Index (Apache Shiro :: Core 1.5.0 API)

A B C D E F G H I J K L M N O P Q R S T U V W
All Classes All Packages

A

AbstractAuthenticationStrategy - Class in org.apache.shiro.authc.pam: Abstract base implementation for Shiro's concrete AuthenticationStrategy implementations.
AbstractAuthenticationStrategy() - Constructor for class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
AbstractAuthenticator - Class in org.apache.shiro.authc: Superclass for almost all Authenticator implementations that performs the common work around authentication attempts.
AbstractAuthenticator() - Constructor for class org.apache.shiro.authc.AbstractAuthenticator: Default no-argument constructor.
AbstractFactory<T> - Class in org.apache.shiro.util: TODO - Class JavaDoc
AbstractFactory() - Constructor for class org.apache.shiro.util.AbstractFactory
AbstractLdapRealm - Class in org.apache.shiro.realm.ldap: A Realm that authenticates with an LDAP server to build the Subject for a user.
AbstractLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.AbstractLdapRealm
AbstractNativeSessionManager - Class in org.apache.shiro.session.mgt: Abstract implementation supporting the NativeSessionManager interface, supporting SessionListeners and application of the globalSessionTimeout.
AbstractNativeSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractNativeSessionManager
AbstractRememberMeManager - Class in org.apache.shiro.mgt: Abstract implementation of the RememberMeManager interface that handles serialization and encryption of the remembered user identity.
AbstractRememberMeManager() - Constructor for class org.apache.shiro.mgt.AbstractRememberMeManager: Default constructor that initializes a DefaultSerializer as the serializer and an AesCipherService as the cipherService.
AbstractSessionDAO - Class in org.apache.shiro.session.mgt.eis: An abstract SessionDAO implementation that performs some sanity checks on session creation and reading and allows for pluggable Session ID generation strategies if desired.
AbstractSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.AbstractSessionDAO: Default no-arg constructor that defaults the sessionIdGenerator to be a JavaUuidSessionIdGenerator.
AbstractSessionManager - Class in org.apache.shiro.session.mgt: Base abstract class of the SessionManager interface, enabling configuration of an application-wide globalSessionTimeout.
AbstractSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractSessionManager
AbstractValidatingSessionManager - Class in org.apache.shiro.session.mgt: Default business-tier implementation of the ValidatingSessionManager interface.
AbstractValidatingSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
Account - Interface in org.apache.shiro.authc: An Account is a convenience interface that extends both AuthenticationInfo and AuthorizationInfo and represents authentication and authorization for a single account in a single Realm.
AccountException - Exception in org.apache.shiro.authc: Exception thrown due to a problem with the account under which an authentication attempt is being executed.
AccountException() - Constructor for exception org.apache.shiro.authc.AccountException: Creates a new AccountException.
AccountException(String) - Constructor for exception org.apache.shiro.authc.AccountException: Constructs a new AccountException.
AccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.AccountException: Constructs a new AccountException.
AccountException(Throwable) - Constructor for exception org.apache.shiro.authc.AccountException: Constructs a new AccountException.
accountExists(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
ACTIVE_SESSION_CACHE_NAME - Static variable in class org.apache.shiro.session.mgt.eis.CachingSessionDAO: The default active sessions cache name, equal to shiro-activeSessionCache.
ActiveDirectoryRealm - Class in org.apache.shiro.realm.activedirectory: A Realm that authenticates with an active directory LDAP server to determine the roles for a particular user.
ActiveDirectoryRealm() - Constructor for class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
add(Object, String) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection: Adds the given principal to this collection.
add(Object, String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
add(SimpleAccount) - Method in class org.apache.shiro.realm.SimpleAccountRealm
add(Permission) - Method in class org.apache.shiro.authz.SimpleRole
add(SimpleRole) - Method in class org.apache.shiro.realm.SimpleAccountRealm
addAccount(String, String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
addAccount(String, String, String...) - Method in class org.apache.shiro.realm.SimpleAccountRealm
addAll(Collection<Permission>) - Method in class org.apache.shiro.authz.SimpleRole
addAll(Collection, String) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection: Adds all of the principals in the given collection to this collection.
addAll(Collection, String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
addAll(PrincipalCollection) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection: Adds all of the principals from the given principal collection to this collection.
addAll(PrincipalCollection) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
addObjectPermission(Permission) - Method in class org.apache.shiro.authc.SimpleAccount: Assigns an object-based permission directly to this Account (not any of its realms).
addObjectPermission(Permission) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo: Adds (assigns) a permission to those directly associated with the account.
addObjectPermissions(Collection<Permission>) - Method in class org.apache.shiro.authc.SimpleAccount: Assigns one or more object-based permissions directly to this Account (not any of its realms).
addObjectPermissions(Collection<Permission>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo: Adds (assigns) multiple permissions to those associated directly with the account.
addRole(String) - Method in class org.apache.shiro.authc.SimpleAccount: Adds a role to this Account's set of assigned roles.
addRole(String) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo: Adds (assigns) a role to those associated with the account.
addRole(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
addRole(Collection<String>) - Method in class org.apache.shiro.authc.SimpleAccount: Adds one or more roles to this Account's set of assigned roles.
addRoles(Collection<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo: Adds (assigns) multiple roles to those associated with the account.
addStringPermission(String) - Method in class org.apache.shiro.authc.SimpleAccount: Assigns a String-based permission directly to this Account (not to any of its realms).
addStringPermission(String) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo: Adds (assigns) a permission to those directly associated with the account.
addStringPermissions(Collection<String>) - Method in class org.apache.shiro.authc.SimpleAccount: Assigns one or more string-based permissions directly to this Account (not to any of its realms).
addStringPermissions(Collection<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo: Adds (assigns) multiple permissions to those associated directly with the account.
afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy: Simply returns the aggregate argument without modification.
afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy: Ensures that the aggregate method argument is not null and aggregate.getPrincipals() is not null, and if either is null, throws an AuthenticationException to indicate that none of the realms authenticated successfully.
afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy: Method invoked by the ModularAuthenticator signifying that all of its configured Realms have been consulted for account data, allowing post-processing after all realms have completed.
afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy: Base implementation that will aggregate the specified singleRealmInfo into the aggregateInfo and then returns the aggregate.
afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in class org.apache.shiro.authc.pam.AllSuccessfulStrategy: Merges the specified info into the aggregate argument and returns it (just as the parent implementation does), but additionally ensures the following: if the Throwable argument is not null, re-throws it to immediately cancel the authentication process, since this strategy requires all realms to authenticate successfully. neither the info or aggregate argument is null to ensure that each realm did in fact authenticate successfully
afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy: Method invoked by the ModularAuthenticator just after the given realm has been consulted for authentication, allowing post-authentication-attempt logic for that realm only.
afterCacheManagerSet() - Method in class org.apache.shiro.mgt.CachingSecurityManager: Template callback to notify subclasses that a CacheManager has been set and is available for use via the getCacheManager() method.
afterCacheManagerSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager: Simply calls applyCacheManagerToRealms() to allow the newly set CacheManager to be propagated to the internal collection of Realm that would need to use it.
afterCacheManagerSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager: Calls super.afterCacheManagerSet() and then immediately calls applyCacheManagerToSessionManager() to ensure the CacheManager is applied to the SessionManager as necessary.
afterCacheManagerSet() - Method in class org.apache.shiro.realm.AuthenticatingRealm: This implementation attempts to acquire an authentication cache if one is not already configured.
afterCacheManagerSet() - Method in class org.apache.shiro.realm.AuthorizingRealm
afterCacheManagerSet() - Method in class org.apache.shiro.realm.CachingRealm: Template method that may be implemented by subclasses should they wish to react to a CacheManager instance being set on the realm instance via the CachingRealm.setCacheManager(org.apache.shiro.cache.CacheManager) mutator.
afterEventBusSet() - Method in class org.apache.shiro.mgt.CachingSecurityManager: Template callback to notify subclasses that an EventBus has been set and is available for use via the getEventBus() method.
afterEventBusSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
afterEventBusSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager: Sets any configured EventBus on the SessionManager if necessary.
afterExpired(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
afterExpired(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
afterRealmsSet() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager: Passes on the realms to the internal delegate Authenticator instance so that it may use them during authentication attempts.
afterRealmsSet() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager: First calls super.afterRealmsSet() and then sets these same Realm objects on this instance's wrapped Authorizer.
afterRealmsSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
afterRoleCacheSet() - Method in class org.apache.shiro.realm.text.PropertiesRealm
afterSessionManagerSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
afterSessionValidationEnabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
afterStopped(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
afterStopped(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
AllowAllCredentialsMatcher - Class in org.apache.shiro.authc.credential: A credentials matcher that always returns true when matching credentials no matter what arguments are passed in.
AllowAllCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
AllPermission - Class in org.apache.shiro.authz.permission: An all AllPermission instance is one that always implies any other permission; that is, its implies method always returns true.
AllPermission() - Constructor for class org.apache.shiro.authz.permission.AllPermission
AllSuccessfulStrategy - Class in org.apache.shiro.authc.pam: AuthenticationStrategy implementation that requires all configured realms to successfully process the submitted AuthenticationToken during the log-in attempt.
AllSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.AllSuccessfulStrategy
AND - org.apache.shiro.authz.annotation.Logical
annotationClass - Variable in class org.apache.shiro.aop.AnnotationHandler: The type of annotation this handler will process.
AnnotationHandler - Class in org.apache.shiro.aop: Base support class for implementations that reads and processes JSR-175 annotations.
AnnotationHandler(Class<? extends Annotation>) - Constructor for class org.apache.shiro.aop.AnnotationHandler: Constructs an AnnotationHandler who processes annotations of the specified type.
AnnotationMethodInterceptor - Class in org.apache.shiro.aop: MethodInterceptor that inspects a specific annotation on the method invocation before continuing its execution.
AnnotationMethodInterceptor(AnnotationHandler) - Constructor for class org.apache.shiro.aop.AnnotationMethodInterceptor: Constructs an AnnotationMethodInterceptor with the AnnotationHandler that will be used to process annotations of a corresponding type.
AnnotationMethodInterceptor(AnnotationHandler, AnnotationResolver) - Constructor for class org.apache.shiro.aop.AnnotationMethodInterceptor: Constructs an AnnotationMethodInterceptor with the AnnotationHandler that will be used to process annotations of a corresponding type, using the specified AnnotationResolver to acquire annotations at runtime.
AnnotationResolver - Interface in org.apache.shiro.aop: Defines an AOP-framework-independent way of determining if an Annotation exists on a Method.
AnnotationsAuthorizingMethodInterceptor - Class in org.apache.shiro.authz.aop: An AnnotationsAuthorizingMethodInterceptor is a MethodInterceptor that asserts a given method is authorized to execute based on one or more configured AuthorizingAnnotationMethodInterceptors.
AnnotationsAuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor: Default no-argument constructor that defaults the methodInterceptors attribute to contain two interceptors by default - the RoleAnnotationMethodInterceptor and the PermissionAnnotationMethodInterceptor to support role and permission annotations.
AntPathMatcher - Class in org.apache.shiro.util: PathMatcher implementation for Ant-style path patterns.
AntPathMatcher() - Constructor for class org.apache.shiro.util.AntPathMatcher
applyCacheManagerToRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager: Sets the internal CacheManager on any internal configured Realms that implement the CacheManagerAware interface.
applyCacheManagerToSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager: Ensures the internal delegate SessionManager is injected with the newly set CacheManager so it may use it for its internal caching needs.
applyEventBusToCacheManager() - Method in class org.apache.shiro.mgt.CachingSecurityManager
applyEventBusToRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager: Sets the internal EventBus on any internal configured Realms that implement the EventBusAware interface.
applyEventBusToSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager: Ensures the internal delegate SessionManager is injected with the newly set EventBus so it may use it for its internal event needs.
applyGlobalSessionTimeout(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
applyPermissionResolverToRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer: Sets the internal ModularRealmAuthorizer.getPermissionResolver() on any internal configured Realms that implement the PermissionResolverAware interface.
applyRealmsToSecurityManager(Collection<Realm>, SecurityManager) - Method in class org.apache.shiro.config.IniSecurityManagerFactory: Deprecated.
applyRolePermissionResolverToRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer: Sets the internal ModularRealmAuthorizer.getRolePermissionResolver() on any internal configured Realms that implement the RolePermissionResolverAware interface.
asList() - Method in interface org.apache.shiro.subject.PrincipalCollection: Returns a single Subject's principals retrieved from all configured Realms as a List, or an empty List if there are not any principals.
asList() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
asList() - Method in class org.apache.shiro.subject.SimplePrincipalMap
asList(E...) - Static method in class org.apache.shiro.util.CollectionUtils
assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler: Ensures that the calling Subject is authenticated, and if not, throws an UnauthenticatedException indicating the method is not allowed to be executed.
assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationHandler: Ensures the calling Subject is authorized to execute based on the directive(s) found in the given annotation.
assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.GuestAnnotationHandler: Ensures that the calling Subject is NOT a user, that is, they do not have an identity before continuing.
assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.PermissionAnnotationHandler: Ensures that the calling Subject has the Annotation's specified permissions, and if not, throws an AuthorizingException indicating access is denied.
assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.RoleAnnotationHandler: Ensures that the calling Subject has the Annotation's specified roles, and if not, throws an AuthorizingException indicating that access is denied.
assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.UserAnnotationHandler: Ensures that the calling Subject is a user, that is, they are either authenticated or remembered via remember me services before allowing access, and if not, throws an AuthorizingException indicating access is not allowed.
assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor: Iterates over the internal methodInterceptors collection, and for each one, ensures that if the interceptor supports the invocation, that the interceptor asserts that the invocation is authorized to proceed.
assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor: Ensures the calling Subject is authorized to execute the specified MethodInvocation.
assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor: Asserts that the specified MethodInvocation is allowed to continue by performing any necessary authorization (access control) checks first.
assertAuthzCheckPossible() - Method in class org.apache.shiro.subject.support.DelegatingSubject
assertCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.realm.AuthenticatingRealm: Asserts that the submitted AuthenticationToken's credentials match the stored account AuthenticationInfo's credentials, and if not, throws an AuthenticationException.
assertRealmsConfigured() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
assertRealmsConfigured() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer: Used by the Authorizer implementation methods to ensure that the realms has been set.
asSet() - Method in interface org.apache.shiro.subject.PrincipalCollection: Returns a single Subject's principals retrieved from all configured Realms as a Set, or an empty Set if there are not any principals.
asSet() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
asSet() - Method in class org.apache.shiro.subject.SimplePrincipalMap
asSet(E...) - Static method in class org.apache.shiro.util.CollectionUtils
assignSessionId(Session, Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO: Utility method available to subclasses that wish to assign a generated session ID to the session instance directly.
associateWith(Runnable) - Method in interface org.apache.shiro.subject.Subject: Returns a Runnable instance matching the given argument while additionally ensuring that it will retain and execute under this Subject's identity.
associateWith(Runnable) - Method in class org.apache.shiro.subject.support.DelegatingSubject
associateWith(Callable<V>) - Method in interface org.apache.shiro.subject.Subject: Returns a Callable instance matching the given argument while additionally ensuring that it will retain and execute under this Subject's identity.
associateWith(Callable<V>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
associateWithSubject(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor: Utility method for subclasses to associate the argument Runnable with the currently executing subject and then return the associated Runnable.
associateWithSubject(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
associateWithSubject(Callable<T>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
AtLeastOneSuccessfulStrategy - Class in org.apache.shiro.authc.pam: AuthenticationStrategy implementation that requires at least one configured realm to successfully process the submitted AuthenticationToken during the log-in attempt.
AtLeastOneSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy
authenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.AbstractAuthenticator: Implementation of the Authenticator interface that functions in the following manner: Calls template doAuthenticate method for subclass execution of the actual authentication behavior. If an AuthenticationException is thrown during doAuthenticate, notify any registered AuthenticationListeners of the exception and then propagate the exception for the caller to handle. If no exception is thrown (indicating a successful login), notify any registered AuthenticationListeners of the successful attempt. Return the AuthenticationInfo
authenticate(AuthenticationToken) - Method in interface org.apache.shiro.authc.Authenticator: Authenticates a user based on the submitted AuthenticationToken.
authenticate(AuthenticationToken) - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager: Delegates to the wrapped Authenticator for authentication.
authenticated - Variable in class org.apache.shiro.subject.support.DelegatingSubject
authenticated(boolean) - Method in class org.apache.shiro.subject.Subject.Builder: Ensures the Subject being built will be considered authenticated.
AUTHENTICATED_SESSION_KEY - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext: The session key that is used to store whether or not the user is authenticated.
AuthenticatedAnnotationHandler - Class in org.apache.shiro.authz.aop: Handles RequiresAuthentication annotations and ensures the calling subject is authenticated before allowing access.
AuthenticatedAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler: Default no-argument constructor that ensures this handler to process RequiresAuthentication annotations.
AuthenticatedAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop: Checks to see if a @RequiresAuthenticated annotation is declared, and if so, ensures the calling Subject.isAuthenticated() before invoking the method.
AuthenticatedAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationMethodInterceptor: Default no-argument constructor that ensures this interceptor looks for RequiresAuthentication annotations in a method declaration.
AuthenticatedAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationMethodInterceptor
AuthenticatingRealm - Class in org.apache.shiro.realm: A top-level abstract implementation of the Realm interface that only implements authentication support (log-in) operations and leaves authorization (access control) behavior to subclasses.
AuthenticatingRealm() - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
AuthenticatingRealm(CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
AuthenticatingRealm(CacheManager) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
AuthenticatingRealm(CacheManager, CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
AuthenticatingSecurityManager - Class in org.apache.shiro.mgt: Shiro support of a SecurityManager class hierarchy that delegates all authentication operations to a wrapped Authenticator instance.
AuthenticatingSecurityManager() - Constructor for class org.apache.shiro.mgt.AuthenticatingSecurityManager: Default no-arg constructor that initializes its internal authenticator instance to a ModularRealmAuthenticator.
authentication - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory: Deprecated.
AuthenticationException - Exception in org.apache.shiro.authc: General exception thrown due to an error during the Authentication process.
AuthenticationException() - Constructor for exception org.apache.shiro.authc.AuthenticationException: Creates a new AuthenticationException.
AuthenticationException(String) - Constructor for exception org.apache.shiro.authc.AuthenticationException: Constructs a new AuthenticationException.
AuthenticationException(String, Throwable) - Constructor for exception org.apache.shiro.authc.AuthenticationException: Constructs a new AuthenticationException.
AuthenticationException(Throwable) - Constructor for exception org.apache.shiro.authc.AuthenticationException: Constructs a new AuthenticationException.
AuthenticationInfo - Interface in org.apache.shiro.authc: AuthenticationInfo represents a Subject's (aka user's) stored account information relevant to the authentication/log-in process only.
AuthenticationListener - Interface in org.apache.shiro.authc: An AuthenticationListener listens for notifications while Subjects authenticate with the system.
authenticationQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
AuthenticationStrategy - Interface in org.apache.shiro.authc.pam: A AuthenticationStrategy implementation assists the ModularRealmAuthenticator during the log-in process in a pluggable realm (PAM) environment.
AuthenticationToken - Interface in org.apache.shiro.authc: An AuthenticationToken is a consolidation of an account's principals and supporting credentials submitted by a user during an authentication attempt.
Authenticator - Interface in org.apache.shiro.authc: An Authenticator is responsible for authenticating accounts in an application.
AuthorizationException - Exception in org.apache.shiro.authz: Exception thrown if there is a problem during authorization (access control check).
AuthorizationException() - Constructor for exception org.apache.shiro.authz.AuthorizationException: Creates a new AuthorizationException.
AuthorizationException(String) - Constructor for exception org.apache.shiro.authz.AuthorizationException: Constructs a new AuthorizationException.
AuthorizationException(String, Throwable) - Constructor for exception org.apache.shiro.authz.AuthorizationException: Constructs a new AuthorizationException.
AuthorizationException(Throwable) - Constructor for exception org.apache.shiro.authz.AuthorizationException: Constructs a new AuthorizationException.
AuthorizationInfo - Interface in org.apache.shiro.authz: AuthorizationInfo represents a single Subject's stored authorization data (roles, permissions, etc) used during authorization (access control) checks only.
Authorizer - Interface in org.apache.shiro.authz: An Authorizer performs authorization (access control) operations for any given Subject (aka 'application user').
AuthorizingAnnotationHandler - Class in org.apache.shiro.authz.aop: An AnnotationHandler that executes authorization (access control) behavior based on directive(s) found in a JSR-175 Annotation.
AuthorizingAnnotationHandler(Class<? extends Annotation>) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationHandler: Constructs an AuthorizingAnnotationHandler who processes annotations of the specified type.
AuthorizingAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop: An AnnotationMethodInterceptor that asserts the calling code is authorized to execute the method before allowing the invocation to continue by inspecting code annotations to perform an access control check.
AuthorizingAnnotationMethodInterceptor(AuthorizingAnnotationHandler) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor: Constructor that ensures the internal handler is set which will be used to perform the authorization assertion checks when a supported annotation is encountered.
AuthorizingAnnotationMethodInterceptor(AuthorizingAnnotationHandler, AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
AuthorizingMethodInterceptor - Class in org.apache.shiro.authz.aop: Basic abstract class to support intercepting methods that perform authorization (access control) checks.
AuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
AuthorizingRealm - Class in org.apache.shiro.realm: An AuthorizingRealm extends the AuthenticatingRealm's capabilities by adding Authorization (access control) support.
AuthorizingRealm() - Constructor for class org.apache.shiro.realm.AuthorizingRealm
AuthorizingRealm(CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
AuthorizingRealm(CacheManager) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
AuthorizingRealm(CacheManager, CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
AuthorizingSecurityManager - Class in org.apache.shiro.mgt: Shiro support of a SecurityManager class hierarchy that delegates all authorization (access control) operations to a wrapped Authorizer instance.
AuthorizingSecurityManager() - Constructor for class org.apache.shiro.mgt.AuthorizingSecurityManager: Default no-arg constructor that initializes an internal default ModularRealmAuthorizer.
awaitTermination(long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

