD>
 <!-- Generated by javadoc (build 1.6.0_65) on Tue Feb 25 18:15:46 EST 2014 -->
 <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
 <TITLE>
 Permission (Apache Shiro 1.2.3 API)
 </TITLE>

 <META NAME="date" CONTENT="2014-02-25">

 <LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../stylesheet.css" TITLE="Style">

 <SCRIPT type="text/javascript">
 function windowTitle()
 {
     if (location.href.indexOf('is-external=true') == -1) {
         parent.document.title="Permission (Apache Shiro 1.2.3 API)";
     }
 }
 </SCRIPT>
 <NOSCRIPT>
 </NOSCRIPT>

 </HEAD>

 <BODY BGCOLOR="white" onload="windowTitle();">
 <HR>


 <!-- ========= START OF TOP NAVBAR ======= -->
 <A NAME="navbar_top"><!-- --></A>
 <A HREF="#skip-navbar_top" title="Skip navigation links"></A>
 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
 <TR>
 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
 <A NAME="navbar_top_firstrow"><!-- --></A>
 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
   <TR ALIGN="center" VALIGN="top">
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/Permission.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
   </TR>
 </TABLE>
 </TD>
 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
 </EM>
 </TD>
 </TR>

 <TR>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
 &nbsp;<A HREF="../../../../org/apache/shiro/authz/ModularRealmAuthorizer.html" title="class in org.apache.shiro.authz"><B>PREV CLASS</B></A>&nbsp;
 &nbsp;<A HREF="../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><B>NEXT CLASS</B></A></FONT></TD>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
   <A HREF="../../../../index.html?org/apache/shiro/authz/Permission.html" target="_top"><B>FRAMES</B></A>  &nbsp;
 &nbsp;<A HREF="Permission.html" target="_top"><B>NO FRAMES</B></A>  &nbsp;
 &nbsp;<SCRIPT type="text/javascript">
   <!--
   if(window==top) {
     document.writeln('<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>');
   }
   //-->
 </SCRIPT>
 <NOSCRIPT>
   <A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>
 </NOSCRIPT>


 </FONT></TD>
 </TR>
 <TR>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
   SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
 DETAIL:&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
 </TR>
 </TABLE>
 <A NAME="skip-navbar_top"></A>
 <!-- ========= END OF TOP NAVBAR ========= -->

 <HR>
 <!-- ======== START OF CLASS DATA ======== -->
 <H2>
 <FONT SIZE="-1">
 org.apache.shiro.authz</FONT>
 <BR>
 Interface Permission</H2>
 <DL>
 <DT><B>All Known Implementing Classes:</B> <DD><A HREF="../../../../org/apache/shiro/authz/permission/AllPermission.html" title="class in org.apache.shiro.authz.permission">AllPermission</A>, <A HREF="../../../../org/apache/shiro/authz/permission/DomainPermission.html" title="class in org.apache.shiro.authz.permission">DomainPermission</A>, <A HREF="../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission">WildcardPermission</A></DD>
 </DL>
 <HR>
 <DL>
 <DT><PRE>public interface <A HREF="../../../../src-html/org/apache/shiro/authz/Permission.html#line.66"><B>Permission</B></A></DL>
 </PRE>

