Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.2.3 / shiro-web / apidocs / org / apache / shiro / web / filter / authz / AuthorizationFilter.html
blob: 9634719ba332ddf67dd2eb6a5ded970cef7d5b3e [file] [log] [blame]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--NewPage-->
<HTML>
<HEAD>
<!-- Generated by javadoc (build 1.6.0_65) on Tue Feb 25 18:16:45 EST 2014 -->
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<TITLE>
AuthorizationFilter (Apache Shiro :: Web 1.2.3 API)
</TITLE>
<META NAME="date" CONTENT="2014-02-25">
<LINK REL ="stylesheet" TYPE="text/css" HREF="../../../../../../stylesheet.css" TITLE="Style">
<SCRIPT type="text/javascript">
function windowTitle()
{
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="AuthorizationFilter (Apache Shiro :: Web 1.2.3 API)";
}
}
</SCRIPT>
<NOSCRIPT>
</NOSCRIPT>
</HEAD>
<BODY BGCOLOR="white" onload="windowTitle();">
<HR>
<!-- ========= START OF TOP NAVBAR ======= -->
<A NAME="navbar_top"><!-- --></A>
<A HREF="#skip-navbar_top" title="Skip navigation links"></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_top_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
<TR ALIGN="center" VALIGN="top">
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/AuthorizationFilter.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
</TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
</EM>
</TD>
</TR>
<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;PREV CLASS&nbsp;
&nbsp;<A HREF="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../../../index.html?org/apache/shiro/web/filter/authz/AuthorizationFilter.html" target="_top"><B>FRAMES</B></A> &nbsp;
&nbsp;<A HREF="AuthorizationFilter.html" target="_top"><B>NO FRAMES</B></A> &nbsp;
&nbsp;<SCRIPT type="text/javascript">
<!--
if(window==top) {
document.writeln('<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
}
//-->
</SCRIPT>
<NOSCRIPT>
<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>
</NOSCRIPT>
</FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;<A HREF="#fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">FIELD</A>&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL:&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<A NAME="skip-navbar_top"></A>
<!-- ========= END OF TOP NAVBAR ========= -->
<HR>
<!-- ======== START OF CLASS DATA ======== -->
<H2>
<FONT SIZE="-1">
org.apache.shiro.web.filter.authz</FONT>
<BR>
Class AuthorizationFilter</H2>
<PRE>
<A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.ServletContextSupport</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AbstractFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.NameableFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.OncePerRequestFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AdviceFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.PathMatchingFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.AccessControlFilter</A>
<IMG SRC="../../../../../../resources/inherit.gif" ALT="extended by "><B>org.apache.shiro.web.filter.authz.AuthorizationFilter</B>
</PRE>
<DL>
<DT><B>All Implemented Interfaces:</B> <DD>javax.servlet.Filter, org.apache.shiro.util.Nameable, <A HREF="../../../../../../org/apache/shiro/web/filter/PathConfigProcessor.html" title="interface in org.apache.shiro.web.filter">PathConfigProcessor</A></DD>
</DL>
<DL>
<DT><B>Direct Known Subclasses:</B> <DD><A HREF="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz">HostFilter</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">PermissionsAuthorizationFilter</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/authz/PortFilter.html" title="class in org.apache.shiro.web.filter.authz">PortFilter</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">RolesAuthorizationFilter</A></DD>
</DL>
<HR>
<DL>
<DT><PRE>public abstract class <B>AuthorizationFilter</B><DT>extends <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</A></DL>
</PRE>
<P>
Superclass for authorization-related filters. If an request is unauthorized, response handling is delegated to the
<A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)"><CODE>onAccessDenied</CODE></A> method, which
provides reasonable handling for most applications.
