Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.2.3 / apidocs / org / apache / shiro / web / filter / authz / HttpMethodPermissionFilter.html
blob: 1a8f7d6af3a4ddbcc847490fe745b0fa13b709c5 [file] [log] [blame]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--NewPage-->
<HTML>
<HEAD>
<!-- Generated by javadoc (build 1.6.0_65) on Tue Feb 25 18:15:52 EST 2014 -->
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<TITLE>
HttpMethodPermissionFilter (Apache Shiro 1.2.3 API)
</TITLE>
<META NAME="date" CONTENT="2014-02-25">
<LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../../stylesheet.css" TITLE="Style">
<SCRIPT type="text/javascript">
function windowTitle()
{
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="HttpMethodPermissionFilter (Apache Shiro 1.2.3 API)";
}
}
</SCRIPT>
<NOSCRIPT>
</NOSCRIPT>
</HEAD>
<BODY BGCOLOR="white" onload="windowTitle();">
<HR>
<!-- ========= START OF TOP NAVBAR ======= -->
<A NAME="navbar_top"><!-- --></A>
<A HREF="#skip-navbar_top" title="Skip navigation links"></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_top_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
<TR ALIGN="center" VALIGN="top">
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/HttpMethodPermissionFilter.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
</TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
</EM>
</TD>
</TR>
<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;<A HREF="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><B>PREV CLASS</B></A>&nbsp;
&nbsp;<A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../../../index.html?org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html" target="_top"><B>FRAMES</B></A> &nbsp;
&nbsp;<A HREF="HttpMethodPermissionFilter.html" target="_top"><B>NO FRAMES</B></A> &nbsp;
&nbsp;<SCRIPT type="text/javascript">
<!--
if(window==top) {
document.writeln('<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
}
//-->
</SCRIPT>
<NOSCRIPT>
<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>
</NOSCRIPT>
</FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;<A HREF="#fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">FIELD</A>&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL:&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<A NAME="skip-navbar_top"></A>
<!-- ========= END OF TOP NAVBAR ========= -->
<HR>
<!-- ======== START OF CLASS DATA ======== -->
<H2>
<FONT SIZE="-1">
org.apache.shiro.web.filter.authz</FONT>
<BR>
Class HttpMethodPermissionFilter</H2>
<PRE>
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.ServletContextSupport</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AbstractFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.NameableFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.OncePerRequestFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AdviceFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.PathMatchingFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.AccessControlFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">org.apache.shiro.web.filter.authz.AuthorizationFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><B>org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter</B>
</PRE>
<DL>
<DT><B>All Implemented Interfaces:</B> <DD><A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/Filter.html?is-external=true" title="class or interface in javax.servlet">Filter</A>, <A HREF="../../../../../../org/apache/shiro/util/Nameable.html" title="interface in org.apache.shiro.util">Nameable</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathConfigProcessor.html" title="interface in org.apache.shiro.web.filter">PathConfigProcessor</A></DD>
</DL>
<HR>
<DL>
<DT><PRE>public class <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.78"><B>HttpMethodPermissionFilter</B></A><DT>extends <A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">PermissionsAuthorizationFilter</A></DL>
</PRE>
<P>
A filter that translates an HTTP Request's Method (eg GET, POST, etc)
into an corresponding action (verb) and uses that verb to construct a permission that will be checked to determine
access.
<p/>
This Filter is primarily provided to support REST environments where the type (Method)
of request translates to an action being performed on one or more resources. This paradigm works well with Shiro's
concepts of using permissions for access control and can be leveraged to easily perform permission checks.