 <P>
 A Permission represents the ability to perform an action or access a resource.  A Permission is the most
  granular, or atomic, unit in a system's security policy and is the cornerstone upon which fine-grained security
  models are built.
  <p/>
  It is important to understand a Permission instance only represents functionality or access - it does not grant it.
  Granting access to an application functionality or a particular resource is done by the application's security
  configuration, typically by assigning Permissions to users, roles and/or groups.
  <p/>
  Most typical systems are what the Shiro team calls <em>role-based</em> in nature, where a role represents
  common behavior for certain user types.  For example, a system might have an <em>Aministrator</em> role, a
  <em>User</em> or <em>Guest</em> roles, etc.
  <p/>
  But if you have a dynamic security model, where roles can be created and deleted at runtime, you can't hard-code
  role names in your code.  In this environment, roles themselves aren't aren't very useful.  What matters is what
  <em>permissions</em> are assigned to these roles.
  <p/>
  Under this paradigm, permissions are immutable and reflect an application's raw functionality
  (opening files, accessing a web URL, creating users, etc).  This is what allows a system's security policy
  to be dynamic: because Permissions represent raw functionality and only change when the application's
  source code changes, they are immutable at runtime - they represent 'what' the system can do.  Roles, users, and
  groups are the 'who' of the application.  Determining 'who' can do 'what' then becomes a simple exercise of
  associating Permissions to roles, users, and groups in some way.
  <p/>
  Most applications do this by associating a named role with permissions (i.e. a role 'has a' collection of
  Permissions) and then associate users with roles (i.e. a user 'has a' collection of roles) so that by transitive
  association, the user 'has' the permissions in their roles.  There are numerous variations on this theme
  (permissions assigned directly to users, or assigned to groups, and users added to groups and these groups in turn
  have roles, etc, etc).  When employing a permission-based security model instead of a role-based one, users, roles,
  and groups can all be created, configured and/or deleted at runtime.  This enables  an extremely powerful security
  model.
  <p/>
  A benefit to Shiro is that, although it assumes most systems are based on these types of static role or
  dynamic role w/ permission schemes, it does not require a system to model their security data this way - all
  Permission checks are relegated to <A HREF="../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm"><CODE>Realm</CODE></A> implementations, and only those
  implementations really determine how a user 'has' a permission or not.  The Realm could use the semantics described
  here, or it could utilize some other mechanism entirely - it is always up to the application developer.
  <p/>
  Shiro provides a very powerful default implementation of this interface in the form of the
  <A HREF="../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><CODE>WildcardPermission</CODE></A>.  We highly recommend that you
  investigate this class before trying to implement your own <code>Permission</code>s.
 <P>

 <P>
 <DL>
 <DT><B>Since:</B></DT>
   <DD>0.2</DD>
 <DT><B>See Also:</B><DD><A HREF="../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><CODE>WildcardPermission</CODE></A></DL>
 <HR>

 <P>

 <!-- ========== METHOD SUMMARY =========== -->

 <A NAME="method_summary"><!-- --></A>
 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
 <TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
 <B>Method Summary</B></FONT></TH>
 </TR>
 <TR BGCOLOR="white" CLASS="TableRowColor">
 <TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
 <CODE>&nbsp;boolean</CODE></FONT></TD>
 <TD><CODE><B><A HREF="../../../../org/apache/shiro/authz/Permission.html#implies(org.apache.shiro.authz.Permission)">implies</A></B>(<A HREF="../../../../org/apache/shiro/authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</A>&nbsp;p)</CODE>

 <BR>
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns <code>true</code> if this current instance <em>implies</em> all the functionality and/or resource access
  described by the specified <code>Permission</code> argument, <code>false</code> otherwise.</TD>
 </TR>
 </TABLE>
 &nbsp;
 <P>

 <!-- ============ METHOD DETAIL ========== -->

 <A NAME="method_detail"><!-- --></A>
 <TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
 <TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
 <TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
 <B>Method Detail</B></FONT></TH>
 </TR>
 </TABLE>

 <A NAME="implies(org.apache.shiro.authz.Permission)"><!-- --></A><H3>
 implies</H3>
 <PRE>
 boolean <A HREF="../../../../src-html/org/apache/shiro/authz/Permission.html#line.84"><B>implies</B></A>(<A HREF="../../../../org/apache/shiro/authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</A>&nbsp;p)</PRE>
 <DL>
 <DD>Returns <code>true</code> if this current instance <em>implies</em> all the functionality and/or resource access
  described by the specified <code>Permission</code> argument, <code>false</code> otherwise.
  <p/>
  <p>That is, this current instance must be exactly equal to or a <em>superset</em> of the functionalty
  and/or resource access described by the given <code>Permission</code> argument.  Yet another way of saying this
  would be:
  <p/>
  <p>If &quot;permission1 implies permission2&quot;, i.e. <code>permission1.implies(permission2)</code> ,
  then any Subject granted <code>permission1</code> would have ability greater than or equal to that defined by
  <code>permission2</code>.
 <P>
 <DD><DL>
 <DT><B>Parameters:</B><DD><CODE>p</CODE> - the permission to check for behavior/functionality comparison.
 <DT><B>Returns:</B><DD><code>true</code> if this current instance <em>implies</em> all the functionality and/or resource access
          described by the specified <code>Permission</code> argument, <code>false</code> otherwise.</DL>
 </DD>
 </DL>
 <!-- ========= END OF CLASS DATA ========= -->
 <HR>