<P>
<P>
<DL>
<DT><B>Since:</B></DT>
<DD>0.9</DD>
<DT><B>See Also:</B><DD><A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)"><CODE>onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)</CODE></A></DL>
<HR>
<P>
<!-- =========== FIELD SUMMARY =========== -->
<A NAME="field_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Field Summary</B></FONT></TH>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#DEFAULT_LOGIN_URL">DEFAULT_LOGIN_URL</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#GET_METHOD">GET_METHOD</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#POST_METHOD">POST_METHOD</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.filter.PathMatchingFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#appliedPaths">appliedPaths</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathMatcher">pathMatcher</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.servlet.OncePerRequestFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#ALREADY_FILTERED_SUFFIX">ALREADY_FILTERED_SUFFIX</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="fields_inherited_from_class_org.apache.shiro.web.servlet.AbstractFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Fields inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#filterConfig">filterConfig</A></CODE></TD>
</TR>
</TABLE>
&nbsp;
<!-- ======== CONSTRUCTOR SUMMARY ======== -->
<A NAME="constructor_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Constructor Summary</B></FONT></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#AuthorizationFilter()">AuthorizationFilter</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TD>
</TR>
</TABLE>
&nbsp;
<!-- ========== METHOD SUMMARY =========== -->
<A NAME="method_summary"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="2"><FONT SIZE="+2">
<B>Method Summary</B></FONT></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>&nbsp;<A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A></CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl()">getUnauthorizedUrl</A></B>()</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Returns the URL to which users should be redirected if they are denied access to an underlying path or resource,
or <code>null</code> if a raw <CODE>HttpServletResponse.SC_UNAUTHORIZED</CODE> response should be issued (401 Unauthorized).</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>protected &nbsp;boolean</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">onAccessDenied</A></B>(javax.servlet.ServletRequest&nbsp;request,
javax.servlet.ServletResponse&nbsp;response)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Handles the response when access has been denied.</TD>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD ALIGN="right" VALIGN="top" WIDTH="1%"><FONT SIZE="-1">
<CODE>&nbsp;void</CODE></FONT></TD>
<TD><CODE><B><A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl(java.lang.String)">setUnauthorizedUrl</A></B>(<A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;unauthorizedUrl)</CODE>
<BR>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Sets the URL to which users should be redirected if they are denied access to an underlying path or resource.</TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getLoginUrl()">getLoginUrl</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getSubject(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">getSubject</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isAccessAllowed(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">isAccessAllowed</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isLoginRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">isLoginRequest</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">onAccessDenied</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onPreHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)">onPreHandle</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#redirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">redirectToLogin</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequest(javax.servlet.ServletRequest)">saveRequest</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">saveRequestAndRedirectToLogin</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#setLoginUrl(java.lang.String)">setLoginUrl</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.filter.PathMatchingFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.filter.<A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#getPathWithinApplication(javax.servlet.ServletRequest)">getPathWithinApplication</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.String, java.lang.Object)">isEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch(java.lang.String, javax.servlet.ServletRequest)">pathsMatch</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch(java.lang.String, java.lang.String)">pathsMatch</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#preHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">preHandle</A>, <A HREF="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#processPathConfig(java.lang.String, java.lang.String)">processPathConfig</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.AdviceFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">AdviceFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#afterCompletion(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Exception)">afterCompletion</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#cleanup(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Exception)">cleanup</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#doFilterInternal(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">doFilterInternal</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#executeChain(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">executeChain</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#postHandle(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">postHandle</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.OncePerRequestFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">doFilter</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#getAlreadyFilteredAttributeName()">getAlreadyFilteredAttributeName</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled()">isEