1.1.2 1.2 Apache Shiro http://shiro.apache.org/tags Apache Shiro JSP Tag Library. hasPermission org.apache.shiro.web.tags.HasPermissionTag JSP Displays body content only if the current Subject (user) 'has' (implies) the specified permission (i.e the user has the specified ability). name true true lacksPermission org.apache.shiro.web.tags.LacksPermissionTag JSP Displays body content only if the current Subject (user) does NOT have (not imply) the specified permission (i.e. the user lacks the specified ability) name true true hasRole org.apache.shiro.web.tags.HasRoleTag JSP Displays body content only if the current user has the specified role. name true true hasAnyRoles org.apache.shiro.web.tags.HasAnyRolesTag JSP Displays body content only if the current user has one of the specified roles from a comma-separated list of role names. name true true lacksRole org.apache.shiro.web.tags.LacksRoleTag JSP Displays body content only if the current user does NOT have the specified role (i.e. they explicitly lack the specified role) name true true authenticated org.apache.shiro.web.tags.AuthenticatedTag JSP Displays body content only if the current user has successfully authenticated _during their current session_. It is more restrictive than the 'user' tag. It is logically opposite to the 'notAuthenticated' tag. notAuthenticated org.apache.shiro.web.tags.NotAuthenticatedTag JSP Displays body content only if the current user has NOT succesfully authenticated _during their current session_. It is logically opposite to the 'authenticated' tag. user org.apache.shiro.web.tags.UserTag JSP Displays body content only if the current Subject has a known identity, either from a previous login or from 'RememberMe' services. Note that this is semantically different from the 'authenticated' tag, which is more restrictive. It is logically opposite to the 'guest' tag. guest org.apache.shiro.web.tags.GuestTag JSP Displays body content only if the current Subject IS NOT known to the system, either because they have not logged in or they have no corresponding 'RememberMe' identity. It is logically opposite to the 'user' tag. principal org.apache.shiro.web.tags.PrincipalTag JSP Displays the user's principal or a property of the user's principal. type false true property false true defaultValue false true