 <!-- ======= START OF BOTTOM NAVBAR ====== -->
 <A NAME="navbar_bottom"><!-- --></A>
 <A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
 <TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
 <TR>
 <TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
 <A NAME="navbar_bottom_firstrow"><!-- --></A>
 <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
   <TR ALIGN="center" VALIGN="top">
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/Permission.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
   <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
   </TR>
 </TABLE>
 </TD>
 <TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
 </EM>
 </TD>
 </TR>

 <TR>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
 &nbsp;<A HREF="../../../../org/apache/shiro/authz/ModularRealmAuthorizer.html" title="class in org.apache.shiro.authz"><B>PREV CLASS</B></A>&nbsp;
 &nbsp;<A HREF="../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><B>NEXT CLASS</B></A></FONT></TD>
 <TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
   <A HREF="../../../../index.html?org/apache/shiro/authz/Permission.html" target="_top"><B>FRAMES</B></A>  &nbsp;
 &nbsp;<A HREF="Permission.html" target="_top"><B>NO FRAMES</B></A>  &nbsp;
 &nbsp;<SCRIPT type="text/javascript">
   <!--
   if(window==top) {
     document.writeln('<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>');
   }
   //-->
 </SCRIPT>
 <NOSCRIPT>
   <A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>
 </NOSCRIPT>


 </FONT></TD>
 </TR>
 <TR>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
   SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
 <TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
 DETAIL:&nbsp;FIELD&nbsp;|&nbsp;CONSTR&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
 </TR>
 </TABLE>
 <A NAME="skip-navbar_bottom"></A>
 <!-- ======== END OF BOTTOM NAVBAR ======= -->

 <HR>
 Copyright &#169; 2004-2014 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.
 </BODY>
 </HTML>
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
	<!--NewPage-->
	<HTML>
	<HEAD>
	<!-- Generated by javadoc (build 1.6.0_65) on Tue Feb 25 18:15:46 EST 2014 -->
	<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<TITLE>
	Permission (Apache Shiro 1.2.3 API)
	</TITLE>

	<META NAME="date" CONTENT="2014-02-25">

	<LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../stylesheet.css" TITLE="Style">

	<SCRIPT type="text/javascript">
	function windowTitle()
	{
	if (location.href.indexOf('is-external=true') == -1) {
	parent.document.title="Permission (Apache Shiro 1.2.3 API)";
	}
	}
	</SCRIPT>
	<NOSCRIPT>
	</NOSCRIPT>

	</HEAD>

	<BODY BGCOLOR="white" onload="windowTitle();">
	<HR>


	<!-- ========= START OF TOP NAVBAR ======= -->
	<A NAME="navbar_top"><!-- --></A>
	<A HREF="#skip-navbar_top" title="Skip navigation links"></A>
	<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
	<TR>
	<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
	<A NAME="navbar_top_firstrow"><!-- --></A>
	<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
	<TR ALIGN="center" VALIGN="top">
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD>
	<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev">  <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/Permission.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD>
	</TR>
	</TABLE>
	</TD>
	<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
	</EM>
	</TD>
	</TR>

	<TR>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../org/apache/shiro/authz/ModularRealmAuthorizer.html" title="class in org.apache.shiro.authz"><B>PREV CLASS</B></A>
	<A HREF="../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><B>NEXT CLASS</B></A></FONT></TD>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../index.html?org/apache/shiro/authz/Permission.html" target="_top"><B>FRAMES</B></A>
	<A HREF="Permission.html" target="_top"><B>NO FRAMES</B></A>
	<SCRIPT type="text/javascript">
	<!--
	if(window==top) {
	document.writeln('<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>');
	}
	//-->
	</SCRIPT>
	<NOSCRIPT>
	<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>
	</NOSCRIPT>


	</FONT></TD>
	</TR>
	<TR>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	SUMMARY: NESTED \| FIELD \| CONSTR \| <A HREF="#method_summary">METHOD</A></FONT></TD>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	DETAIL: FIELD \| CONSTR \| <A HREF="#method_detail">METHOD</A></FONT></TD>
	</TR>
	</TABLE>
	<A NAME="skip-navbar_top"></A>
	<!-- ========= END OF TOP NAVBAR ========= -->