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">isEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#setEnabled(boolean)">setEnabled</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#shouldNotFilter(javax.servlet.ServletRequest)">shouldNotFilter</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.NameableFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">NameableFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#getName()">getName</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#setName(java.lang.String)">setName</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#toStringBuilder()">toStringBuilder</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.AbstractFilter"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#destroy()">destroy</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getFilterConfig()">getFilterConfig</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getInitParam(java.lang.String)">getInitParam</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#init(javax.servlet.FilterConfig)">init</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#onFilterConfigSet()">onFilterConfigSet</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#setFilterConfig(javax.servlet.FilterConfig)">setFilterConfig</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_org.apache.shiro.web.servlet.ServletContextSupport"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class org.apache.shiro.web.servlet.<A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">ServletContextSupport</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextAttribute(java.lang.String)">getContextAttribute</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextInitParam(java.lang.String)">getContextInitParam</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getServletContext()">getServletContext</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#removeContextAttribute(java.lang.String)">removeContextAttribute</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setContextAttribute(java.lang.String, java.lang.Object)">setContextAttribute</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setServletContext(javax.servlet.ServletContext)">setServletContext</A>, <A HREF="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#toString()">toString</A></CODE></TD>
</TR>
</TABLE>
&nbsp;<A NAME="methods_inherited_from_class_java.lang.Object"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#EEEEFF" CLASS="TableSubHeadingColor">
<TH ALIGN="left"><B>Methods inherited from class java.lang.<A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</A></B></TH>
</TR>
<TR BGCOLOR="white" CLASS="TableRowColor">
<TD><CODE><A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#clone()" title="class or interface in java.lang">clone</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#equals(java.lang.Object)" title="class or interface in java.lang">equals</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#finalize()" title="class or interface in java.lang">finalize</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#getClass()" title="class or interface in java.lang">getClass</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#hashCode()" title="class or interface in java.lang">hashCode</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#notify()" title="class or interface in java.lang">notify</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#notifyAll()" title="class or interface in java.lang">notifyAll</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#wait()" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#wait(long)" title="class or interface in java.lang">wait</A>, <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/Object.html?is-external=true#wait(long, int)" title="class or interface in java.lang">wait</A></CODE></TD>
</TR>
</TABLE>
&nbsp;
<P>
<!-- ========= CONSTRUCTOR DETAIL ======== -->
<A NAME="constructor_detail"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
<B>Constructor Detail</B></FONT></TH>
</TR>
</TABLE>
<A NAME="AuthorizationFilter()"><!-- --></A><H3>
AuthorizationFilter</H3>
<PRE>
public <B>AuthorizationFilter</B>()</PRE>
<DL>
</DL>
<!-- ============ METHOD DETAIL ========== -->
<A NAME="method_detail"><!-- --></A>
<TABLE BORDER="1" WIDTH="100%" CELLPADDING="3" CELLSPACING="0" SUMMARY="">
<TR BGCOLOR="#CCCCFF" CLASS="TableHeadingColor">
<TH ALIGN="left" COLSPAN="1"><FONT SIZE="+2">
<B>Method Detail</B></FONT></TH>
</TR>
</TABLE>
<A NAME="getUnauthorizedUrl()"><!-- --></A><H3>
getUnauthorizedUrl</H3>
<PRE>
public <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A> <B>getUnauthorizedUrl</B>()</PRE>
<DL>
<DD>Returns the URL to which users should be redirected if they are denied access to an underlying path or resource,
or <code>null</code> if a raw <CODE>HttpServletResponse.SC_UNAUTHORIZED</CODE> response should be issued (401 Unauthorized).
<p/>
The default is <code>null</code>, ensuring default web server behavior. Override this default by calling the
<A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl(java.lang.String)"><CODE>setUnauthorizedUrl</CODE></A> method with a meaningful path within your application
if you would like to show the user a 'nice' page in the event of unauthorized access.
<P>
<DD><DL>
<DT><B>Returns:</B><DD>the URL to which users should be redirected if they are denied access to an underlying path or resource,
or <code>null</code> if a raw <CODE>HttpServletResponse.SC_UNAUTHORIZED</CODE> response should be issued (401 Unauthorized).</DL>
</DD>
</DL>
<HR>
<A NAME="setUnauthorizedUrl(java.lang.String)"><!-- --></A><H3>
setUnauthorizedUrl</H3>
<PRE>
public void <B>setUnauthorizedUrl</B>(<A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</A>&nbsp;unauthorizedUrl)</PRE>
<DL>
<DD>Sets the URL to which users should be redirected if they are denied access to an underlying path or resource.
<p/>
If the value is <code>null</code> a raw <CODE>HttpServletResponse.SC_UNAUTHORIZED</CODE> response will
be issued (401 Unauthorized), retaining default web server behavior.
<p/>
Unless overridden by calling this method, the default value is <code>null</code>. If desired, you can specify a
meaningful path within your application if you would like to show the user a 'nice' page in the event of
unauthorized access.
