Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.5.0 / shiro-core / apidocs / org / apache / shiro / mgt / SecurityManager.html
blob: 675cbfbea4de405c6a53d5fcc49f60e5ef50b44a [file] [log] [blame]
<!DOCTYPE HTML>
<!-- NewPage -->
<html lang="fr">
<head>
<!-- Generated by javadoc (11.0.4) on Fri Jan 24 17:11:59 CET 2020 -->
<title>SecurityManager (Apache Shiro :: Core 1.5.0 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="dc.created" content="2020-01-24">
<link rel="stylesheet" type="text/css" href="../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../script.js"></script>
<script type="text/javascript" src="../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../jquery/jquery-3.3.1.js"></script>
<script type="text/javascript" src="../../../../jquery/jquery-migrate-3.0.1.js"></script>
<script type="text/javascript" src="../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
try {
if (location.href.indexOf('is-external=true') == -1) {
parent.document.title="SecurityManager (Apache Shiro :: Core 1.5.0 API)";
}
}
catch(err) {
}
//-->
var data = {"i0":6,"i1":6,"i2":6};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">
<!-- ========= START OF TOP NAVBAR ======= -->
<div class="topNav"><a id="navbar.top">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/SecurityManager.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_top");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">
<!-- -->
</a></div>
<!-- ========= END OF TOP NAVBAR ========= -->
</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>
<!-- ======== START OF CLASS DATA ======== -->
<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.apache.shiro.mgt</a></div>
<h2 title="Interface SecurityManager" class="title">Interface SecurityManager</h2>
</div>
<div class="contentContainer">
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Superinterfaces:</dt>
<dd><code><a href="../authc/Authenticator.html" title="interface in org.apache.shiro.authc">Authenticator</a></code>, <code><a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a></code>, <code><a href="../session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></code></dd>
</dl>
<dl>
<dt>All Known Implementing Classes:</dt>
<dd><code><a href="AuthenticatingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthenticatingSecurityManager</a></code>, <code><a href="AuthorizingSecurityManager.html" title="class in org.apache.shiro.mgt">AuthorizingSecurityManager</a></code>, <code><a href="CachingSecurityManager.html" title="class in org.apache.shiro.mgt">CachingSecurityManager</a></code>, <code><a href="DefaultSecurityManager.html" title="class in org.apache.shiro.mgt">DefaultSecurityManager</a></code>, <code><a href="RealmSecurityManager.html" title="class in org.apache.shiro.mgt">RealmSecurityManager</a></code>, <code><a href="SessionsSecurityManager.html" title="class in org.apache.shiro.mgt">SessionsSecurityManager</a></code></dd>
</dl>
<hr>
<pre>public interface <a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.57">SecurityManager</a>
extends <a href="../authc/Authenticator.html" title="interface in org.apache.shiro.authc">Authenticator</a>, <a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a>, <a href="../session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></pre>
<div class="block">A <code>SecurityManager</code> executes all security operations for <em>all</em> Subjects (aka users) across a
single application.
<p/>
The interface itself primarily exists as a convenience - it extends the <a href="../authc/Authenticator.html" title="interface in org.apache.shiro.authc"><code>Authenticator</code></a>,
<a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz"><code>Authorizer</code></a>, and <a href="../session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt"><code>SessionManager</code></a> interfaces, thereby consolidating
these behaviors into a single point of reference. For most Shiro usages, this simplifies configuration and
tends to be a more convenient approach than referencing <code>Authenticator</code>, <code>Authorizer</code>, and
<code>SessionManager</code> instances separately; instead one only needs to interact with a single
<code>SecurityManager</code> instance.
<p/>
In addition to the above three interfaces, this interface provides a number of methods supporting
<a href="../subject/Subject.html" title="interface in org.apache.shiro.subject"><code>Subject</code></a> behavior. A <a href="../subject/Subject.html" title="interface in org.apache.shiro.subject"><code>Subject</code></a> executes
authentication, authorization, and session operations for a <em>single</em> user, and as such can only be
managed by <code>A SecurityManager</code> which is aware of all three functions. The three parent interfaces on the
other hand do not 'know' about <code>Subject</code>s to ensure a clean separation of concerns.
<p/>
<b>Usage Note</b>: In actuality the large majority of application programmers won't interact with a SecurityManager
very often, if at all. <em>Most</em> application programmers only care about security operations for the currently
executing user, usually attained by calling
<a href="../SecurityUtils.html#getSubject()"><code>SecurityUtils.getSubject()</code></a>.