	<HR>
	<!-- ======== START OF CLASS DATA ======== -->
	<H2>
	<FONT SIZE="-1">
	org.apache.shiro.authz</FONT>
	<BR>
	Interface Permission</H2>
	<DL>
	<DT><B>All Known Implementing Classes:</B> <DD><A HREF="../../../../org/apache/shiro/authz/permission/AllPermission.html" title="class in org.apache.shiro.authz.permission">AllPermission</A>, <A HREF="../../../../org/apache/shiro/authz/permission/DomainPermission.html" title="class in org.apache.shiro.authz.permission">DomainPermission</A>, <A HREF="../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission">WildcardPermission</A></DD>
	</DL>
	<HR>
	<DL>
	<DT><PRE>public interface <A HREF="../../../../src-html/org/apache/shiro/authz/Permission.html#line.66"><B>Permission</B></A></DL>
	</PRE>

	<P>
	A Permission represents the ability to perform an action or access a resource. A Permission is the most
	granular, or atomic, unit in a system's security policy and is the cornerstone upon which fine-grained security
	models are built.
	<p/>
	It is important to understand a Permission instance only represents functionality or access - it does not grant it.
	Granting access to an application functionality or a particular resource is done by the application's security
	configuration, typically by assigning Permissions to users, roles and/or groups.
	<p/>
	Most typical systems are what the Shiro team calls <em>role-based</em> in nature, where a role represents
	common behavior for certain user types. For example, a system might have an <em>Aministrator</em> role, a
	<em>User</em> or <em>Guest</em> roles, etc.
	<p/>
	But if you have a dynamic security model, where roles can be created and deleted at runtime, you can't hard-code
	role names in your code. In this environment, roles themselves aren't aren't very useful. What matters is what
	<em>permissions</em> are assigned to these roles.
	<p/>
	Under this paradigm, permissions are immutable and reflect an application's raw functionality
	(opening files, accessing a web URL, creating users, etc). This is what allows a system's security policy
	to be dynamic: because Permissions represent raw functionality and only change when the application's
	source code changes, they are immutable at runtime - they represent 'what' the system can do. Roles, users, and
	groups are the 'who' of the application. Determining 'who' can do 'what' then becomes a simple exercise of
	associating Permissions to roles, users, and groups in some way.
	<p/>
	Most applications do this by associating a named role with permissions (i.e. a role 'has a' collection of
	Permissions) and then associate users with roles (i.e. a user 'has a' collection of roles) so that by transitive
	association, the user 'has' the permissions in their roles. There are numerous variations on this theme
	(permissions assigned directly to users, or assigned to groups, and users added to groups and these groups in turn
	have roles, etc, etc). When employing a permission-based security model instead of a role-based one, users, roles,
	and groups can all be created, configured and/or deleted at runtime. This enables an extremely powerful security
	model.
	<p/>
	A benefit to Shiro is that, although it assumes most systems are based on these types of static role or
	dynamic role w/ permission schemes, it does not require a system to model their security data this way - all
	Permission checks are relegated to <A HREF="../../../../org/apache/shiro/realm/Realm.html" title="interface in org.apache.shiro.realm"><CODE>Realm</CODE></A> implementations, and only those
	implementations really determine how a user 'has' a permission or not. The Realm could use the semantics described
	here, or it could utilize some other mechanism entirely - it is always up to the application developer.
	<p/>
	Shiro provides a very powerful default implementation of this interface in the form of the
	<A HREF="../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><CODE>WildcardPermission</CODE></A>. We highly recommend that you
	investigate this class before trying to implement your own <code>Permission</code>s.
	<P>

	<P>
	<DL>
	<DT><B>Since:</B></DT>
	<DD>0.2</DD>
	<DT><B>See Also:</B><DD><A HREF="../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><CODE>WildcardPermission</CODE></A></DL>
	<HR>

	<P>

	<!-- ========== METHOD SUMMARY =========== -->

	<A NAME="method_summary"><!-- --></A>
	<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
	<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
	<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
	<B>Method Summary</B></FONT></TH>
	</TR>
	<TR BGCOLOR="white" CLASS="TableRowColor">
	<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
	<CODE> boolean</CODE></FONT></TD>
	<TD><CODE><B><A HREF="../../../../org/apache/shiro/authz/Permission.html#implies(org.apache.shiro.authz.Permission)">implies</A></B>(<A HREF="../../../../org/apache/shiro/authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</A> p)</CODE>