B

BasicIniEnvironment - Class in org.apache.shiro.env

Basic usage:

BasicIniEnvironment(String) - Constructor for class org.apache.shiro.env.BasicIniEnvironment

BasicIniEnvironment(Ini) - Constructor for class org.apache.shiro.env.BasicIniEnvironment

BearerToken - Class in org.apache.shiro.authc

A AuthenticationToken that contains an a Bearer token or API key, typically received via an HTTP Authorization header.

BearerToken(String) - Constructor for class org.apache.shiro.authc.BearerToken

BearerToken(String, String) - Constructor for class org.apache.shiro.authc.BearerToken

beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy

Simply returns new SimpleAuthenticationInfo();, which supports aggregating account data across realms.

beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy

Method invoked by the ModularAuthenticator signifying that the authentication process is about to begin for the specified token - called before any Realm is actually invoked.

beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy

Returns null immediately, relying on this class's merge implementation to return only the first info object it encounters, ignoring all subsequent ones.

beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy

Simply returns the aggregate method argument, without modification.

beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AllSuccessfulStrategy

Because all realms in this strategy must complete successfully, this implementation ensures that the given Realm supports the given token argument.

beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy

Method invoked by the ModularAuthenticator just prior to the realm being consulted for account data, allowing pre-authentication-attempt logic for that realm only.

beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy

Throws ShortCircuitIterationException if stopAfterFirstSuccess is set and authentication is successful with a previously consulted realm.

beforeInvalidNotification(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

Returns the session instance to use to pass to registered SessionListeners for notification that the session has been invalidated (stopped or expired).

beforeLogout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

beforeSessionValidationDisabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

bind() - Method in class org.apache.shiro.subject.support.SubjectThreadState

Binds a Subject and SecurityManager to the ThreadContext so they can be retrieved later by any SecurityUtils.getSubject() calls that might occur during the thread's execution.

bind() - Method in interface org.apache.shiro.util.ThreadState

Binds any state that should be made accessible during a thread's execution.

bind(String, Object) - Method in class org.apache.shiro.jndi.JndiTemplate

Bind the given object to the current JNDI context, using the given name.

bind(SecurityManager) - Static method in class org.apache.shiro.util.ThreadContext

Convenience method that simplifies binding the application's SecurityManager instance to the ThreadContext.

bind(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Deprecated.
in favor of save(subject).

bind(Subject) - Static method in class org.apache.shiro.util.ThreadContext

Convenience method that simplifies binding a Subject to the ThreadContext.

buildAuthenticationInfo(String, char[]) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

buildAuthorizationInfo(Set<String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

Builder() - Constructor for class org.apache.shiro.subject.Subject.Builder

Constructs a new Subject.Builder instance, using the SecurityManager instance available to the calling code as determined by a call to SecurityUtils.getSecurityManager() to build the Subject instance.

Builder(SecurityManager) - Constructor for class org.apache.shiro.subject.Subject.Builder

Constructs a new Subject.Builder instance which will use the specified SecurityManager when building the Subject instance.

buildHashRequest(ByteSource, Hash) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

buildSubject() - Method in class org.apache.shiro.subject.Subject.Builder

Creates and returns a new Subject instance reflecting the cumulative state acquired by the other methods in this class.

byType(Class<T>) - Method in interface org.apache.shiro.subject.PrincipalCollection

Returns all principals assignable from the specified type, or an empty Collection if no principals of that type are contained.

byType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalCollection

byType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalMap

C

cache(Session, Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Caches the specified session under the cache entry key of sessionId.

cache(Session, Serializable, Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Caches the specified session in the given cache under the key of sessionId.

CachingRealm - Class in org.apache.shiro.realm

A very basic abstract extension point for the Realm interface that provides caching support for subclasses.

CachingRealm() - Constructor for class org.apache.shiro.realm.CachingRealm

Default no-argument constructor that defaults cachingEnabled (for general caching) to true and sets a default name based on the class name.

CachingSecurityManager - Class in org.apache.shiro.mgt

A very basic starting point for the SecurityManager interface that merely provides logging and caching support.

CachingSecurityManager() - Constructor for class org.apache.shiro.mgt.CachingSecurityManager

Default no-arg constructor that will automatically attempt to initialize a default cacheManager

CachingSessionDAO - Class in org.apache.shiro.session.mgt.eis

An CachingSessionDAO is a SessionDAO that provides a transparent caching layer between the components that use it and the underlying EIS (Enterprise Information System) session backing store (for example, filesystem, database, enterprise grid/cloud, etc).

CachingSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Default no-arg constructor.

call() - Method in class org.apache.shiro.subject.support.SubjectCallable

checkHashFormatDurability() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

checkPermission(String) - Method in interface org.apache.shiro.subject.Subject

Ensures this Subject implies the specified permission String.

checkPermission(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject

checkPermission(Permission) - Method in interface org.apache.shiro.subject.Subject

Ensures this Subject implies the specified Permission.

checkPermission(Permission) - Method in class org.apache.shiro.subject.support.DelegatingSubject

checkPermission(Permission, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkPermission(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer

Ensures the corresponding Subject/user implies the specified permission String.

checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

If !

checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkPermission(PrincipalCollection, Permission) - Method in interface org.apache.shiro.authz.Authorizer

Ensures a subject/user Permission.implies(Permission) implies} the specified Permission.

checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

If !

checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkPermissions(String...) - Method in interface org.apache.shiro.subject.Subject

Ensures this Subject implies all of the specified permission strings.

checkPermissions(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject

checkPermissions(Collection<Permission>) - Method in interface org.apache.shiro.subject.Subject

Ensures this Subject implies all of the specified permission strings.

checkPermissions(Collection<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject

checkPermissions(Collection<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkPermissions(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer

Ensures the corresponding Subject/user implies all of the specified permission strings.

checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

If !

checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkPermissions(PrincipalCollection, Collection<Permission>) - Method in interface org.apache.shiro.authz.Authorizer

Ensures the corresponding Subject/user implies all of the specified permission strings.

checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

If !

checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkRole(String) - Method in interface org.apache.shiro.subject.Subject

Asserts this Subject has the specified role by returning quietly if they do or throwing an AuthorizationException if they do not.

checkRole(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject

checkRole(String, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkRole(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer

Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an AuthorizationException if they do not.

checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

If !

checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkRoles(String...) - Method in interface org.apache.shiro.subject.Subject

Same as checkRoles(CollectionroleIdentifiers) but doesn't require a collection as a an argument.

checkRoles(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject

checkRoles(Collection<String>) - Method in interface org.apache.shiro.subject.Subject

Asserts this Subject has all of the specified roles by returning quietly if they do or throwing an AuthorizationException if they do not.

checkRoles(Collection<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject

checkRoles(Collection<String>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkRoles(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer

Same as checkRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers) but doesn't require a collection as an argument.

checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Calls checkRole for each role specified.

checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkRoles(PrincipalCollection, Collection<String>) - Method in interface org.apache.shiro.authz.Authorizer

Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or throwing an AuthorizationException if they do not.

checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Calls checkRoles(PrincipalCollection principals, String... roles) .

checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm

checkValid(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

checkValid(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns quietly if the associated session is valid (it exists and is not stopped or expired) or throws an InvalidSessionException indicating that the session id is invalid.

clear() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Clears out (nulls) the username, password, rememberMe, and inetAddress.

clear() - Method in interface org.apache.shiro.subject.MutablePrincipalCollection

Removes all Principals in this collection.

clear() - Method in class org.apache.shiro.subject.SimplePrincipalCollection

clear() - Method in class org.apache.shiro.subject.SimplePrincipalMap

clear() - Method in class org.apache.shiro.subject.support.SubjectThreadState

Completely removes the ThreadContext state.

clear() - Method in class org.apache.shiro.util.MapContext

clear() - Method in interface org.apache.shiro.util.ThreadState

Completely clears/removes the ThreadContext state.

clearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm

Clears out any cached data associated with the specified account identity/identities.

clearCachedAuthenticationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Clears out the AuthenticationInfo cache entry for the specified account.

clearCachedAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm

Clears out the AuthorizationInfo cache entry for the specified account.

closeConnection(Connection) - Static method in class org.apache.shiro.util.JdbcUtils

Close the given JDBC Connection and ignore any thrown exception.

closeContext(LdapContext) - Static method in class org.apache.shiro.realm.ldap.LdapUtils

Closes an LDAP context, logging any errors, but not throwing an exception if there is a failure.

closeEnumeration(NamingEnumeration) - Static method in class org.apache.shiro.realm.ldap.LdapUtils

closeResultSet(ResultSet) - Static method in class org.apache.shiro.util.JdbcUtils

Close the given JDBC ResultSet and ignore any thrown exception.

closeStatement(Statement) - Static method in class org.apache.shiro.util.JdbcUtils

Close the given JDBC Statement and ignore any thrown exception.