<p/>
Framework developers on the other hand might find working with an actual SecurityManager useful.</div>
<dl>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>0.2</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="DefaultSecurityManager.html" title="class in org.apache.shiro.mgt"><code>DefaultSecurityManager</code></a></dd>
</dl>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">
<!-- ========== METHOD SUMMARY =========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">
<!-- -->
</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code><a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#createSubject(org.apache.shiro.subject.SubjectContext)">createSubject</a></span>&#8203;(<a href="../subject/SubjectContext.html" title="interface in org.apache.shiro.subject">SubjectContext</a>&nbsp;context)</code></th>
<td class="colLast">
<div class="block">Creates a <code>Subject</code> instance reflecting the specified contextual data.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code><a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#login(org.apache.shiro.subject.Subject,org.apache.shiro.authc.AuthenticationToken)">login</a></span>&#8203;(<a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject,
<a href="../authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a>&nbsp;authenticationToken)</code></th>
<td class="colLast">
<div class="block">Logs in the specified Subject using the given <code>authenticationToken</code>, returning an updated Subject
instance reflecting the authenticated state if successful or throwing <code>AuthenticationException</code> if it is
not.</div>
</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="#logout(org.apache.shiro.subject.Subject)">logout</a></span>&#8203;(<a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject)</code></th>
<td class="colLast">
<div class="block">Logs out the specified Subject from the system.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.authc.Authenticator">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.authc.<a href="../authc/Authenticator.html" title="interface in org.apache.shiro.authc">Authenticator</a></h3>
<code><a href="../authc/Authenticator.html#authenticate(org.apache.shiro.authc.AuthenticationToken)">authenticate</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.authz.Authorizer">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.authz.<a href="../authz/Authorizer.html" title="interface in org.apache.shiro.authz">Authorizer</a></h3>
<code><a href="../authz/Authorizer.html#checkPermission(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">checkPermission</a>, <a href="../authz/Authorizer.html#checkPermission(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">checkPermission</a>, <a href="../authz/Authorizer.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">checkPermissions</a>, <a href="../authz/Authorizer.html#checkPermissions(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">checkPermissions</a>, <a href="../authz/Authorizer.html#checkRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">checkRole</a>, <a href="../authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">checkRoles</a>, <a href="../authz/Authorizer.html#checkRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">checkRoles</a>, <a href="../authz/Authorizer.html#hasAllRoles(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">hasAllRoles</a>, <a href="../authz/Authorizer.html#hasRole(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">hasRole</a>, <a href="../authz/Authorizer.html#hasRoles(org.apache.shiro.subject.PrincipalCollection,java.util.List)">hasRoles</a>, <a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String)">isPermitted</a>, <a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">isPermitted</a>, <a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,java.util.List)">isPermitted</a>, <a href="../authz/Authorizer.html#isPermitted(org.apache.shiro.subject.PrincipalCollection,org.apache.shiro.authz.Permission)">isPermitted</a>, <a href="../authz/Authorizer.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.lang.String...)">isPermittedAll</a>, <a href="../authz/Authorizer.html#isPermittedAll(org.apache.shiro.subject.PrincipalCollection,java.util.Collection)">isPermittedAll</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.apache.shiro.session.mgt.SessionManager">
<!-- -->
</a>
<h3>Methods inherited from interface&nbsp;org.apache.shiro.session.mgt.<a href="../session/mgt/SessionManager.html" title="interface in org.apache.shiro.session.mgt">SessionManager</a></h3>
<code><a href="../session/mgt/SessionManager.html#getSession(org.apache.shiro.session.mgt.SessionKey)">getSession</a>, <a href="../session/mgt/SessionManager.html#start(org.apache.shiro.session.mgt.SessionContext)">start</a></code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">
<!-- ============ METHOD DETAIL ========== -->
<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">
<!-- -->
</a>
<h3>Method Detail</h3>
<a id="login(org.apache.shiro.subject.Subject,org.apache.shiro.authc.AuthenticationToken)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>login</h4>
<pre class="methodSignature"><a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.77">login</a>&#8203;(<a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject,
<a href="../authc/AuthenticationToken.html" title="interface in org.apache.shiro.authc">AuthenticationToken</a>&nbsp;authenticationToken)
throws <a href="../authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></pre>
<div class="block">Logs in the specified Subject using the given <code>authenticationToken</code>, returning an updated Subject
instance reflecting the authenticated state if successful or throwing <code>AuthenticationException</code> if it is
not.