<p/>
This filter functions as follows:
<ol>
<li>The incoming HTTP request's Method (GET, POST, PUT, DELETE, etc) is discovered.</li>
<li>The Method is translated into a more 'application friendly' verb, such as 'create', edit', 'delete', etc.</li>
<li>The verb is appended to any configured permissions for the
<A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter"><CODE>currently matching path</CODE></A>.</li>
<li>If the current <code>Subject</code> <A HREF="../../../../../../org/apache/shiro/subject/Subject.html#isPermitted(java.lang.String)"><CODE>isPermitted</CODE></A> to
perform the resolved action, the request is allowed to continue.</li>
</ol>
<p/>
For example, if the following filter chain was defined, where 'rest' was the name given to a filter instance of
this class:
<pre>
/user/** = rest[user]</pre>
Then an HTTP <code>GET</code> request to <code>/user/1234</code> would translate to the constructed permission
<code>user:read</code> (GET is mapped to the 'read' action) and execute the permission check
<code>Subject.isPermitted(&quot;user:read&quot;)</code> in order to allow the request to continue.
<p/>
Similarly, an HTTP <code>POST</code> to <code>/user</code> would translate to the constructed permission
<code>user:create</code> (POST is mapped to the 'create' action) and execute the permission check
<code>Subject.isPermitted(&quot;user:create&quot;)</code> in order to allow the request to continue.
<p/>
<h3>Method To Verb Mapping</h3>
The following table represents the default HTTP Method-to-action verb mapping:
<table>
<tr><th>HTTP Method</th><th>Mapped Action</th><th>Example Permission</th><th>Runtime Check</th></tr>
<tr><td>head</td><td>read</td><td>perm1</td><td>perm1:read</td></tr>
<tr><td>get</td><td>read</td><td>perm2</td><td>perm2:read</td></tr>
<tr><td>put</td><td>update</td><td>perm3</td><td>perm3:update</td></tr>
<tr><td>post</td><td>create</td><td>perm4</td><td>perm4:create</td></tr>
<tr><td>mkcol</td><td>create</td><td>perm5</td><td>perm5:create</td></tr>
<tr><td>options</td><td>read</td><td>perm6</td><td>perm6:read</td></tr>
<tr><td>trace</td><td>read</td><td>perm7</td><td>perm7:read</td></tr>
</table>
<P>
<P>
<DL>
<DT><B>Since:</B></DT>
<DD>1.0</DD>
</DL>
<HR>
<P>
<!-- =========== FIELD SUMMARY =========== -->
<A NAME="field_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Field Summary</B></FONT></TH>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#DEFAULT_LOGIN_URL">DEFAULT_LOGIN_URL</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#GET_METHOD">GET_METHOD</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#POST_METHOD">POST_METHOD</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.filter.PathMatchingFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#appliedPaths">appliedPaths</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathMatcher">pathMatcher</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.servlet.OncePerRequestFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#ALREADY_FILTERED_SUFFIX">ALREADY_FILTERED_SUFFIX</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.servlet.AbstractFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#filterConfig">filterConfig</A></CODE></TD>
</TR>
</TABLE>
&nbsp;
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<A NAME="constructor_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Constructor Summary</B></FONT></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#HttpMethodPermissionFilter()">HttpMethodPermissionFilter</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Creates the filter instance with default method-to-action values in the instance's
<A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodActions()"><CODE>http method actions map</CODE></A>.</TD>
</TR>
</TABLE>
&nbsp;
<!-- ========== METHOD SUMMARY =========== -->
<A NAME="method_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Method Summary</B></FONT></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[]</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions(javax.servlet.http.HttpServletRequest, java.lang.String[], java.lang.String)">buildPermissions</A></B>(<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html?is-external=true" title="class or interface in javax.servlet.http">HttpServletRequest</A>&nbsp;request,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[]&nbsp;configuredPerms,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;action)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns a collection of String permissions with which to perform a permission check to determine if the filter
will allow the request to continue.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[]</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions(java.lang.String[], java.lang.String)">buildPermissions</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[]&nbsp;configuredPerms,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;action)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Builds a new array of permission strings based on the original argument, appending the specified action verb
to each one per <A HREF="../../../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><CODE>WildcardPermission</CODE></A> conventions.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodAction(javax.servlet.ServletRequest)">getHttpMethodAction</A></B>(<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</A>&nbsp;request)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Determines the action (verb) attempting to be performed on the filtered resource by the current request.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodAction(java.lang.String)">getHttpMethodAction</A></B>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;method)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Determines the corresponding application action that will be performed on the filtered resource based on the
specified HTTP method (GET, POST, etc).</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;<A HREF="http://java.sun.com/javase/6/docs/api/java/util/Map.html?is-external=true" title="class or interface in java.util">Map</A>&lt;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>,<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&gt;</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodActions()">getHttpMethodActions</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the HTTP Method name (key) to action verb (value) mapping used to resolve actions based on an
incoming <code>HttpServletRequest</code>.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>&nbsp;boolean</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">isAccessAllowed</A></B>(<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</A>&nbsp;request,