CollectionUtils - Class in org.apache.shiro.util

Static helper class for use dealing with Collections.

CollectionUtils() - Constructor for class org.apache.shiro.util.CollectionUtils

COLUMN - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle

ConcurrentAccessException - Exception in org.apache.shiro.authc

Thrown when an authentication attempt has been received for an account that has already been authenticated (i.e. logged-in), and the system is configured to prevent such concurrent access.

ConcurrentAccessException() - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException

Creates a new ConcurrentAccessException.

ConcurrentAccessException(String) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException

Constructs a new ConcurrentAccessException.

ConcurrentAccessException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException

Constructs a new ConcurrentAccessException.

ConcurrentAccessException(Throwable) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException

Constructs a new ConcurrentAccessException.

CONTAINER_PREFIX - Static variable in class org.apache.shiro.jndi.JndiLocator

JNDI prefix used in a J2EE container

containsKey(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap

containsKey(Object) - Method in class org.apache.shiro.util.MapContext

containsValue(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap

containsValue(Object) - Method in class org.apache.shiro.util.MapContext

contextAttribute(String, Object) - Method in class org.apache.shiro.subject.Subject.Builder

Allows custom attributes to be added to the underlying context Map used to construct the Subject instance.

contextFactoryClassName - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

convertBytesToPrincipals(byte[], SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

If a cipherService is available, it will be used to first decrypt the byte array.

convertJndiName(String) - Method in class org.apache.shiro.jndi.JndiLocator

Convert the given JNDI name into the actual JNDI name to use.

convertPrincipalsToBytes(PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Converts the given principal collection the byte array that will be persisted to be 'remembered' later.

copy(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

create(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

Persists the given session instance to an underlying EIS (Enterprise Information System).

create(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO

Creates the session by delegating EIS creation to subclasses via the AbstractSessionDAO.doCreate(org.apache.shiro.session.Session) method, and then asserting that the returned sessionId is not null.

create(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Calls super.create(session), then caches the session keyed by the returned sessionId, and then returns this sessionId.

create(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO

Inserts a new Session record into the underling EIS (e.g.

createActiveSessionsCache() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Creates a cache instance used to store active sessions.

createAuthenticationInfo(AuthenticationToken, Object, Object, LdapContext) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Returns the AuthenticationInfo resulting from a Subject's successful LDAP authentication attempt.

createByteSource(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

createDefaultInstance() - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

createDefaultInstance() - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

createDefaults(Ini, Ini.Section) - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

createExposedSession(Session, SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

createExposedSession(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

createHashRequest(ByteSource) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

createInitialContext() - Method in class org.apache.shiro.jndi.JndiTemplate

Create a new JNDI initial context.

createInstance() - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

Creates a new object instance by using a configured INI source.

createInstance() - Method in class org.apache.shiro.util.AbstractFactory

createInstance(Ini) - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

createInstance(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

createLdapContext(Hashtable) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

Creates and returns a new InitialLdapContext instance.

createLdapContext(Hashtable) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Creates and returns a new InitialLdapContext instance.

createRealm(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

Creates a Realm from the Ini instance containing account data.

createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

Creates a new Session Session instance based on the specified (possibly null) initialization data.

createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

createSession(SessionContext) - Method in interface org.apache.shiro.session.mgt.SessionFactory

Creates a new Session instance based on the specified contextual initialization data.

createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.SimpleSessionFactory

Creates a new SimpleSession instance retaining the context's host if one can be found.

createSessionContext() - Method in class org.apache.shiro.subject.support.DelegatingSubject

createSessionContext(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

createSessionValidationScheduler() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

createSubject(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Creates a Subject instance for the user represented by the given method arguments.

createSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

This implementation functions as follows:

createSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSubjectFactory

createSubject(SubjectContext) - Method in interface org.apache.shiro.mgt.SecurityManager

Creates a Subject instance reflecting the specified contextual data.

createSubject(SubjectContext) - Method in interface org.apache.shiro.mgt.SubjectFactory

Creates a new Subject instance reflecting the state of the specified contextual data.

createSubjectContext() - Method in class org.apache.shiro.mgt.DefaultSecurityManager

credentials - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo

The credentials verifying the account principals.

CredentialsException - Exception in org.apache.shiro.authc

Exception thrown due to a problem with the credential(s) submitted for an account during the authentication process.

CredentialsException() - Constructor for exception org.apache.shiro.authc.CredentialsException

Creates a new CredentialsException.

CredentialsException(String) - Constructor for exception org.apache.shiro.authc.CredentialsException

Constructs a new CredentialsException.

CredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.CredentialsException

Constructs a new CredentialsException.

CredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.CredentialsException

Constructs a new CredentialsException.

CredentialsMatcher - Interface in org.apache.shiro.authc.credential

Interface implemented by classes that can determine if an AuthenticationToken's provided credentials matches a corresponding account's credentials stored in the system.

credentialsSalt - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo

Any salt used in hashing the credentials.

CRYPT - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle

D

DataAccessException - Exception in org.apache.shiro.dao

Generic exception representing a problem when attempting to access data.

DataAccessException(String) - Constructor for exception org.apache.shiro.dao.DataAccessException

Constructs a DataAccessException with a message explaining the cause of the exception.

DataAccessException(String, Throwable) - Constructor for exception org.apache.shiro.dao.DataAccessException

Constructs a DataAccessException with a message explaining the cause of the exception.

dataSource - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm

decorate(Session) - Method in class org.apache.shiro.subject.support.DelegatingSubject

decrypt(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Decrypts the byte array using the configured cipherService.

DEFAULT_AUTHENTICATION_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm

The default query used to retrieve account data for the user.

DEFAULT_CASE_SENSITIVE - Static variable in class org.apache.shiro.authz.permission.WildcardPermission

DEFAULT_CONTEXT_FACTORY_CLASS_NAME - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

DEFAULT_GLOBAL_SESSION_TIMEOUT - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager

Default main session timeout value, equal to 30 minutes.

DEFAULT_HASH_ALGORITHM - Static variable in class org.apache.shiro.authc.credential.DefaultPasswordService

DEFAULT_HASH_ITERATIONS - Static variable in class org.apache.shiro.authc.credential.DefaultPasswordService

DEFAULT_INI_RESOURCE_PATH - Static variable in class org.apache.shiro.config.IniFactorySupport

Deprecated.

DEFAULT_PATH_SEPARATOR - Static variable in class org.apache.shiro.util.AntPathMatcher

Default path separator: "/"

DEFAULT_PERMISSIONS_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm

The default query used to retrieve permissions that apply to a particular role.

DEFAULT_REFERRAL - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

DEFAULT_SALTED_AUTHENTICATION_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm

The default query used to retrieve account data for the user when JdbcRealm.saltStyle is COLUMN.

DEFAULT_SECURITY_MANAGER_KEY - Static variable in class org.apache.shiro.env.DefaultEnvironment

The default name under which the application's SecurityManager instance may be acquired, equal to securityManager.

DEFAULT_SESSION_VALIDATION_INTERVAL - Static variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

The default interval at which sessions will be validated (1 hour); This can be overridden by calling AbstractValidatingSessionManager.setSessionValidationInterval(long)

DEFAULT_USER_ROLES_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm

The default query used to retrieve the roles that apply to a user.

DefaultAnnotationResolver - Class in org.apache.shiro.aop

Default AnnotationResolver implementation that merely inspects the MethodInvocation's target method, and returns targetMethod.getAnnotation(class).

DefaultAnnotationResolver() - Constructor for class org.apache.shiro.aop.DefaultAnnotationResolver

DefaultEnvironment - Class in org.apache.shiro.env

Simple/default Environment implementation that stores Shiro objects as key-value pairs in a Map instance.

DefaultEnvironment() - Constructor for class org.apache.shiro.env.DefaultEnvironment

Creates a new instance with a thread-safe ConcurrentHashMap backing map.

DefaultEnvironment(Map<String, ?>) - Constructor for class org.apache.shiro.env.DefaultEnvironment

Creates a new instance with the specified backing map.

DefaultLdapContextFactory - Class in org.apache.shiro.realm.ldap

Deprecated.
replaced by the JndiLdapContextFactory implementation. This implementation will be removed prior to Shiro 2.0

DefaultLdapContextFactory() - Constructor for class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

DefaultLdapRealm - Class in org.apache.shiro.realm.ldap

An LDAP Realm implementation utilizing Sun's/Oracle's JNDI API as an LDAP API.

DefaultLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.DefaultLdapRealm

Default no-argument constructor that defaults the internal LdapContextFactory instance to a JndiLdapContextFactory.

DefaultPasswordService - Class in org.apache.shiro.authc.credential

Default implementation of the PasswordService interface that relies on an internal HashService, HashFormat, and HashFormatFactory to function:

DefaultPasswordService() - Constructor for class org.apache.shiro.authc.credential.DefaultPasswordService

DefaultSecurityManager - Class in org.apache.shiro.mgt

The Shiro framework's default concrete implementation of the SecurityManager interface, based around a collection of Realms.

DefaultSecurityManager() - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager

Default no-arg constructor.

DefaultSecurityManager(Collection<Realm>) - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager

Supporting constructor for multiple realms.

DefaultSecurityManager(Realm) - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager

Supporting constructor for a single-realm application.

DefaultSessionContext - Class in org.apache.shiro.session.mgt

Default implementation of the SessionContext interface which provides getters and setters that wrap interaction with the underlying backing context map.

DefaultSessionContext() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionContext

DefaultSessionContext(Map<String, Object>) - Constructor for class org.apache.shiro.session.mgt.DefaultSessionContext

DefaultSessionKey - Class in org.apache.shiro.session.mgt

Default implementation of the SessionKey interface, which allows setting and retrieval of a concrete sessionId that the SessionManager implementation can use to look up a Session instance.

DefaultSessionKey() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionKey

DefaultSessionKey(Serializable) - Constructor for class org.apache.shiro.session.mgt.DefaultSessionKey

DefaultSessionManager - Class in org.apache.shiro.session.mgt

Default business-tier implementation of a ValidatingSessionManager.

DefaultSessionManager() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionManager

DefaultSessionStorageEvaluator - Class in org.apache.shiro.mgt

A Default SessionStorageEvaluator that provides reasonable control over if and how Sessions may be used for storing Subject state.

DefaultSessionStorageEvaluator() - Constructor for class org.apache.shiro.mgt.DefaultSessionStorageEvaluator

DefaultSubjectContext - Class in org.apache.shiro.subject.support

Default implementation of the SubjectContext interface.

DefaultSubjectContext() - Constructor for class org.apache.shiro.subject.support.DefaultSubjectContext

DefaultSubjectContext(SubjectContext) - Constructor for class org.apache.shiro.subject.support.DefaultSubjectContext

DefaultSubjectDAO - Class in org.apache.shiro.mgt

Default SubjectDAO implementation that stores Subject state in the Subject's Session by default (but this can be disabled - see below).

DefaultSubjectDAO() - Constructor for class org.apache.shiro.mgt.DefaultSubjectDAO

DefaultSubjectFactory - Class in org.apache.shiro.mgt

Default SubjectFactory implementation that creates DelegatingSubject instances.

DefaultSubjectFactory() - Constructor for class org.apache.shiro.mgt.DefaultSubjectFactory

delegate - Variable in class org.apache.shiro.session.ProxiedSession

The proxied instance

DelegatingSession - Class in org.apache.shiro.session.mgt

A DelegatingSession is a client-tier representation of a server side Session.

DelegatingSession(NativeSessionManager, SessionKey) - Constructor for class org.apache.shiro.session.mgt.DelegatingSession

DelegatingSubject - Class in org.apache.shiro.subject.support

Implementation of the Subject interface that delegates method calls to an underlying SecurityManager instance for security checks.

DelegatingSubject(SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject

DelegatingSubject(PrincipalCollection, boolean, String, Session, boolean, SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject

DelegatingSubject(PrincipalCollection, boolean, String, Session, SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject

delete(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

delete(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Removes the specified session from any cache and then permanently deletes the session from the EIS by delegating to CachingSessionDAO.doDelete(org.apache.shiro.session.Session).

delete(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO

delete(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO

Deletes the associated EIS record of the specified session.

delete(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Removes (or 'unbinds') the Subject's state from the application, typically called during DefaultSecurityManager.logout(org.apache.shiro.subject.Subject)..

delete(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Removes any existing subject state from the subject's session (if the session exists).

delete(Subject) - Method in interface org.apache.shiro.mgt.SubjectDAO

Removes any persisted state for the specified Subject instance.

deserialize(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

De-serializes the given byte array by using the serializer's deserialize method.

destroy() - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

destroy() - Method in class org.apache.shiro.env.DefaultEnvironment

destroy() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager

destroy() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

destroy() - Method in class org.apache.shiro.mgt.CachingSecurityManager

Destroys the cacheManager via LifecycleUtils.destroy.

destroy() - Method in class org.apache.shiro.mgt.RealmSecurityManager

destroy() - Method in class org.apache.shiro.mgt.SessionsSecurityManager

destroy() - Method in class org.apache.shiro.realm.text.PropertiesRealm

Destroy reload scheduler if one exists.

destroy() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

DisabledAccountException - Exception in org.apache.shiro.authc

Thrown when attempting to authenticate and the corresponding account has been disabled for some reason.

DisabledAccountException() - Constructor for exception org.apache.shiro.authc.DisabledAccountException

Creates a new DisabledAccountException.

DisabledAccountException(String) - Constructor for exception org.apache.shiro.authc.DisabledAccountException

Constructs a new DisabledAccountException.

DisabledAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.DisabledAccountException

Constructs a new DisabledAccountException.

DisabledAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.DisabledAccountException

Constructs a new DisabledAccountException.

DisabledSessionException - Exception in org.apache.shiro.subject.support

Exception thrown if attempting to create a new Subject session, but that Subject's sessions are disabled.