	<BR>
	Returns <code>true</code> if this current instance <em>implies</em> all the functionality and/or resource access
	described by the specified <code>Permission</code> argument, <code>false</code> otherwise.</TD>
	</TR>
	</TABLE>

	<P>

	<!-- ============ METHOD DETAIL ========== -->

	<A NAME="method_detail"><!-- --></A>
	<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
	<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
	<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
	<B>Method Detail</B></FONT></TH>
	</TR>
	</TABLE>

	<A NAME="implies(org.apache.shiro.authz.Permission)"><!-- --></A><H3>
	implies</H3>
	<PRE>
	boolean <A HREF="../../../../src-html/org/apache/shiro/authz/Permission.html#line.84"><B>implies</B></A>(<A HREF="../../../../org/apache/shiro/authz/Permission.html" title="interface in org.apache.shiro.authz">Permission</A> p)</PRE>
	<DL>
	<DD>Returns <code>true</code> if this current instance <em>implies</em> all the functionality and/or resource access
	described by the specified <code>Permission</code> argument, <code>false</code> otherwise.
	<p/>
	<p>That is, this current instance must be exactly equal to or a <em>superset</em> of the functionalty
	and/or resource access described by the given <code>Permission</code> argument. Yet another way of saying this
	would be:
	<p/>
	<p>If "permission1 implies permission2", i.e. <code>permission1.implies(permission2)</code> ,
	then any Subject granted <code>permission1</code> would have ability greater than or equal to that defined by
	<code>permission2</code>.
	<P>
	<DD><DL>
	<DT><B>Parameters:</B><DD><CODE>p</CODE> - the permission to check for behavior/functionality comparison.
	<DT><B>Returns:</B><DD><code>true</code> if this current instance <em>implies</em> all the functionality and/or resource access
	described by the specified <code>Permission</code> argument, <code>false</code> otherwise.</DL>
	</DD>
	</DL>
	<!-- ========= END OF CLASS DATA ========= -->
	<HR>


	<!-- ======= START OF BOTTOM NAVBAR ====== -->
	<A NAME="navbar_bottom"><!-- --></A>
	<A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
	<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
	<TR>
	<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
	<A NAME="navbar_bottom_firstrow"><!-- --></A>
	<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
	<TR ALIGN="center" VALIGN="top">
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A> </TD>
	<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev">  <FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/Permission.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A> </TD>
	<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A> </TD>
	</TR>
	</TABLE>
	</TD>
	<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
	</EM>
	</TD>
	</TR>

	<TR>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../org/apache/shiro/authz/ModularRealmAuthorizer.html" title="class in org.apache.shiro.authz"><B>PREV CLASS</B></A>
	<A HREF="../../../../org/apache/shiro/authz/SimpleAuthorizationInfo.html" title="class in org.apache.shiro.authz"><B>NEXT CLASS</B></A></FONT></TD>
	<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
	<A HREF="../../../../index.html?org/apache/shiro/authz/Permission.html" target="_top"><B>FRAMES</B></A>
	<A HREF="Permission.html" target="_top"><B>NO FRAMES</B></A>
	<SCRIPT type="text/javascript">
	<!--
	if(window==top) {
	document.writeln('<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>');
	}
	//-->
	</SCRIPT>
	<NOSCRIPT>
	<A HREF="../../../../allclasses-noframe.html"><B>All Classes</B></A>
	</NOSCRIPT>


	</FONT></TD>
	</TR>
	<TR>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	SUMMARY: NESTED \| FIELD \| CONSTR \| <A HREF="#method_summary">METHOD</A></FONT></TD>
	<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
	DETAIL: FIELD \| CONSTR \| <A HREF="#method_detail">METHOD</A></FONT></TD>
	</TR>
	</TABLE>
	<A NAME="skip-navbar_bottom"></A>
	<!-- ======== END OF BOTTOM NAVBAR ======= -->

	<HR>
	Copyright © 2004-2014 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.
	</BODY>
	</HTML>