<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</A>&nbsp;response,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;mappedValue)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Resolves an 'application friendly' action verb based on the <code>HttpServletRequest</code>'s method, appends that
action to each configured permission (the <code>mappedValue</code> argument is a <code>String[]</code> array), and
delegates the permission check for the newly constructed permission(s) to the superclass
<A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html#isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)"><CODE>isAccessAllowed</CODE></A>
implementation to perform the actual permission check.</TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.filter.authz.AuthorizationFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.filter.authz.<A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">AuthorizationFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl()">getUnauthorizedUrl</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">onAccessDenied</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl(java.lang.String)">setUnauthorizedUrl</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getLoginUrl()">getLoginUrl</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getSubject(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">getSubject</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isLoginRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">isLoginRequest</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">onAccessDenied</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onPreHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">onPreHandle</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#redirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">redirectToLogin</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequest(javax.servlet.ServletRequest)">saveRequest</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">saveRequestAndRedirectToLogin</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#setLoginUrl(java.lang.String)">setLoginUrl</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.filter.PathMatchingFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#getPathWithinApplication(javax.servlet.ServletRequest)">getPathWithinApplication</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.String, java.lang.Object)">isEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch(java.lang.String, javax.servlet.ServletRequest)">pathsMatch</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch(java.lang.String, java.lang.String)">pathsMatch</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#preHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">preHandle</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#processPathConfig(java.lang.String, java.lang.String)">processPathConfig</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.AdviceFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">AdviceFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#afterCompletion(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Exception)">afterCompletion</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#cleanup(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Exception)">cleanup</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#doFilterInternal(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">doFilterInternal</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#executeChain(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">executeChain</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#postHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">postHandle</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.OncePerRequestFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">doFilter</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#getAlreadyFilteredAttributeName()">getAlreadyFilteredAttributeName</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled()">isEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">isEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#setEnabled(boolean)">setEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#shouldNotFilter(javax.servlet.ServletRequest)">shouldNotFilter</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.NameableFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">NameableFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#getName()">getName</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#setName(java.lang.String)">setName</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#toStringBuilder()">toStringBuilder</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.AbstractFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#destroy()">destroy</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getFilterConfig()">getFilterConfig</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getInitParam(java.lang.String)">getInitParam</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#init(javax.servlet.FilterConfig)">init</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#onFilterConfigSet()">onFilterConfigSet</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#setFilterConfig(javax.servlet.FilterConfig)">setFilterConfig</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.ServletContextSupport"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">ServletContextSupport</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextAttribute(java.lang.String)">getContextAttribute</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextInitParam(java.lang.String)">getContextInitParam</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getServletContext()">getServletContext</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#removeContextAttribute(java.lang.String)">removeContextAttribute</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setContextAttribute(java.lang.String, java.lang.Object)">setContextAttribute</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setServletContext(javax.servlet.ServletContext)">setServletContext</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#toString()">toString</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</A></CODE></TD>
</TR>
</TABLE>
&nbsp;
<P>
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<A NAME="constructor_detail"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
<B>Constructor Detail</B></FONT></TH>
</TR>
</TABLE>
<A NAME="HttpMethodPermissionFilter()"><!-- --></A><H3>
HttpMethodPermissionFilter</H3>
<PRE>
public <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.126"><B>HttpMethodPermissionFilter</B></A>()</PRE>
<DL>
<DD>Creates the filter instance with default method-to-action values in the instance's
<A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodActions()"><CODE>http method actions map</CODE></A>.