DisabledSessionException(String) - Constructor for exception org.apache.shiro.subject.support.DisabledSessionException

disableSessionValidation() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

disableSessionValidation() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

disableSessionValidation() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler

Disables the session validation job.

doAuthenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.AbstractAuthenticator

Template design pattern hook for subclasses to implement specific authentication behavior.

doAuthenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Attempts to authenticate the given token by iterating over the internal collection of Realms.

doCall(Callable<V>) - Method in class org.apache.shiro.subject.support.SubjectCallable

doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm

This implementation clears out any cached authentication data by calling AuthenticatingRealm.clearCachedAuthenticationInfo(org.apache.shiro.subject.PrincipalCollection).

doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm

Calls super.doClearCache to ensure any cached authentication data is removed and then calls AuthorizingRealm.clearCachedAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) to remove any cached authorization data.

doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm

This implementation does nothing - it is a template to be overridden by subclasses if necessary.

doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO

Subclass hook to actually persist the given Session instance to the underlying EIS.

doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO

doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO

doCreateSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

doCreateSession(SessionContext) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

doCreateSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Actually creates a Subject instance by delegating to the internal subjectFactory.

doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.AllowAllCredentialsMatcher

Returns true always no matter what the method arguments are.

doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.credential.CredentialsMatcher

Returns true if the provided token credentials match the stored account credentials, false otherwise.

doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

This implementation first hashes the token's credentials, potentially using a salt if the info argument is a SaltedAuthenticationInfo.

doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.PasswordMatcher

doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher

This implementation acquires the token's credentials (via getCredentials(token)) and then the account's credentials (via getCredentials(account)) and then passes both of them to the equals(tokenCredentials, accountCredentials) method for equality comparison.

doDelete(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Subclass implementation hook to permanently delete the given Session from the underlying EIS.

doDelete(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO

doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.

doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Delegates to DefaultLdapRealm.queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory), wrapping any NamingExceptions in a Shiro AuthenticationException to satisfy the parent method signature.

doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.SimpleAccountRealm

doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm

Retrieves the AuthorizationInfo for the given principals from the underlying data store.

doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

This implementation of the interface expects the principals collection to return a String username keyed off of this realm's name

doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.SimpleAccountRealm

doGetSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

doGetSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

doInContext(Context) - Method in interface org.apache.shiro.jndi.JndiCallback

Do something with the given JNDI context.

DomainPermission - Class in org.apache.shiro.authz.permission

Provides a base Permission class from which type-safe/domain-specific subclasses may extend.

DomainPermission() - Constructor for class org.apache.shiro.authz.permission.DomainPermission

Creates a domain permission with *all* actions for *all* targets;

DomainPermission(String) - Constructor for class org.apache.shiro.authz.permission.DomainPermission

DomainPermission(String, String) - Constructor for class org.apache.shiro.authz.permission.DomainPermission

DomainPermission(Set<String>, Set<String>) - Constructor for class org.apache.shiro.authz.permission.DomainPermission

doMatch(String, String, boolean) - Method in class org.apache.shiro.util.AntPathMatcher

Actually match the given path against the given pattern.

doMultiRealmAuthentication(Collection<Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Performs the multi-realm authentication attempt by calling back to a AuthenticationStrategy object as each realm is consulted for AuthenticationInfo for the specified token.

doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO

Subclass implementation hook that retrieves the Session object from the underlying EIS or null if a session with that ID could not be found.

doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO

doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO

doRun(Runnable) - Method in class org.apache.shiro.subject.support.SubjectRunnable

Simply calls the target Runnable's run() method.

doSingleRealmAuthentication(Realm, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Performs the authentication attempt by interacting with the single configured realm, which is significantly simpler than performing multi-realm logic.

doUpdate(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Subclass implementation hook to actually persist the Session's state to the underlying EIS.

doUpdate(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO

doValidate(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

E

enableSessionValidation() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

enableSessionValidation() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

Creates a single thread ScheduledExecutorService to validate sessions at fixed intervals and enables this scheduler.

enableSessionValidation() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler

Enables the session validation job.

encrypt(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Encrypts the byte array by using the configured cipherService.

encryptPassword(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

encryptPassword(Object) - Method in interface org.apache.shiro.authc.credential.PasswordService

Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset' workflow) into a formatted string safe for storage.

ensureCombinedPrincipals() - Method in class org.apache.shiro.subject.SimplePrincipalMap

ensureSecurityManager(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Determines if there is a SecurityManager instance in the context, and if not, adds 'this' to the context.

EnterpriseCacheSessionDAO - Class in org.apache.shiro.session.mgt.eis

SessionDAO implementation that relies on an enterprise caching product as the EIS system of record for all sessions.

EnterpriseCacheSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO

entrySet() - Method in class org.apache.shiro.subject.SimplePrincipalMap

entrySet() - Method in class org.apache.shiro.util.MapContext

Environment - Interface in org.apache.shiro.env

An Environment instance encapsulates all of the objects that Shiro requires to function.

EnvironmentException - Exception in org.apache.shiro.env

Exception thrown for errors related to Environment instances or configuration.

EnvironmentException(String) - Constructor for exception org.apache.shiro.env.EnvironmentException

EnvironmentException(String, Throwable) - Constructor for exception org.apache.shiro.env.EnvironmentException

equals(Object) - Method in class org.apache.shiro.authc.SimpleAccount

Returns true if the specified object is also a SimpleAccount and its principals are equal to this object's principals, false otherwise.

equals(Object) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Returns true if the Object argument is an instanceof SimpleAuthenticationInfo and its principals are equal to this instance's principals, false otherwise.

equals(Object) - Method in class org.apache.shiro.authz.permission.WildcardPermission

equals(Object) - Method in class org.apache.shiro.authz.SimpleRole

equals(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession

Returns true if the specified argument is an instanceof SimpleSession and both ids are equal.

equals(Object) - Method in class org.apache.shiro.subject.SimplePrincipalCollection

equals(Object, Object) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher

Returns true if the tokenCredentials argument is logically equal to the accountCredentials argument.

ExcessiveAttemptsException - Exception in org.apache.shiro.authc

Thrown when a system is configured to only allow a certain number of authentication attempts over a period of time and the current session has failed to authenticate successfully within that number.

ExcessiveAttemptsException() - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException

Creates a new ExcessiveAttemptsException.

ExcessiveAttemptsException(String) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException

Constructs a new ExcessiveAttemptsException.

ExcessiveAttemptsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException

Constructs a new ExcessiveAttemptsException.

ExcessiveAttemptsException(Throwable) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException

Constructs a new ExcessiveAttemptsException.

execute(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor

Executes the specified runnable by first associating it with the currently executing Subject and then dispatches the associated Runnable to the underlying target Executor instance.

execute(Runnable) - Method in interface org.apache.shiro.subject.Subject

Associates the specified Runnable with this Subject instance and then executes it on the currently running thread.

execute(Runnable) - Method in class org.apache.shiro.subject.support.DelegatingSubject

execute(Callable<V>) - Method in interface org.apache.shiro.subject.Subject

Associates the specified Callable with this Subject instance and then executes it on the currently running thread.

execute(Callable<V>) - Method in class org.apache.shiro.subject.support.DelegatingSubject

execute(JndiCallback) - Method in class org.apache.shiro.jndi.JndiTemplate

Execute the given JNDI context callback implementation.

ExecutionException - Exception in org.apache.shiro.subject

Exception wrapping any potential checked exception thrown when a Subject executes a Callable.

ExecutionException(String, Throwable) - Constructor for exception org.apache.shiro.subject.ExecutionException

ExecutionException(Throwable) - Constructor for exception org.apache.shiro.subject.ExecutionException

ExecutorServiceSessionValidationScheduler - Class in org.apache.shiro.session.mgt

SessionValidationScheduler implementation that uses a ScheduledExecutorService to call ValidatingSessionManager.validateSessions() every interval milliseconds.

ExecutorServiceSessionValidationScheduler() - Constructor for class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

ExecutorServiceSessionValidationScheduler(ValidatingSessionManager) - Constructor for class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

expire() - Method in class org.apache.shiro.session.mgt.SimpleSession

ExpiredCredentialsException - Exception in org.apache.shiro.authc

Thrown during the authentication process when the system determines the submitted credential(s) has expired and will not allow login.

ExpiredCredentialsException() - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException

Creates a new ExpiredCredentialsException.

ExpiredCredentialsException(String) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException

Constructs a new ExpiredCredentialsException.

ExpiredCredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException

Constructs a new ExpiredCredentialsException.

ExpiredCredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException

Constructs a new ExpiredCredentialsException.

ExpiredSessionException - Exception in org.apache.shiro.session

A special case of a StoppedSessionException.

ExpiredSessionException() - Constructor for exception org.apache.shiro.session.ExpiredSessionException

Creates a new ExpiredSessionException.

ExpiredSessionException(String) - Constructor for exception org.apache.shiro.session.ExpiredSessionException

Constructs a new ExpiredSessionException.

ExpiredSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.ExpiredSessionException

Constructs a new ExpiredSessionException.

ExpiredSessionException(Throwable) - Constructor for exception org.apache.shiro.session.ExpiredSessionException

Constructs a new ExpiredSessionException.

EXTERNAL - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle

extractPathWithinPattern(String, String) - Method in class org.apache.shiro.util.AntPathMatcher

Given a pattern and a full path, determine the pattern-mapped part.

F

fileLastModified - Variable in class org.apache.shiro.realm.text.PropertiesRealm

FirstSuccessfulStrategy - Class in org.apache.shiro.authc.pam

AuthenticationStrategy implementation that only accepts the account data from the first successfully consulted Realm and ignores all subsequent realms.

FirstSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.FirstSuccessfulStrategy

forgetIdentity(Subject) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Forgets (removes) any remembered identity data for the specified Subject instance.

forgetIdentity(SubjectContext) - Method in interface org.apache.shiro.mgt.RememberMeManager

Forgets any remembered identity corresponding to the subject context map being used to build a subject instance.

fromRealm(String) - Method in interface org.apache.shiro.subject.PrincipalCollection

Returns a single Subject's principals retrieved from the specified Realm only as a Collection, or an empty Collection if there are not any principals from that realm.

fromRealm(String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection

fromRealm(String) - Method in class org.apache.shiro.subject.SimplePrincipalMap

G

generateId(Session) - Method in class org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator

Ignores the method argument and simply returns UUID.randomUUID().toString().

generateId(Session) - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator

Returns the String value of the configured Random's nextLong() invocation.

generateId(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionIdGenerator

Generates a new ID to be applied to the specified Session instance.

generateSessionId(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO

Generates a new ID to be applied to the specified session instance.

get(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap

get(Object) - Method in class org.apache.shiro.util.MapContext

get(Object) - Static method in class org.apache.shiro.util.ThreadContext

Returns the object for the specified key that is bound to the current thread.

getActions() - Method in class org.apache.shiro.authz.permission.DomainPermission

getActiveSessions() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

getActiveSessions() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

getActiveSessions() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Returns all active sessions in the system.

getActiveSessions() - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO

getActiveSessions() - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO

Returns all sessions in the EIS that are considered active, meaning all sessions that haven't been stopped/expired.

getActiveSessionsCache() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Returns the cache instance to use for storing active sessions.

getActiveSessionsCacheName() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Returns the name of the actives sessions cache to be returned by the CacheManager.

getAllAttributeValues(Attribute) - Static method in class org.apache.shiro.realm.ldap.LdapUtils

Helper method used to retrieve all attribute values from a particular context attribute.

getAnnotation(MethodInvocation) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor

Returns the Annotation that this interceptor will process for the specified method invocation.

getAnnotation(MethodInvocation, Class<? extends Annotation>) - Method in interface org.apache.shiro.aop.AnnotationResolver

Returns an Annotation instance of the specified type based on the given MethodInvocation argument, or null if no annotation of that type could be found.

getAnnotation(MethodInvocation, Class<? extends Annotation>) - Method in class org.apache.shiro.aop.DefaultAnnotationResolver

Returns methodInvocation.getMethod().getAnnotation(clazz).

getAnnotationClass() - Method in class org.apache.shiro.aop.AnnotationHandler

Returns the type of annotation this handler inspects and processes.

getAnnotationValue(Annotation) - Method in class org.apache.shiro.authz.aop.PermissionAnnotationHandler

Returns the annotation value, from which the Permission will be constructed.

getArguments() - Method in interface org.apache.shiro.aop.MethodInvocation

Returns the (possibly null) arguments to be supplied to the method invocation.

getAttribute(Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession

getAttribute(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession

getAttribute(Object) - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

getAttribute(Object) - Method in interface org.apache.shiro.session.Session

Returns the object bound to this session identified by the specified key.

getAttribute(SessionKey, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getAttribute(SessionKey, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns the object bound to the associated session identified by the specified attribute key.

getAttributeKeys() - Method in class org.apache.shiro.session.mgt.DelegatingSession

getAttributeKeys() - Method in class org.apache.shiro.session.mgt.SimpleSession

getAttributeKeys() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

getAttributeKeys() - Method in interface org.apache.shiro.session.Session

Returns the keys of all the attributes stored under this session.

getAttributeKeys(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getAttributeKeys(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns all attribute keys maintained by the target session or an empty collection if there are no attributes.

getAttributes() - Method in class org.apache.shiro.session.mgt.SimpleSession

getAuthenticationCache() - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns a Cache instance to use for authentication caching, or null if no cache has been set.

getAuthenticationCacheKey(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns the key under which AuthenticationInfo instances are cached if authentication caching is enabled.

getAuthenticationCacheKey(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns the key under which AuthenticationInfo instances are cached if authentication caching is enabled.

getAuthenticationCacheName() - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns the name of a Cache to lookup from any available cacheManager if a cache is not explicitly configured via AuthenticatingRealm.setAuthenticationCache(org.apache.shiro.cache.Cache).

getAuthenticationInfo() - Method in interface org.apache.shiro.subject.SubjectContext

getAuthenticationInfo() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm

This implementation functions as follows: It attempts to acquire any cached AuthenticationInfo corresponding to the specified AuthenticationToken argument.

getAuthenticationInfo(AuthenticationToken) - Method in interface org.apache.shiro.realm.Realm

Returns an account's authentication-specific information for the specified token, or null if no account could be found based on the token.

getAuthenticationListeners() - Method in class org.apache.shiro.authc.AbstractAuthenticator

Returns the AuthenticationListeners that should be notified during authentication attempts.

getAuthenticationMechanism() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns the type of LDAP authentication mechanism to use when connecting to the LDAP server.

getAuthenticationStrategy() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Returns the AuthenticationStrategy utilized by this modular authenticator during a multi-realm log-in attempt.

getAuthenticationToken() - Method in interface org.apache.shiro.subject.SubjectContext

getAuthenticationToken() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getAuthenticationTokenClass() - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns the authenticationToken class supported by this realm.

getAuthenticator() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager

Returns the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations.