<p/>
Note that most application developers should probably not call this method directly unless they have a good
reason for doing so. The preferred way to log in a Subject is to call
<code>subject.<a href="../subject/Subject.html#login(org.apache.shiro.authc.AuthenticationToken)"><code>login(authenticationToken)</code></a></code> (usually after
acquiring the Subject by calling <a href="../SecurityUtils.html#getSubject()"><code>SecurityUtils.getSubject()</code></a>).
<p/>
Framework developers on the other hand might find calling this method directly useful in certain cases.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>subject</code> - the subject against which the authentication attempt will occur</dd>
<dd><code>authenticationToken</code> - the token representing the Subject's principal(s) and credential(s)</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the subject instance reflecting the authenticated state after a successful attempt</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../authc/AuthenticationException.html" title="class in org.apache.shiro.authc">AuthenticationException</a></code> - if the login attempt failed.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
</dl>
</li>
</ul>
<a id="logout(org.apache.shiro.subject.Subject)">
<!-- -->
</a>
<ul class="blockList">
<li class="blockList">
<h4>logout</h4>
<pre class="methodSignature">void&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.92">logout</a>&#8203;(<a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;subject)</pre>
<div class="block">Logs out the specified Subject from the system.
<p/>
Note that most application developers should not call this method unless they have a good reason for doing
so. The preferred way to logout a Subject is to call
<code><a href="../subject/Subject.html#logout()"><code>Subject.logout()</code></a></code>, not the
<code>SecurityManager</code> directly.
<p/>
Framework developers on the other hand might find calling this method directly useful in certain cases.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>subject</code> - the subject to log out.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
</dl>
</li>
</ul>
<a id="createSubject(org.apache.shiro.subject.SubjectContext)">
<!-- -->
</a>
<ul class="blockListLast">
<li class="blockList">
<h4>createSubject</h4>
<pre class="methodSignature"><a href="../subject/Subject.html" title="interface in org.apache.shiro.subject">Subject</a>&nbsp;<a href="../../../../src-html/org/apache/shiro/mgt/SecurityManager.html#line.112">createSubject</a>&#8203;(<a href="../subject/SubjectContext.html" title="interface in org.apache.shiro.subject">SubjectContext</a>&nbsp;context)</pre>
<div class="block">Creates a <code>Subject</code> instance reflecting the specified contextual data.
<p/>
The context can be anything needed by this <code>SecurityManager</code> to construct a <code>Subject</code> instance.
Most Shiro end-users will never call this method - it exists primarily for
framework development and to support any underlying custom <a href="SubjectFactory.html" title="interface in org.apache.shiro.mgt"><code>SubjectFactory</code></a> implementations
that may be used by the <code>SecurityManager</code>.
<h4>Usage</h4>
After calling this method, the returned instance is <em>not</em> bound to the application for further use.
Callers are expected to know that <code>Subject</code> instances have local scope only and any
other further use beyond the calling method must be managed explicitly.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>context</code> - any data needed to direct how the Subject should be constructed.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the <code>Subject</code> instance reflecting the specified initialization data.</dd>
<dt><span class="simpleTagLabel">Since:</span></dt>
<dd>1.0</dd>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="SubjectFactory.html#createSubject(org.apache.shiro.subject.SubjectContext)"><code>SubjectFactory.createSubject(SubjectContext)</code></a>,
<a href="../subject/Subject.Builder.html" title="class in org.apache.shiro.subject"><code>Subject.Builder</code></a></dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>
<!-- ========= END OF CLASS DATA ========= -->
<footer role="contentinfo">
<nav role="navigation">
<!-- ======= START OF BOTTOM NAVBAR ====== -->
<div class="bottomNav"><a id="navbar.bottom">
<!-- -->
</a>
<div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">
<!-- -->
</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="class-use/SecurityManager.html">Use</a></li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../index-all.html">Index</a></li>
<li><a href="../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
allClassesLink = document.getElementById("allclasses_navbar_bottom");
if(window==top) {
allClassesLink.style.display = "block";
}
else {
allClassesLink.style.display = "none";
}
//-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li>Field&nbsp;|&nbsp;</li>
<li>Constr&nbsp;|&nbsp;</li>
<li><a href="#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">
<!-- -->
</a></div>
<!-- ======== END OF BOTTOM NAVBAR ======= -->
</nav>
<p class="legalCopy"><small>Copyright &#169; 2004&#x2013;2020 <a href="https://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</small></p>
</footer>
</body>
</html>