<P>
</DL>
<!-- ============ METHOD DETAIL ========== -->
<A NAME="method_detail"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
<B>Method Detail</B></FONT></TH>
</TR>
</TABLE>
<A NAME="getHttpMethodActions()"><!-- --></A><H3>
getHttpMethodActions</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/util/Map.html?is-external=true" title="class or interface in java.util">Map</A>&lt;<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>,<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&gt; <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.139"><B>getHttpMethodActions</B></A>()</PRE>
<DL>
<DD>Returns the HTTP Method name (key) to action verb (value) mapping used to resolve actions based on an
incoming <code>HttpServletRequest</code>. All keys and values are lower-case. The
default key/value pairs are defined in the top class-level JavaDoc.
<P>
<DD><DL>
<DT><B>Returns:</B><DD>the HTTP Method lower-case name (key) to lower-case action verb (value) mapping</DL>
</DD>
</DL>
<HR>
<A NAME="getHttpMethodAction(javax.servlet.ServletRequest)"><!-- --></A><H3>
getHttpMethodAction</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.152"><B>getHttpMethodAction</B></A>(<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</A>&nbsp;request)</PRE>
<DL>
<DD>Determines the action (verb) attempting to be performed on the filtered resource by the current request.
<p/>
This implementation expects the incoming request to be an <A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html?is-external=true" title="class or interface in javax.servlet.http"><CODE>HttpServletRequest</CODE></A> and returns a mapped
action based on the HTTP request <A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html?is-external=true#getMethod()" title="class or interface in javax.servlet.http"><CODE>method</CODE></A>.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>request</CODE> - to pull the method from.
<DT><B>Returns:</B><DD>The string equivalent verb of the http method.</DL>
</DD>
</DL>
<HR>
<A NAME="getHttpMethodAction(java.lang.String)"><!-- --></A><H3>
getHttpMethodAction</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.164"><B>getHttpMethodAction</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;method)</PRE>
<DL>
<DD>Determines the corresponding application action that will be performed on the filtered resource based on the
specified HTTP method (GET, POST, etc).
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>method</CODE> - to be translated into the verb.
<DT><B>Returns:</B><DD>The string equivalent verb of the method.</DL>
</DD>
</DL>
<HR>
<A NAME="buildPermissions(javax.servlet.http.HttpServletRequest, java.lang.String[], java.lang.String)"><!-- --></A><H3>
buildPermissions</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[] <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.185"><B>buildPermissions</B></A>(<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html?is-external=true" title="class or interface in javax.servlet.http">HttpServletRequest</A>&nbsp;request,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[]&nbsp;configuredPerms,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;action)</PRE>
<DL>
<DD>Returns a collection of String permissions with which to perform a permission check to determine if the filter
will allow the request to continue.
<p/>
This implementation merely delegates to <A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions(java.lang.String[], java.lang.String)"><CODE>buildPermissions(String[], String)</CODE></A> and ignores the inbound
HTTP servlet request, but it can be overridden by subclasses for more complex request-specific building logic
if necessary.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>request</CODE> - the inbound HTTP request - ignored in this implementation, but available to
subclasses for more complex construction building logic if necessary<DD><CODE>configuredPerms</CODE> - any url-specific permissions mapped to this filter in the URL rules mappings.<DD><CODE>action</CODE> - the application-friendly action (verb) resolved based on the HTTP Method name.
<DT><B>Returns:</B><DD>a collection of String permissions with which to perform a permission check to determine if the filter
will allow the request to continue.</DL>
</DD>
</DL>
<HR>
<A NAME="buildPermissions(java.lang.String[], java.lang.String)"><!-- --></A><H3>
buildPermissions</H3>
<PRE>
protected <A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[] <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.217"><B>buildPermissions</B></A>(<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>[]&nbsp;configuredPerms,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;action)</PRE>
<DL>
<DD>Builds a new array of permission strings based on the original argument, appending the specified action verb
to each one per <A HREF="../../../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><CODE>WildcardPermission</CODE></A> conventions. The
built permission strings will be the ones used at runtime during the permission check that determines if filter
access should be allowed to continue or not.