getAuthorizationCache() - Method in class org.apache.shiro.realm.AuthorizingRealm

getAuthorizationCacheKey(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm

getAuthorizationCacheName() - Method in class org.apache.shiro.realm.AuthorizingRealm

getAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm

Returns an account's authorization-specific information for the specified principals, or null if no account could be found.

getAuthorizer() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

Returns the underlying wrapped Authorizer instance to which this SecurityManager implementation delegates all of its authorization calls.

getAvailablePrincipal(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm

A utility method for subclasses that returns the first available principal of interest to this particular realm.

getBeans() - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

getCachedSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Returns the cached session with the corresponding sessionId or null if there is no session cached under that id (or if there is no Cache).

getCachedSession(Serializable, Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Returns the Session with the specified id from the specified cache.

getCacheManager() - Method in class org.apache.shiro.mgt.CachingSecurityManager

Returns the CacheManager used by this SecurityManager.

getCacheManager() - Method in class org.apache.shiro.realm.CachingRealm

Returns the CacheManager used for data caching to reduce EIS round trips, or null if caching is disabled.

getCacheManager() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Returns the CacheManager to use for acquiring the activeSessionsCache if one is not configured.

getCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Convenience method that returns the cipher key to use for both encryption and decryption.

getCipherService() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Returns the CipherService to use for encrypting and decrypting serialized identity data to prevent easy inspection of Subject identity data.

getContextFactory() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication attempts and authorization queries.

getContextFactoryClassName() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Sets the name of the ContextFactory class to use.

getCredentials() - Method in interface org.apache.shiro.authc.AuthenticationInfo

Returns the credentials associated with the corresponding Subject.

getCredentials() - Method in interface org.apache.shiro.authc.AuthenticationToken

Returns the credentials submitted by the user during the authentication process that verifies the submitted account identity.

getCredentials() - Method in class org.apache.shiro.authc.BearerToken

getCredentials() - Method in class org.apache.shiro.authc.SimpleAccount

Simply returns this.authcInfo.getCredentials.

getCredentials() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

getCredentials() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Returns the password char array.

getCredentials(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Returns a Hash instance representing the already-hashed AuthenticationInfo credentials stored in the system.

getCredentials(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher

Returns the account's credentials.

getCredentials(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher

Returns the token's credentials.

getCredentialsMatcher() - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns the CredentialsMatcher used during an authentication attempt to verify submitted credentials with those stored in the system.

getCredentialsSalt() - Method in interface org.apache.shiro.authc.SaltedAuthenticationInfo

Returns the salt used to salt the account's credentials or null if no salt was used.

getCredentialsSalt() - Method in class org.apache.shiro.authc.SimpleAccount

Returns the salt used to hash this Account's credentials (eg for password hashing), or null if no salt was used or credentials were not hashed at all.

getCredentialsSalt() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Returns the salt used to hash the credentials, or null if no salt was used or credentials were not hashed at all.

getDecryptionCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Returns the decryption cipher key to use for decryption operations.

getDefaults() - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

Returns a mapping of String to bean representing the default set of object used by the factory.

getDomain() - Method in class org.apache.shiro.authz.permission.DomainPermission

getDomain(Class<? extends DomainPermission>) - Method in class org.apache.shiro.authz.permission.DomainPermission

getEncryptionCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Returns the cipher key to use for encryption operations.

getEnvironment() - Method in class org.apache.shiro.jndi.JndiTemplate

Return the environment for the JNDI InitialContext, or null if none should be used.

getEnvironment() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns the base JNDI environment template to use when acquiring an LDAP connection (an LdapContext).

getEventBus() - Method in class org.apache.shiro.mgt.CachingSecurityManager

Returns the EventBus used by this SecurityManager and potentially any of its children components.

getEventBus() - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

Returns the EventBus used to publish SessionEvents.

getGlobalSessionTimeout() - Method in class org.apache.shiro.session.mgt.AbstractSessionManager

Returns the system-wide default time in milliseconds that any session may remain idle before expiring.

getHandler() - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor

Returns the AnnotationHandler used to perform authorization behavior based on an annotation discovered at runtime.

getHashAlgorithmName() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Returns the Hash algorithmName to use when performing hashes for credentials matching.

getHashFormat() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

getHashFormatFactory() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

getHashIterations() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Returns the number of times a submitted AuthenticationToken's credentials will be hashed before comparing to the credentials stored in the system.

getHashService() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

getHost() - Method in class org.apache.shiro.authc.BearerToken

getHost() - Method in interface org.apache.shiro.authc.HostAuthenticationToken

Returns the host name of the client from where the authentication attempt originates or if the Shiro environment cannot or chooses not to resolve the hostname to improve performance, this method returns the String representation of the client's IP address.

getHost() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Returns the host name or IP string from where the authentication attempt occurs.

getHost() - Method in exception org.apache.shiro.authz.HostUnauthorizedException

Returns the host associated with this exception.

getHost() - Method in class org.apache.shiro.session.mgt.DefaultSessionContext

getHost() - Method in class org.apache.shiro.session.mgt.DelegatingSession

getHost() - Method in interface org.apache.shiro.session.mgt.SessionContext

Returns the originating host name or IP address (as a String) from where the Subject is initiating the Session.

getHost() - Method in class org.apache.shiro.session.mgt.SimpleSession

getHost() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

getHost() - Method in interface org.apache.shiro.session.Session

Returns the host name or IP string of the host that originated this session, or null if the host is unknown.

getHost() - Method in interface org.apache.shiro.subject.SubjectContext

Returns the host name or IP that should reflect the constructed Subject's originating location.

getHost() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getHost() - Method in class org.apache.shiro.subject.support.DelegatingSubject

Returns the host name or IP associated with the client who created/is interacting with this Subject.

getHost(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getHost(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns the host name or IP string of the host where the session was started, if known.

getId() - Method in class org.apache.shiro.session.mgt.DelegatingSession

getId() - Method in class org.apache.shiro.session.mgt.SimpleSession

getId() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

getId() - Method in interface org.apache.shiro.session.Session

Returns the unique identifier assigned by the system upon session creation.

getIdentityToRemember(Subject, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Returns info.getPrincipals() and ignores the Subject argument.

getIni() - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

getIni() - Method in class org.apache.shiro.realm.text.IniRealm

Returns the Ini instance used to configure this realm.

getInstance() - Method in class org.apache.shiro.jndi.JndiObjectFactory

getInstance() - Method in class org.apache.shiro.util.AbstractFactory

getInterval() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

getJndiEnvironment() - Method in class org.apache.shiro.jndi.JndiLocator

Return the JNDI environment to use for JNDI lookups.

getJndiNames() - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory

Returns the JNDI names that will be used to look up Realm(s) from JNDI.

getJndiTemplate() - Method in class org.apache.shiro.jndi.JndiLocator

Return the JNDI template to use for JNDI lookups.

getLastAccessTime() - Method in class org.apache.shiro.session.mgt.DelegatingSession

getLastAccessTime() - Method in class org.apache.shiro.session.mgt.SimpleSession

getLastAccessTime() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

getLastAccessTime() - Method in interface org.apache.shiro.session.Session

Returns the last time the application received a request or method invocation from the user associated with this session.

getLastAccessTime(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getLastAccessTime(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns the time the associated Session last interacted with the system.

getLdapContext(Object, Object) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

getLdapContext(Object, Object) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

This implementation returns an LdapContext based on the configured JNDI/LDAP environment configuration.

getLdapContext(Object, Object) - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory

Creates (or retrieves from a pool) an LdapContext connection bound using the specified principal and credentials.

getLdapContext(String, String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.
the DefaultLdapContextFactory.getLdapContext(Object, Object) method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release.

getLdapContext(String, String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Deprecated.
the JndiLdapContextFactory.getLdapContext(Object, Object) method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release.

getLdapContext(String, String) - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory

Deprecated.
the LdapContextFactory.getLdapContext(Object, Object) method should be used in all cases to ensure more than String principals and credentials can be used.

getLdapPrincipal(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Returns the principal to use when creating the LDAP connection for an authentication attempt.

getMajorVersion() - Static method in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Get the major version code.

getMethod() - Method in interface org.apache.shiro.aop.MethodInvocation

Returns the actual Method to be invoked.

getMethodInterceptors() - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor

Returns the method interceptors to execute for the annotated method.

getName() - Method in class org.apache.shiro.authz.SimpleRole

getName() - Method in class org.apache.shiro.realm.CachingRealm

getName() - Method in interface org.apache.shiro.realm.Realm

Returns the (application-unique) name assigned to this Realm.

getName(String, String) - Method in class org.apache.shiro.realm.text.PropertiesRealm

getObject(String, Class<T>) - Method in class org.apache.shiro.env.DefaultEnvironment

getObject(String, Class<T>) - Method in interface org.apache.shiro.env.NamedObjectEnvironment

Returns the object in Shiro's environment with the specified name and type or null if no object with that name was found.

getObjectPermissions() - Method in class org.apache.shiro.authc.SimpleAccount

Returns all object-based permissions assigned directly to this Account (not any of its realms).

getObjectPermissions() - Method in interface org.apache.shiro.authz.AuthorizationInfo

Returns all type-safe Permissions assigned to the corresponding Subject.

getObjectPermissions() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo

getObjects() - Method in class org.apache.shiro.env.DefaultEnvironment

Returns the live (modifiable) internal objects collection.

getParts() - Method in class org.apache.shiro.authz.permission.WildcardPermission

getPassword() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Returns the password submitted during an authentication attempt as a character array.

getPasswordService() - Method in class org.apache.shiro.authc.credential.PasswordMatcher

getPermissionResolver() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns the PermissionResolver to be used on all configured realms, or null

getPermissionResolver() - Method in class org.apache.shiro.realm.AuthorizingRealm

getPermissions() - Method in class org.apache.shiro.authz.SimpleRole

getPermissions(Connection, String, Collection<String>) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

getPermissions(AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

getPermissionString() - Method in exception org.apache.shiro.authz.permission.InvalidPermissionStringException

Returns the permission string that was invalid and caused this exception to be thrown.

getPreviousPrincipals() - Method in interface org.apache.shiro.subject.Subject

Returns the previous 'pre run as' identity of this Subject before assuming the current runAs identity, or null if this Subject is not operating under an assumed identity (normal state).

getPreviousPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject

getPrimaryPrincipal() - Method in interface org.apache.shiro.subject.PrincipalCollection

Returns the primary principal used application-wide to uniquely identify the owning account/Subject.

getPrimaryPrincipal() - Method in class org.apache.shiro.subject.SimplePrincipalCollection

Returns the first available principal from any of the Realm principals, or null if there are no principals yet.

getPrimaryPrincipal() - Method in class org.apache.shiro.subject.SimplePrincipalMap

getPrincipal() - Method in interface org.apache.shiro.authc.AuthenticationToken

Returns the account identity submitted during the authentication process.

getPrincipal() - Method in class org.apache.shiro.authc.BearerToken

getPrincipal() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Simply returns getUsername().

getPrincipal() - Method in interface org.apache.shiro.subject.Subject

Returns this Subject's application-wide uniquely identifying principal, or null if this Subject is anonymous because it doesn't yet have any associated account data (for example, if they haven't logged in).

getPrincipal() - Method in class org.apache.shiro.subject.support.DelegatingSubject

getPrincipals() - Method in interface org.apache.shiro.authc.AuthenticationInfo

Returns all principals associated with the corresponding Subject.

getPrincipals() - Method in class org.apache.shiro.authc.SimpleAccount

Returns the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this Account.

getPrincipals() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

getPrincipals() - Method in interface org.apache.shiro.subject.Subject

Returns this Subject's principals (identifying attributes) in the form of a PrincipalCollection or null if this Subject is anonymous because it doesn't yet have any associated account data (for example, if they haven't logged in).

getPrincipals() - Method in interface org.apache.shiro.subject.SubjectContext

Returns the principals (aka identity) that the constructed Subject should reflect.

getPrincipals() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject

getPrincipalsLazy(String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection

getRandom() - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator

getRealmNames() - Method in interface org.apache.shiro.subject.PrincipalCollection

Returns the realm names that this collection has principals for.

getRealmNames() - Method in class org.apache.shiro.subject.SimplePrincipalCollection

getRealmNames() - Method in class org.apache.shiro.subject.SimplePrincipalMap

getRealmPrincipal(String, String) - Method in interface org.apache.shiro.subject.PrincipalMap

getRealmPrincipal(String, String) - Method in class org.apache.shiro.subject.SimplePrincipalMap

getRealmPrincipals(String) - Method in interface org.apache.shiro.subject.PrincipalMap

getRealmPrincipals(String) - Method in class org.apache.shiro.subject.SimplePrincipalMap

getRealms() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Returns the realm(s) used by this Authenticator during an authentication attempt.

getRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns the realms wrapped by this Authorizer which are consulted during an authorization check.

getRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager

Returns the Realms managed by this SecurityManager instance.

getRealms() - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory

Performs the JNDI lookups for each specified JNDI name and returns all discovered Realms in an ordered collection.

getRealms() - Method in interface org.apache.shiro.realm.RealmFactory

Returns a collection of Realm instances that will be used to construct the application's SecurityManager instance.

getReferral() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns the LDAP referral behavior when creating a connection.

getReflectionBuilder() - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

Returns the ReflectionBuilder instance used to create SecurityManagers object graph.

getRememberedIdentity(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

getRememberedPrincipals(SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Implements the interface method by first acquiring the remembered serialized byte array.

getRememberedPrincipals(SubjectContext) - Method in interface org.apache.shiro.mgt.RememberMeManager

Based on the specified subject context map being used to build a Subject instance, returns any previously remembered principals for the subject for automatic identity association (aka 'Remember Me').

getRememberedSerializedIdentity(SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Based on the given subject context data, retrieves the previously persisted serialized identity, or null if there is no available data.

getRememberMeManager() - Method in class org.apache.shiro.mgt.DefaultSecurityManager

getRequiredType() - Method in class org.apache.shiro.jndi.JndiObjectFactory

getResolver() - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor

Returns the AnnotationResolver to use to acquire annotations from intercepted methods at runtime.

getResourceName() - Method in class org.apache.shiro.jndi.JndiObjectFactory

getResourcePath() - Method in class org.apache.shiro.realm.text.IniRealm

getResources() - Static method in class org.apache.shiro.util.ThreadContext

Returns the ThreadLocal Map.

getRole(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm

getRoleDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

getRolename(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm

getRoleNamesForGroups(Collection<String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

This method is called by the default implementation to translate Active Directory group names to role names.

getRoleNamesForUser(String, LdapContext) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

getRoleNamesForUser(Connection, String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

getRolePermissionResolver() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns the RolePermissionResolver to be used on all configured realms, or null

getRolePermissionResolver() - Method in class org.apache.shiro.realm.AuthorizingRealm

getRoles() - Method in class org.apache.shiro.authc.SimpleAccount

Returns this.authzInfo.getRoles();

getRoles() - Method in interface org.apache.shiro.authz.AuthorizationInfo

Returns the names of all roles assigned to a corresponding Subject.