<P>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>unauthorizedUrl</CODE> - the URL to which users should be redirected if they are denied access to an underlying
path or resource, or <code>null</code> to a ensure raw <CODE>HttpServletResponse.SC_UNAUTHORIZED</CODE> response is
issued (401 Unauthorized).</DL>
</DD>
</DL>
<HR>
<A NAME="onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)"><!-- --></A><H3>
onAccessDenied</H3>
<PRE>
protected boolean <B>onAccessDenied</B>(javax.servlet.ServletRequest&nbsp;request,
javax.servlet.ServletResponse&nbsp;response)
throws <A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</A></PRE>
<DL>
<DD>Handles the response when access has been denied. It behaves as follows:
<ul>
<li>If the <code>Subject</code> is unknown<sup><a href="#known">[1]</a></sup>:
<ol><li>The incoming request will be saved and they will be redirected to the login page for authentication
(via the <A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)"><CODE>AccessControlFilter.saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)</CODE></A>
method).</li>
<li>Once successfully authenticated, they will be redirected back to the originally attempted page.</li></ol>
</li>
<li>If the Subject is known:</li>
<ol>
<li>The HTTP <CODE>HttpServletResponse.SC_UNAUTHORIZED</CODE> header will be set (401 Unauthorized)</li>
<li>If the <A HREF="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl()"><CODE>unauthorizedUrl</CODE></A> has been configured, a redirect will be issued to that
URL. Otherwise the 401 response is rendered normally</li>
</ul>
<code><a name="known">[1]</a></code>: A <code>Subject</code> is 'known' when
<code>subject.<CODE>getPrincipal()</CODE></code> is not <code>null</code>,
which implicitly means that the subject is either currently authenticated or they have been remembered via
'remember me' services.
<P>
<DD><DL>
<DT><B>Specified by:</B><DD><CODE><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)">onAccessDenied</A></CODE> in class <CODE><A HREF="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</A></CODE></DL>
</DD>
<DD><DL>
<DT><B>Parameters:</B><DD><CODE>request</CODE> - the incoming <code>ServletRequest</code><DD><CODE>response</CODE> - the outgoing <code>ServletResponse</code>
<DT><B>Returns:</B><DD><code>false</code> always for this implementation.
<DT><B>Throws:</B>
<DD><CODE><A HREF="http://java.sun.com/j2se/1.5.0/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</A></CODE> - if there is any servlet error.</DL>
</DD>
</DL>
<!-- ========= END OF CLASS DATA ========= -->
<HR>
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<A NAME="navbar_bottom"><!-- --></A>
<A HREF="#skip-navbar_bottom" title="Skip navigation links"></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0" SUMMARY="">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_bottom_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3" SUMMARY="">
<TR ALIGN="center" VALIGN="top">
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="class-use/AuthorizationFilter.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../index-all.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../../../../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
</TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
</EM>
</TD>
</TR>
<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;PREV CLASS&nbsp;
&nbsp;<A HREF="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
<A HREF="../../../../../../index.html?org/apache/shiro/web/filter/authz/AuthorizationFilter.html" target="_top"><B>FRAMES</B></A> &nbsp;
&nbsp;<A HREF="AuthorizationFilter.html" target="_top"><B>NO FRAMES</B></A> &nbsp;
&nbsp;<SCRIPT type="text/javascript">
<!--
if(window==top) {
document.writeln('<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>');
}
//-->
</SCRIPT>
<NOSCRIPT>
<A HREF="../../../../../../allclasses-noframe.html"><B>All Classes</B></A>
</NOSCRIPT>
</FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
SUMMARY:&nbsp;NESTED&nbsp;|&nbsp;<A HREF="#fields_inherited_from_class_org.apache.shiro.web.filter.AccessControlFilter">FIELD</A>&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_summary">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL:&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;<A HREF="#method_detail">METHOD</A></FONT></TD>
</TR>
</TABLE>
<A NAME="skip-navbar_bottom"></A>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
<HR>
Copyright &#169; 2004-2014 <a href="http://www.apache.org/">The Apache Software Foundation</a>. All Rights Reserved.
</BODY>
</HTML>