<p/>
For example, if the <code>configuredPerms</code> argument contains the following 3 permission strings:
<p/>
<ol>
<li>permission:one</li>
<li>permission:two</li>
<li>permission:three</li>
</ol>
And the action is <code>read</code>, then the return value will be:
<ol>
<li>permission:one:read</li>
<li>permission:two:read</li>
<li>permission:three:read</li>
</ol>
per <A HREF="../../../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><CODE>WildcardPermission</CODE></A> conventions. Subclasses
are of course free to override this method or the
<A HREF="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions(javax.servlet.http.HttpServletRequest, java.lang.String[], java.lang.String)"><CODE>buildPermissions</CODE></A> request
variant for custom building logic or with different permission formats.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>configuredPerms</CODE> - list of configuredPerms to be converted.<DD><CODE>action</CODE> - the resolved action based on the request method to be appended to permission strings.
<DT><B>Returns:</B><DD>an array of permission strings with each element appended with the action.</DL>
</DD>
</DL>
<HR>
<A NAME="isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)"><!-- --></A><H3>
isAccessAllowed</H3>
<PRE>
public boolean <A HREF="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.259"><B>isAccessAllowed</B></A>(<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</A>&nbsp;request,
<A HREF="http://java.sun.com/javaee/5/docs/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</A>&nbsp;response,
<A HREF="http://java.sun.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A>&nbsp;mappedValue)
throws <A HREF="http://java.sun.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</A></PRE>
<DL>
<DD>Resolves an 'application friendly' action verb based on the <code>HttpServletRequest</code>'s method, appends that
action to each configured permission (the <code>mappedValue</code> argument is a <code>String[]</code> array), and
delegates the permission check for the newly constructed permission(s) to the superclass
<A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html#isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)"><CODE>isAccessAllowed</CODE></A>
implementation to perform the actual permission check.
<P>
<DD><DL>
<DT><B>Overrides:</B><DD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html#isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">isAccessAllowed</A></CODE> in class <CODE><A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">PermissionsAuthorizationFilter</A></CODE></DL>
</DD>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>request</CODE> - the inbound <code>ServletRequest</code><DD><CODE>response</CODE> - the outbound <code>ServletResponse</code><DD><CODE>mappedValue</CODE> - the filter-specific config value mapped to this filter in the URL rules mappings.
<DT><B>Returns:</B><DD><code>true</code> if the request should proceed through the filter normally, <code>false</code> if the
request should be processed by this filter's
<A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)"><CODE>AccessControlFilter.onAccessDenied(ServletRequest,ServletResponse,Object)</CODE></A> method instead.
<DT><B>Throws:</B>
<DD><CODE><A HREF="http://java.sun.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</A></CODE></DL>
</DD>
</DL>
<!-- ========= END OF CLASS DATA ========= -->
<HR>
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<A NAME="navbar_bottom"><!-- --></A>
<A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_bottom_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
<TR ALIGN="center" VALIGN="top">
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/HttpMethodPermissionFilter.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
</TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
</EM>
</TD>
</TR>
<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;<A HREF="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><B>PREV CLASS</B></A>&nbsp;
&nbsp;<A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../../../index.html?org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html" target="_top"><B>FRAMES</B></A> &nbsp;
&nbsp;<A HREF="HttpMethodPermissionFilter.html" target="_top"><B>NO FRAMES</B></A> &nbsp;
&nbsp;<SCRIPT type="text/javascript">
<!--
if(window==top) {
document.writeln('<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
}
//-->
</SCRIPT>
<NOSCRIPT>
<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>
</NOSCRIPT>
</FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;<A HREF="#fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">FIELD</A>&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL:&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<A NAME="skip-navbar_bottom"></A>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<HR>
Copyright &#169; 2004-2014 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.
</BODY>
</HTML>