getRoles() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo

getSalt(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Deprecated.
since Shiro 1.1. Hash salting is now expected to be based on if the AuthenticationInfo returned from the Realm is a SaltedAuthenticationInfo instance and its getCredentialsSalt() method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if the Realm does not return SaltedAuthenticationInfo instances, but it is highly recommended that Realm implementations that support hashed credentials start returning SaltedAuthenticationInfo instances as soon as possible.
This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0.

getSaltForUser(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

getSecurityManager() - Method in class org.apache.shiro.env.DefaultEnvironment

Returns the application's SecurityManager instance accessible in the backing map using the securityManagerName property as the lookup key.

getSecurityManager() - Method in interface org.apache.shiro.env.Environment

Returns the application's SecurityManager instance.

getSecurityManager() - Static method in class org.apache.shiro.SecurityUtils

Returns the SecurityManager accessible to the calling code.

getSecurityManager() - Method in interface org.apache.shiro.subject.SubjectContext

Returns the SecurityManager instance that should be used to back the constructed Subject instance or null if one has not yet been provided to this context.

getSecurityManager() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getSecurityManager() - Method in class org.apache.shiro.subject.support.DelegatingSubject

getSecurityManager() - Static method in class org.apache.shiro.util.ThreadContext

Convenience method that simplifies retrieval of the application's SecurityManager instance from the current thread.

getSecurityManagerName() - Method in class org.apache.shiro.env.DefaultEnvironment

Returns the name of the SecurityManager instance in the backing map.

getSerializer() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Returns the Serializer used to serialize and deserialize PrincipalCollection instances for persistent remember me storage.

getSession() - Method in interface org.apache.shiro.subject.Subject

Returns the application Session associated with this Subject.

getSession() - Method in interface org.apache.shiro.subject.SubjectContext

Returns the Session to use when building the Subject instance.

getSession() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getSession() - Method in class org.apache.shiro.subject.support.DelegatingSubject

getSession(boolean) - Method in interface org.apache.shiro.subject.Subject

Returns the application Session associated with this Subject.

getSession(boolean) - Method in class org.apache.shiro.subject.support.DelegatingSubject

getSession(SessionKey) - Method in class org.apache.shiro.mgt.SessionsSecurityManager

getSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getSession(SessionKey) - Method in interface org.apache.shiro.session.mgt.SessionManager

Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), or null if no Session could be found.

getSessionDAO() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

getSessionFactory() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

Returns the SessionFactory used to generate new Session instances.

getSessionId() - Method in class org.apache.shiro.session.mgt.DefaultSessionContext

getSessionId() - Method in class org.apache.shiro.session.mgt.DefaultSessionKey

getSessionId() - Method in interface org.apache.shiro.session.mgt.SessionContext

getSessionId() - Method in interface org.apache.shiro.session.mgt.SessionKey

Returns the id of the session to acquire.

getSessionId() - Method in interface org.apache.shiro.subject.SubjectContext

Returns the session id of the session that should be associated with the constructed Subject instance.

getSessionId() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getSessionId(SessionKey) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

getSessionIdGenerator() - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO

Returns the SessionIdGenerator used by the AbstractSessionDAO.generateSessionId(org.apache.shiro.session.Session) method.

getSessionKey(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

getSessionListeners() - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager

Returns this security manager's internal delegate SessionManager.

getSessionManager() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

getSessionStorageEvaluator() - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Returns the SessionStorageEvaluator that will determine if a Subject's state may be persisted in the Subject's session.

getSessionValidationInterval() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

getSessionValidationScheduler() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

getStartTimestamp() - Method in class org.apache.shiro.session.mgt.DelegatingSession

getStartTimestamp() - Method in class org.apache.shiro.session.mgt.SimpleSession

getStartTimestamp() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

getStartTimestamp() - Method in interface org.apache.shiro.session.Session

Returns the time the session was started; that is, the time the system created the instance.

getStartTimestamp(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getStartTimestamp(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns the time the associated Session started (was created).

getStopAfterFirstSuccess() - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy

getStopTimestamp() - Method in class org.apache.shiro.session.mgt.SimpleSession

Returns the time the session was stopped, or null if the session is still active.

getStoredPassword(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.PasswordMatcher

getStringPermissions() - Method in class org.apache.shiro.authc.SimpleAccount

Returns all String-based permissions assigned to this Account.

getStringPermissions() - Method in interface org.apache.shiro.authz.AuthorizationInfo

Returns all string-based permissions assigned to the corresponding Subject.

getStringPermissions() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo

getSubject() - Method in class org.apache.shiro.aop.AnnotationHandler

Returns the Subject associated with the currently-executing code.

getSubject() - Method in class org.apache.shiro.aop.MethodInterceptorSupport

Returns the Subject associated with the currently-executing code.

getSubject() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor

Returns the currently Subject instance that should be associated with Runnable or Callable instances before being dispatched to the target Executor instance.

getSubject() - Static method in class org.apache.shiro.SecurityUtils

Returns the currently accessible Subject available to the calling code depending on runtime environment.

getSubject() - Method in interface org.apache.shiro.subject.SubjectContext

Returns any existing Subject that may be in use at the time the new Subject instance is being created.

getSubject() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

getSubject() - Method in class org.apache.shiro.subject.support.SubjectThreadState

Returns the Subject instance managed by this ThreadState implementation.

getSubject() - Static method in class org.apache.shiro.util.ThreadContext

Convenience method that simplifies retrieval of a thread-bound Subject.

getSubjectContext() - Method in class org.apache.shiro.subject.Subject.Builder

Returns the backing context used to build the Subject instance, available to subclasses since the context class attribute is marked as private.

getSubjectDAO() - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Returns the SubjectDAO responsible for persisting Subject state, typically used after login or when an Subject identity is discovered (eg after RememberMe services).

getSubjectFactory() - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Returns the SubjectFactory responsible for creating Subject instances exposed to the application.

getSubmittedPassword(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.PasswordMatcher

getSystemLdapContext() - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

getSystemLdapContext() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

This implementation delegates to JndiLdapContextFactory.getLdapContext(Object, Object) using the systemUsername and systemPassword properties as arguments.

getSystemLdapContext() - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory

Creates (or retrieves from a pool) a LdapContext connection bound using the system account, or anonymously if no system account is configured.

getSystemPassword() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns the password of the systemUsername that will be used when creating an LDAP connection used for authorization queries.

getSystemUsername() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns the system username that will be used when creating an LDAP connection used for authorization queries.

getTargetExecutor() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor

Returns the target Executor instance that will actually execute the subject-associated Runnable instances.

getTargetExecutorService() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

getTargets() - Method in class org.apache.shiro.authz.permission.DomainPermission

getTargetScheduledExecutorService() - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

getThis() - Method in interface org.apache.shiro.aop.MethodInvocation

Returns the object that holds the current joinpoint's static part.

getThreadNamePrefix() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

getTimeout() - Method in class org.apache.shiro.session.mgt.DelegatingSession

getTimeout() - Method in class org.apache.shiro.session.mgt.SimpleSession

getTimeout() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

getTimeout() - Method in interface org.apache.shiro.session.Session

Returns the time in milliseconds that the session session may remain idle before expiring.

getTimeout(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

getTimeout(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns the time in milliseconds that the associated session may remain idle before expiring.

getTimeout(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

Subclass template hook in case per-session timeout is not based on Session.getTimeout().

getToken() - Method in class org.apache.shiro.authc.BearerToken

getTypedValue(String, Class<E>) - Method in class org.apache.shiro.util.MapContext

Performs a get operation but additionally ensures that the value returned is of the specified type.

getUrl() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns the LDAP url to connect to.

getUser(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm

getUserDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

getUserDn(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Returns the LDAP User Distinguished Name (DN) to use when acquiring an LdapContext from the LdapContextFactory.

getUserDnPrefix() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Returns the User DN prefix to use when building a runtime User DN value or null if no userDnTemplate has been configured.

getUserDnSuffix() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Returns the User DN suffix to use when building a runtime User DN value.

getUserDnTemplate() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see the setUserDnTemplate JavaDoc for a full explanation.

getUsername() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Returns the username submitted during an authentication attempt.

getUsername(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm

getUsername(SimpleAccount) - Method in class org.apache.shiro.realm.SimpleAccountRealm

getUsername(PrincipalCollection) - Method in class org.apache.shiro.realm.SimpleAccountRealm

getVersion() - Static method in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Return the full Java version string, as returned by System.getProperty("java.version").

GuestAnnotationHandler - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresGuest annotation is declared, and if so, ensures the calling Subject does not have an identity before invoking the method.

GuestAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationHandler

Default no-argument constructor that ensures this interceptor looks for RequiresGuest annotations in a method declaration.

GuestAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresGuest annotation is declared, and if so, ensures the calling Subject does not have an identity before invoking the method.

GuestAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationMethodInterceptor

Default no-argument constructor that ensures this interceptor looks for RequiresGuest annotations in a method declaration.

GuestAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationMethodInterceptor

H

hasAllRoles(Collection<String>) - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject has all of the specified roles, false otherwise.

hasAllRoles(Collection<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject

hasAllRoles(PrincipalCollection, Collection<String>) - Method in interface org.apache.shiro.authz.Authorizer

Returns true if the corresponding Subject/user has all of the specified roles, false otherwise.

hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true iff any of the configured realms' ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String) call returns true for all roles specified, false otherwise.

hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm

hashCode() - Method in class org.apache.shiro.authc.SimpleAccount

If the principals are not null, returns principals.hashCode(), otherwise returns 0 (zero).

hashCode() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Returns the hashcode of the internal principals instance.

hashCode() - Method in class org.apache.shiro.authz.permission.WildcardPermission

hashCode() - Method in class org.apache.shiro.authz.SimpleRole

hashCode() - Method in class org.apache.shiro.session.mgt.SimpleSession

Returns the hashCode.

hashCode() - Method in class org.apache.shiro.subject.SimplePrincipalCollection

HashedCredentialsMatcher - Class in org.apache.shiro.authc.credential

A HashedCredentialMatcher provides support for hashing of supplied AuthenticationToken credentials before being compared to those in the AuthenticationInfo from the data store.

HashedCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.HashedCredentialsMatcher

JavaBeans-compatible no-arg constructor intended for use in IoC/Dependency Injection environments.

HashedCredentialsMatcher(String) - Constructor for class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Creates an instance using the specified hashAlgorithmName to hash submitted credentials.

HashingPasswordService - Interface in org.apache.shiro.authc.credential

A HashingPasswordService is a PasswordService that performs password encryption and comparisons based on cryptographic Hashes.

hashPassword(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

hashPassword(Object) - Method in interface org.apache.shiro.authc.credential.HashingPasswordService

Hashes the specified plaintext password using internal hashing configuration settings pertinent to password hashing.

hashProvidedCredentials(Object, Object, int) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Hashes the provided credentials a total of hashIterations times, using the given salt.

hashProvidedCredentials(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Hash the provided token's credentials using the salt stored with the account if the info instance is an instanceof SaltedAuthenticationInfo (see the class-level JavaDoc for why this is the preferred approach).

hasPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject

hasRole(String) - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject has the specified role, false otherwise.

hasRole(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject

hasRole(String, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

hasRole(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer

Returns true if the corresponding Subject/user has the specified role, false otherwise.

hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true if any of the configured realms' ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String) call returns true, false otherwise.

hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm

hasRoles(List<String>) - Method in interface org.apache.shiro.subject.Subject

Checks if this Subject has the specified roles, returning a boolean array indicating which roles are associated.

hasRoles(List<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject

hasRoles(List<String>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

hasRoles(PrincipalCollection, List<String>) - Method in interface org.apache.shiro.authz.Authorizer

Checks if the corresponding Subject/user has the specified roles, returning a boolean array indicating which roles are associated with the given subject.

hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Calls ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String) for each role name in the specified collection and places the return value from each call at the respective location in the returned array.

hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm

host - Variable in class org.apache.shiro.subject.support.DelegatingSubject

host(String) - Method in class org.apache.shiro.subject.Subject.Builder

Ensures the Subject being built will reflect the specified host name or IP as its originating location.

HostAuthenticationToken - Interface in org.apache.shiro.authc

A HostAuthenticationToken retains the host information from where an authentication attempt originates.

HostUnauthorizedException - Exception in org.apache.shiro.authz

Thrown when a particular client (that is, host address) has not been enabled to access the system or if the client has been enabled access but is not permitted to perform a particular operation or access a particular resource.

HostUnauthorizedException() - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException

Creates a new HostUnauthorizedException.

HostUnauthorizedException(String) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException

Constructs a new HostUnauthorizedException.

HostUnauthorizedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException

Constructs a new HostUnauthorizedException.

HostUnauthorizedException(Throwable) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException

Constructs a new HostUnauthorizedException.

I

ImmutableProxiedSession - Class in org.apache.shiro.session.mgt

Implementation of the Session interface that proxies another Session, but does not allow any 'write' operations to the underlying session.

ImmutableProxiedSession(Session) - Constructor for class org.apache.shiro.session.mgt.ImmutableProxiedSession

Constructs a new instance of this class proxying the specified Session.

implies(Permission) - Method in class org.apache.shiro.authz.permission.AllPermission

Always returns true, indicating any Subject granted this permission can do anything.

implies(Permission) - Method in interface org.apache.shiro.authz.Permission

Returns true if this current instance implies all the functionality and/or resource access described by the specified Permission argument, false otherwise.

implies(Permission) - Method in class org.apache.shiro.authz.permission.WildcardPermission

IncorrectCredentialsException - Exception in org.apache.shiro.authc

Thrown when attempting to authenticate with credential(s) that do not match the actual credentials associated with the account principal.

IncorrectCredentialsException() - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException

Creates a new IncorrectCredentialsException.

IncorrectCredentialsException(String) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException

Constructs a new IncorrectCredentialsException.

IncorrectCredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException

Constructs a new IncorrectCredentialsException.

IncorrectCredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException

Constructs a new IncorrectCredentialsException.

INI_REALM_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

IniFactorySupport<T> - Class in org.apache.shiro.config

Deprecated.
use Shiro's Environment mechanisms instead.

IniFactorySupport() - Constructor for class org.apache.shiro.config.IniFactorySupport

Deprecated.

IniFactorySupport(Ini) - Constructor for class org.apache.shiro.config.IniFactorySupport

Deprecated.

IniRealm - Class in org.apache.shiro.realm.text

A Realm implementation that creates SimpleAccount instances based on Ini configuration.

IniRealm() - Constructor for class org.apache.shiro.realm.text.IniRealm

IniRealm(String) - Constructor for class org.apache.shiro.realm.text.IniRealm

This constructor will immediately process the definitions in the Ini resolved from the specified resourcePath.

IniRealm(Ini) - Constructor for class org.apache.shiro.realm.text.IniRealm

This constructor will immediately process the definitions in the Ini argument.

IniSecurityManagerFactory - Class in org.apache.shiro.config

Deprecated.
use Shiro's Environment mechanisms instead.

