public class GuestAnnotationHandler extends AuthorizingAnnotationHandler
RequiresGuest
annotation
is declared, and if so, ensures the calling Subject
does not
have an identity
before invoking the method.
This annotation essentially ensures that subject.
.getPrincipal()
== null
annotationClass
Constructor and Description |
---|
GuestAnnotationHandler()
Default no-argument constructor that ensures this interceptor looks for
RequiresGuest annotations in a method
declaration. |
Modifier and Type | Method and Description |
---|---|
void |
assertAuthorized(Annotation a)
Ensures that the calling
Subject is NOT a user, that is, they do not
have an identity before continuing. |
getAnnotationClass, getSubject, setAnnotationClass
public GuestAnnotationHandler()
RequiresGuest
annotations in a method
declaration.public void assertAuthorized(Annotation a) throws AuthorizationException
Subject
is NOT a user, that is, they do not
have an identity
before continuing. If they are
a user (Subject.getPrincipal()
!= null), an
AuthorizingException
will be thrown indicating that execution is not allowed to continue.assertAuthorized
in class AuthorizingAnnotationHandler
a
- the annotation to check for one or more rolesAuthorizationException
- if the calling Subject
is not a "guest".Copyright © 2004-2016 The Apache Software Foundation. All Rights Reserved.