IniSecurityManagerFactory() - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

Creates a new instance.

IniSecurityManagerFactory(String) - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

IniSecurityManagerFactory(Ini) - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

init() - Method in class org.apache.shiro.realm.AuthenticatingRealm

Initializes this realm and potentially enables an authentication cache, depending on configuration.

InvalidPermissionStringException - Exception in org.apache.shiro.authz.permission

Thrown by PermissionResolver.resolvePermission(String) when the String being parsed is not valid for that resolver.

InvalidPermissionStringException(String, String) - Constructor for exception org.apache.shiro.authz.permission.InvalidPermissionStringException

Constructs a new exception with the given message and permission string.

InvalidResourceUsageException - Exception in org.apache.shiro.dao

Root exception indicating invalid or incorrect usage of a data access resource.

InvalidResourceUsageException(String) - Constructor for exception org.apache.shiro.dao.InvalidResourceUsageException

Constructs an InvalidResourceUsageException with a message explaining the cause of the exception.

InvalidResourceUsageException(String, Throwable) - Constructor for exception org.apache.shiro.dao.InvalidResourceUsageException

Constructs a InvalidResourceUsageException with a message explaining the cause of the exception.

InvalidSessionException - Exception in org.apache.shiro.session

Exception thrown when attempting to interact with the system under an established session when that session is considered invalid.

InvalidSessionException() - Constructor for exception org.apache.shiro.session.InvalidSessionException

Creates a new InvalidSessionException.

InvalidSessionException(String) - Constructor for exception org.apache.shiro.session.InvalidSessionException

Constructs a new InvalidSessionException.

InvalidSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.InvalidSessionException

Constructs a new InvalidSessionException.

InvalidSessionException(Throwable) - Constructor for exception org.apache.shiro.session.InvalidSessionException

Constructs a new InvalidSessionException.

invoke(MethodInvocation) - Method in interface org.apache.shiro.aop.MethodInterceptor

Invokes the specified MethodInvocation, allowing implementations to perform pre/post/finally surrounding the actual invocation.

invoke(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor

Ensures the methodInvocation is allowed to execute first before proceeding by calling the assertAuthorized method first.

invoke(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor

Invokes the specified method (methodInvocation.proceed() if authorization is allowed by first calling assertAuthorized.

invokeAll(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

invokeAll(Collection<? extends Callable<T>>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

invokeAny(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

invokeAny(Collection<? extends Callable<T>>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

isAtLeastVersion14() - Static method in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Convenience method to determine if the current JVM is at least Java 1.4.

isAtLeastVersion15() - Static method in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Convenience method to determine if the current JVM is at least Java 1.5 (Java 5).

isAtLeastVersion16() - Static method in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Convenience method to determine if the current JVM is at least Java 1.6 (Java 6).

isAuthenticated() - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject/user proved their identity during their current session by providing valid credentials matching those known to the system, false otherwise.

isAuthenticated() - Method in interface org.apache.shiro.subject.SubjectContext

Returns true if the constructed Subject should be considered authenticated, false otherwise.

isAuthenticated() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

isAuthenticated() - Method in class org.apache.shiro.subject.support.DelegatingSubject

isAuthenticationCachingEnabled() - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns true if authentication caching should be utilized if a CacheManager has been configured, false otherwise.

isAuthenticationCachingEnabled(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Returns true if authentication caching should be utilized based on the specified AuthenticationToken and/or AuthenticationInfo, false otherwise.

isAuthorizationCachingEnabled() - Method in class org.apache.shiro.realm.AuthorizingRealm

Returns true if authorization caching should be utilized if a CacheManager has been configured, false otherwise.

isAutoApplyRealms(SecurityManager) - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

isCachingEnabled() - Method in class org.apache.shiro.realm.CachingRealm

Returns true if caching should be used if a CacheManager has been configured, false otherwise.

isCaseSensitive() - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver

Return true if this resolver produces case sensitive permissions.

isCredentialsExpired() - Method in class org.apache.shiro.authc.SimpleAccount

Returns whether or not the Account's credentials are expired.

isDeleteInvalidSessions() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

Returns true if sessions should be automatically deleted after they are discovered to be invalid, false if invalid sessions will be manually deleted by some process external to Shiro's control.

isEmpty() - Method in interface org.apache.shiro.subject.PrincipalCollection

Returns true if this collection is empty, false otherwise.

isEmpty() - Method in class org.apache.shiro.subject.SimplePrincipalCollection

isEmpty() - Method in class org.apache.shiro.subject.SimplePrincipalMap

isEmpty() - Method in class org.apache.shiro.util.MapContext

isEmpty(Collection) - Static method in class org.apache.shiro.util.CollectionUtils

Returns true if the specified Collection is null or empty, false otherwise.

isEmpty(Map) - Static method in class org.apache.shiro.util.CollectionUtils

Returns true if the specified Map is null or empty, false otherwise.

isEmpty(PrincipalCollection) - Static method in class org.apache.shiro.util.CollectionUtils

Deprecated.
Use PrincipalCollection.isEmpty() directly.

isEnabled() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

isEnabled() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler

Returns true if this Scheduler is enabled and ready to begin validation at the appropriate time, false otherwise.

isExpired() - Method in class org.apache.shiro.session.mgt.SimpleSession

Returns true if this session has expired, false otherwise.

isHashSalted() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Deprecated.
since Shiro 1.1. Hash salting is now expected to be based on if the AuthenticationInfo returned from the Realm is a SaltedAuthenticationInfo instance and its getCredentialsSalt() method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if the Realm does not return SaltedAuthenticationInfo instances, but it is highly recommended that Realm implementations that support hashed credentials start returning SaltedAuthenticationInfo instances as soon as possible.
This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0.

isLocked() - Method in class org.apache.shiro.authc.SimpleAccount

Returns true if this Account is locked and thus cannot be used to login, false otherwise.

isPattern(String) - Method in class org.apache.shiro.util.AntPathMatcher

isPermitted(String) - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject is permitted to perform an action or access a resource summarized by the specified permission string.

isPermitted(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject

isPermitted(String...) - Method in interface org.apache.shiro.subject.Subject

Checks if this Subject implies the given permission strings and returns a boolean array indicating which permissions are implied.

isPermitted(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject

isPermitted(List<Permission>) - Method in interface org.apache.shiro.subject.Subject

Checks if this Subject implies the given Permissions and returns a boolean array indicating which permissions are implied.

isPermitted(List<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject

isPermitted(List<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermitted(Permission) - Method in class org.apache.shiro.authz.SimpleRole

isPermitted(Permission) - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject is permitted to perform an action or access a resource summarized by the specified permission.

isPermitted(Permission) - Method in class org.apache.shiro.subject.support.DelegatingSubject

isPermitted(Permission, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermitted(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer

Returns true if the corresponding subject/user is permitted to perform an action or access a resource summarized by the specified permission string.

isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true if any of the configured realms' ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, String) returns true, false otherwise.

isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermitted(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer

Checks if the corresponding Subject implies the given permission strings and returns a boolean array indicating which permissions are implied.

isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true if any of the configured realms' ModularRealmAuthorizer.isPermittedAll(org.apache.shiro.subject.PrincipalCollection, String...) call returns true, false otherwise.

isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermitted(PrincipalCollection, List<Permission>) - Method in interface org.apache.shiro.authz.Authorizer

Checks if the corresponding Subject/user implies the given Permissions and returns a boolean array indicating which permissions are implied.

isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true if any of the configured realms' ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, List) call returns true, false otherwise.

isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermitted(PrincipalCollection, Permission) - Method in interface org.apache.shiro.authz.Authorizer

Returns true if the corresponding subject/user is permitted to perform an action or access a resource summarized by the specified permission.

isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true if any of the configured realms' ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission) call returns true, false otherwise.

isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermittedAll(String...) - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject implies all of the specified permission strings, false otherwise.

isPermittedAll(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject

isPermittedAll(Collection<Permission>) - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject implies all of the specified permissions, false otherwise.

isPermittedAll(Collection<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject

isPermittedAll(Collection<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermittedAll(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer

Returns true if the corresponding Subject/user implies all of the specified permission strings, false otherwise.

isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true if any of the configured realms' ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, String) call returns true for all of the specified string permissions, false otherwise.

isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in interface org.apache.shiro.authz.Authorizer

Returns true if the corresponding Subject/user implies all of the specified permissions, false otherwise.

isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Returns true if any of the configured realms' ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission) call returns true for all of the specified Permissions, false otherwise.

isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm

isPoolingConnections(Object) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns true if LDAP connection pooling should be used when acquiring a connection based on the specified account principal, false otherwise.

isPoolingEnabled() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Returns whether or not connection pooling should be used when possible and appropriate.

isRemembered() - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject has an identity (it is not anonymous) and the identity (aka principals) is remembered from a successful authentication during a previous session.

isRemembered() - Method in class org.apache.shiro.subject.support.DelegatingSubject

isRememberMe() - Method in interface org.apache.shiro.authc.RememberMeAuthenticationToken

Returns true if the submitting user wishes their identity (principal(s)) to be remembered across sessions, false otherwise.

isRememberMe() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Returns true if the submitting user wishes their identity (principal(s)) to be remembered across sessions, false otherwise.

isRememberMe(AuthenticationToken) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Determines whether or not remember me services should be performed for the specified token.

isResourceRef() - Method in class org.apache.shiro.jndi.JndiLocator

Return whether the lookup occurs in a J2EE container.

isRolename(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm

isRunAs() - Method in interface org.apache.shiro.subject.Subject

Returns true if this Subject is 'running as' another identity other than its original one or false otherwise (normal Subject state).

isRunAs() - Method in class org.apache.shiro.subject.support.DelegatingSubject

isSessionCreationEnabled() - Method in interface org.apache.shiro.subject.SubjectContext

Returns true if the constructed Subject should be allowed to create a session, false otherwise.

isSessionCreationEnabled() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

isSessionCreationEnabled() - Method in class org.apache.shiro.subject.support.DelegatingSubject

Returns true if this Subject is allowed to create sessions, false otherwise.

isSessionStorageEnabled() - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator

Returns true if any Subject's Session may be used to persist that Subject's state, false otherwise.

isSessionStorageEnabled(Subject) - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator

This implementation functions as follows: If the specified Subject already has an existing Session (typically because an application developer has called subject.getSession() already), Shiro will use that existing session to store subject state. If a Subject does not yet have a Session, this implementation checks the sessionStorageEnabled property: If sessionStorageEnabled is true (the default setting), a new session may be created to persist Subject state if necessary. If sessionStorageEnabled is false, a new session will not be created to persist session state. Most applications use Sessions and are OK with the default true setting for sessionStorageEnabled.

isSessionStorageEnabled(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Determines if the subject's session will be used to persist subject state or not.

isSessionStorageEnabled(Subject) - Method in interface org.apache.shiro.mgt.SessionStorageEvaluator

Returns true if the specified Subject's session may be used to persist that Subject's state, false otherwise.

isSessionValidationSchedulerEnabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

isShutdown() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

isSingleton() - Method in class org.apache.shiro.util.AbstractFactory

isStopped() - Method in class org.apache.shiro.session.mgt.SimpleSession

isStoredCredentialsHexEncoded() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Returns true if the system's stored credential hash is Hex encoded, false if it is Base64 encoded.

isTerminated() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

isTimedOut() - Method in class org.apache.shiro.session.mgt.SimpleSession

Determines if this session is expired.

isUsername(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm

isValid() - Method in class org.apache.shiro.session.mgt.SimpleSession

isValid() - Method in interface org.apache.shiro.session.mgt.ValidatingSession

isValid(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

isValid(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Returns true if the associated session is valid (it exists and is not stopped nor expired), false otherwise.

iterator() - Method in class org.apache.shiro.subject.SimplePrincipalCollection

iterator() - Method in class org.apache.shiro.subject.SimplePrincipalMap

J

JAVA_13 - Static variable in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Constant identifying the 1.3.x JVM (JDK 1.3).

JAVA_14 - Static variable in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Constant identifying the 1.4.x JVM (J2SE 1.4).

JAVA_15 - Static variable in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Constant identifying the 1.5 JVM (Java 5).

JAVA_16 - Static variable in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Constant identifying the 1.6 JVM (Java 6).

JAVA_17 - Static variable in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Constant identifying the 1.7 JVM.

JAVA_18 - Static variable in class org.apache.shiro.util.JavaEnvironment

Deprecated.

Constant identifying the 1.8 JVM.

JavaEnvironment - Class in org.apache.shiro.util

Deprecated.
This class is no longer used in Shiro and will be removed in the next major version.

JavaEnvironment() - Constructor for class org.apache.shiro.util.JavaEnvironment

Deprecated.

JavaUuidSessionIdGenerator - Class in org.apache.shiro.session.mgt.eis

SessionIdGenerator that generates String values of JDK UUID's as the session IDs.

JavaUuidSessionIdGenerator() - Constructor for class org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator

JdbcRealm - Class in org.apache.shiro.realm.jdbc

Realm that allows authentication and authorization via JDBC calls.

JdbcRealm() - Constructor for class org.apache.shiro.realm.jdbc.JdbcRealm

JdbcRealm.SaltStyle - Enum in org.apache.shiro.realm.jdbc

Password hash salt configuration.

JdbcUtils - Class in org.apache.shiro.util

A set of static helper methods for managing JDBC API objects.

JndiCallback - Interface in org.apache.shiro.jndi

Callback interface to be implemented by classes that need to perform an operation (such as a lookup) in a JNDI context.

JndiLdapContextFactory - Class in org.apache.shiro.realm.ldap

LdapContextFactory implementation using the default Sun/Oracle JNDI Ldap API, utilizing JNDI environment properties and an InitialContext.

JndiLdapContextFactory() - Constructor for class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Default no-argument constructor that initializes the backing environment template with the contextFactoryClassName equal to com.sun.jndi.ldap.LdapCtxFactory (the Sun/Oracle default) and the default referral behavior to follow.

JndiLdapRealm - Class in org.apache.shiro.realm.ldap

Deprecated.
Renamed to DefaultLdapRealm, this class will be removed prior to 2.0

JndiLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.JndiLdapRealm

Deprecated.

JndiLocator - Class in org.apache.shiro.jndi

Convenient superclass for JNDI accessors, providing "jndiTemplate" and "jndiEnvironment" bean properties.

JndiLocator() - Constructor for class org.apache.shiro.jndi.JndiLocator

JndiObjectFactory<T> - Class in org.apache.shiro.jndi

A factory implementation intended to be used to look up objects in jndi.

JndiObjectFactory() - Constructor for class org.apache.shiro.jndi.JndiObjectFactory

JndiRealmFactory - Class in org.apache.shiro.realm.jndi

Looks up one or more Realm instances from JNDI using specified jndiNames.

JndiRealmFactory() - Constructor for class org.apache.shiro.realm.jndi.JndiRealmFactory

JndiTemplate - Class in org.apache.shiro.jndi

Helper class that simplifies JNDI operations.

JndiTemplate() - Constructor for class org.apache.shiro.jndi.JndiTemplate

Create a new JndiTemplate instance.

JndiTemplate(Properties) - Constructor for class org.apache.shiro.jndi.JndiTemplate

Create a new JndiTemplate instance, using the given environment.

K

keySet() - Method in class org.apache.shiro.subject.SimplePrincipalMap

keySet() - Method in class org.apache.shiro.util.MapContext

L

LdapContextFactory - Interface in org.apache.shiro.realm.ldap

Interface that encapsulates the creation of LdapContext objects that are used by DefaultLdapRealms to perform authentication attempts and query for authorization data.

LdapUtils - Class in org.apache.shiro.realm.ldap

Utility class providing static methods to make working with LDAP easier.

LdapUtils() - Constructor for class org.apache.shiro.realm.ldap.LdapUtils

loadDefaultClassPathIni() - Static method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

Returns a new Ini instance created from the default classpath:shiro.ini file, or null if the file does not exist.

LockedAccountException - Exception in org.apache.shiro.authc

A special kind of DisabledAccountException, this exception is thrown when attempting to authenticate and the corresponding account has been disabled explicitly due to being locked.

LockedAccountException() - Constructor for exception org.apache.shiro.authc.LockedAccountException

Creates a new LockedAccountException.

LockedAccountException(String) - Constructor for exception org.apache.shiro.authc.LockedAccountException

Constructs a new LockedAccountException.

LockedAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.LockedAccountException

Constructs a new LockedAccountException.

LockedAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.LockedAccountException

Constructs a new LockedAccountException.

logical() - Method in annotation type org.apache.shiro.authz.annotation.RequiresPermissions

The logical operation for the permission checks in case multiple roles are specified.

logical() - Method in annotation type org.apache.shiro.authz.annotation.RequiresRoles

The logical operation for the permission check in case multiple roles are specified.

Logical - Enum in org.apache.shiro.authz.annotation

An enum for specifying a logical operation that can be used for interpreting authorization annotations

login(AuthenticationToken) - Method in interface org.apache.shiro.subject.Subject

Performs a login attempt for this Subject/user.

login(AuthenticationToken) - Method in class org.apache.shiro.subject.support.DelegatingSubject

login(Subject, AuthenticationToken) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

First authenticates the AuthenticationToken argument, and if successful, constructs a Subject instance representing the authenticated account's identity.

login(Subject, AuthenticationToken) - Method in interface org.apache.shiro.mgt.SecurityManager

Logs in the specified Subject using the given authenticationToken, returning an updated Subject instance reflecting the authenticated state if successful or throwing AuthenticationException if it is not.

logout() - Method in interface org.apache.shiro.subject.Subject

Logs out this Subject and invalidates and/or removes any associated entities, such as a Session and authorization data.

logout() - Method in class org.apache.shiro.subject.support.DelegatingSubject

logout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

logout(Subject) - Method in interface org.apache.shiro.mgt.SecurityManager

Logs out the specified Subject from the system.

LogoutAware - Interface in org.apache.shiro.authc

An SPI interface allowing cleanup logic to be executed during logout of a previously authenticated Subject/user.

lookup(String) - Method in class org.apache.shiro.jndi.JndiLocator

Perform an actual JNDI lookup for the given name via the JndiTemplate.

lookup(String) - Method in class org.apache.shiro.jndi.JndiTemplate

Look up the object with the given name in the current JNDI context.

lookup(String, Class) - Method in class org.apache.shiro.jndi.JndiLocator

Perform an actual JNDI lookup for the given name via the JndiTemplate.

lookup(String, Class) - Method in class org.apache.shiro.jndi.JndiTemplate

Look up the object with the given name in the current JNDI context.

lookupSecurityManager() - Method in class org.apache.shiro.env.DefaultEnvironment

Looks up the SecurityManager instance in the backing map without performing any non-null guarantees.

M

MAIN_SECTION_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

MapContext - Class in org.apache.shiro.util

A MapContext provides a common base for context-based data storage in a Map.

MapContext() - Constructor for class org.apache.shiro.util.MapContext

MapContext(Map<String, Object>) - Constructor for class org.apache.shiro.util.MapContext

match(String, String) - Method in class org.apache.shiro.util.AntPathMatcher

matches(String, String) - Method in class org.apache.shiro.util.AntPathMatcher

matches(String, String) - Method in interface org.apache.shiro.util.PatternMatcher

Returns true if the given source matches the specified pattern, false otherwise.

matches(String, String) - Method in class org.apache.shiro.util.RegExPatternMatcher

Simple implementation that merely uses the default pattern comparison logic provided by the JDK.

matchStart(String, String) - Method in class org.apache.shiro.util.AntPathMatcher

Md2CredentialsMatcher - Class in org.apache.shiro.authc.credential

Deprecated.
since 1.1 - use the HashedCredentialsMatcher directly and set its hashAlgorithmName property.

Md2CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Md2CredentialsMatcher

Deprecated.

Md5CredentialsMatcher - Class in org.apache.shiro.authc.credential

Deprecated.
since 1.1 - use the HashedCredentialsMatcher directly and set its hashAlgorithmName property.

Md5CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Md5CredentialsMatcher

Deprecated.

MemorySessionDAO - Class in org.apache.shiro.session.mgt.eis

Simple memory-based implementation of the SessionDAO that stores all of its sessions in an in-memory ConcurrentMap.

MemorySessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.MemorySessionDAO

MergableAuthenticationInfo - Interface in org.apache.shiro.authc

An extension of the AuthenticationInfo interface to be implemented by classes that support merging with other AuthenticationInfo instances.

merge(AuthenticationInfo) - Method in interface org.apache.shiro.authc.MergableAuthenticationInfo

Merges the given AuthenticationInfo into this instance.

merge(AuthenticationInfo) - Method in class org.apache.shiro.authc.SimpleAccount

Merges the specified AuthenticationInfo into this Account.

merge(AuthenticationInfo) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Takes the specified info argument and adds its principals and credentials into this instance.

merge(AuthenticationInfo, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy

Merges the specified info argument into the aggregate argument and then returns an aggregate for continued use throughout the login process.

merge(AuthenticationInfo, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy

Returns the specified aggregate instance if is non null and valid (that is, has principals and they are not empty) immediately, or, if it is null or not valid, the info argument is returned instead.

mergeAuthenticationState(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Merges the Subject's current authentication state with whatever may be in any available session.

mergePrincipals(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Merges the Subject's current Subject.getPrincipals() with whatever may be in any available session.

MethodInterceptor - Interface in org.apache.shiro.aop

A MethodInterceptor intercepts a MethodInvocation to perform before or after logic (aka 'advice').

methodInterceptors - Variable in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor

The method interceptors to execute for the annotated method.

MethodInterceptorSupport - Class in org.apache.shiro.aop

This class is an abstraction of AOP method interceptor behavior specific to Shiro that leaves AOP implementation specifics to be handled by subclass implementations.

MethodInterceptorSupport() - Constructor for class org.apache.shiro.aop.MethodInterceptorSupport

Default no-argument constructor for subclasses.

MethodInvocation - Interface in org.apache.shiro.aop

3rd-party API independent representation of a method invocation.

MILLIS_PER_HOUR - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager

MILLIS_PER_HOUR - Static variable in class org.apache.shiro.session.mgt.SimpleSession

MILLIS_PER_MINUTE - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager

MILLIS_PER_MINUTE - Static variable in class org.apache.shiro.session.mgt.SimpleSession

MILLIS_PER_SECOND - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager

MILLIS_PER_SECOND - Static variable in class org.apache.shiro.session.mgt.SimpleSession

ModularRealmAuthenticator - Class in org.apache.shiro.authc.pam

A ModularRealmAuthenticator delegates account lookups to a pluggable (modular) collection of Realms.

ModularRealmAuthenticator() - Constructor for class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Default no-argument constructor which enables an AtLeastOneSuccessfulStrategy by default.

ModularRealmAuthorizer - Class in org.apache.shiro.authz

A ModularRealmAuthorizer is an Authorizer implementation that consults one or more configured Realms during an authorization operation.

ModularRealmAuthorizer() - Constructor for class org.apache.shiro.authz.ModularRealmAuthorizer

Default no-argument constructor, does nothing.

ModularRealmAuthorizer(Collection<Realm>) - Constructor for class org.apache.shiro.authz.ModularRealmAuthorizer

Constructor that accepts the Realms to consult during an authorization check.

MutablePrincipalCollection - Interface in org.apache.shiro.subject

A PrincipalCollection that allows modification.

N

name - Variable in class org.apache.shiro.authz.SimpleRole

NamedObjectEnvironment - Interface in org.apache.shiro.env

An environment that supports object lookup by name.

NativeSessionManager - Interface in org.apache.shiro.session.mgt

A Native session manager is one that manages sessions natively - that is, it is directly responsible for the creation, persistence and removal of Session instances and their lifecycles.

newHashInstance() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Returns a new, uninitialized instance, without its byte array set.

newSessionInstance(SessionContext) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

newSubjectContextInstance() - Method in class org.apache.shiro.subject.Subject.Builder

Creates a new SubjectContext instance to be used to populate with subject contextual data that will then be sent to the SecurityManager to create a new Subject instance.

newSubjectInstance(PrincipalCollection, boolean, String, Session, SecurityManager) - Method in class org.apache.shiro.mgt.DefaultSubjectFactory

Deprecated.
since 1.2 - override DefaultSubjectFactory.createSubject(org.apache.shiro.subject.SubjectContext) directly if you need to instantiate a custom Subject class.

NO_SALT - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle

notifyExpiration(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

notifyFailure(AuthenticationToken, AuthenticationException) - Method in class org.apache.shiro.authc.AbstractAuthenticator

Notifies any registered AuthenticationListeners that authentication failed for the specified token which resulted in the specified ae exception.

notifyLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.AbstractAuthenticator

Notifies any registered AuthenticationListeners that a Subject has logged-out.

notifyStart(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

Notifies any interested SessionListeners that a Session has started.

notifyStop(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

notifySuccess(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.AbstractAuthenticator

Notifies any registered AuthenticationListeners that authentication was successful for the specified token which resulted in the specified info.

nullSafePut(String, Object) - Method in class org.apache.shiro.util.MapContext

Places a value in this context map under the given key only if the given value argument is not null.

O

objectPermissions - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo

Collection of all object-based permissions associated with the account.

objects - Variable in class org.apache.shiro.env.DefaultEnvironment

onChange(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

onChange(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

oneByType(Class<T>) - Method in interface org.apache.shiro.subject.PrincipalCollection

Returns the first discovered principal assignable from the specified type, or null if there are none of the specified type.

oneByType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalCollection

oneByType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalMap

onEquals(SimpleSession) - Method in class org.apache.shiro.session.mgt.SimpleSession

Provides an attribute-based comparison (no ID comparison) - incurred only when 'this' or the session object being compared for equality do not have a session id.

onExpiration(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

onExpiration(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

onExpiration(Session) - Method in interface org.apache.shiro.session.SessionListener

Notification callback that occurs when the corresponding Session has expired.

onExpiration(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter

Adapter no-op implementation - does nothing and returns immediately.

onExpiration(Session, ExpiredSessionException, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

onFailedLogin(AuthenticationToken, AuthenticationException, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

onFailedLogin(Subject, AuthenticationToken, AuthenticationException) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Reacts to a failed login by immediately forgetting any previously remembered identity.

onFailedLogin(Subject, AuthenticationToken, AuthenticationException) - Method in interface org.apache.shiro.mgt.RememberMeManager

Reacts to a failed authentication attempt, typically by forgetting any previously remembered principals for the Subject.

onFailure(AuthenticationToken, AuthenticationException) - Method in interface org.apache.shiro.authc.AuthenticationListener

Callback triggered when an authentication attempt for a Subject has failed.

onInit() - Method in class org.apache.shiro.realm.AuthenticatingRealm

Template method for subclasses to implement any initialization logic.

onInit() - Method in class org.apache.shiro.realm.AuthorizingRealm

Initializes this realm and potentially enables a cache, depending on configuration.

onInit() - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

onInit() - Method in class org.apache.shiro.realm.text.IniRealm

onInit() - Method in class org.apache.shiro.realm.text.PropertiesRealm

onInit() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

Will call 'processDefinitions' on startup.

onInvalidation(Session, InvalidSessionException, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

onLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.AbstractAuthenticator

This implementation merely calls notifyLogout to allow any registered listeners to react to the logout.

onLogout(PrincipalCollection) - Method in interface org.apache.shiro.authc.AuthenticationListener

Callback triggered when a Subject logs-out of the system.

onLogout(PrincipalCollection) - Method in interface org.apache.shiro.authc.LogoutAware

Callback triggered when a Subject logs out of the system.

onLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

First calls super.onLogout(principals) to ensure a logout notification is issued, and for each wrapped Realm that implements the LogoutAware interface, calls ((LogoutAware)realm).onLogout(principals) to allow each realm the opportunity to perform logout/cleanup operations during an user-logout.

onLogout(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm

If caching is enabled, this will clear any cached data associated with the specified account identity.

onLogout(Subject) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Reacts to a subject logging out of the application and immediately forgets any previously stored identity and returns.

onLogout(Subject) - Method in interface org.apache.shiro.mgt.RememberMeManager

Reacts to a Subject logging out of the application, typically by forgetting any previously remembered principals for the Subject.

onRememberedPrincipalFailure(RuntimeException, SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Called when an exception is thrown while trying to retrieve principals.

onStart(Session) - Method in interface org.apache.shiro.session.SessionListener

Notification callback that occurs when the corresponding Session has started.

onStart(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter

Adapter no-op implementation - does nothing and returns immediately.

onStart(Session, SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

Template method that allows subclasses to react to a new session being created.

onStop(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

onStop(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

onStop(Session) - Method in interface org.apache.shiro.session.SessionListener

Notification callback that occurs when the corresponding Session has stopped, either programmatically via Session.stop() or automatically upon a subject logging out.

onStop(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter

Adapter no-op implementation - does nothing and returns immediately.

onStop(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

onSuccess(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.AuthenticationListener

Callback triggered when an authentication attempt for a Subject has succeeded.

onSuccessfulLogin(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

onSuccessfulLogin(Subject, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Reacts to the successful login attempt by first always forgetting any previously stored identity.

onSuccessfulLogin(Subject, AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.mgt.RememberMeManager

Reacts to a successful authentication attempt, typically saving the principals to be retrieved ('remembered') for future system access.

OR - org.apache.shiro.authz.annotation.Logical

org.apache.shiro - package org.apache.shiro

This package primarily exists as a root classpath distinction, but it does contain two core classes widely used by applications, SecurityUtils and ShiroException.

org.apache.shiro.aop - package org.apache.shiro.aop

Components used to support the framework's AOP/interception support classes.

org.apache.shiro.authc - package org.apache.shiro.authc

Core interfaces and exceptions concerning Authentication (the act of logging-in).

org.apache.shiro.authc.credential - package org.apache.shiro.authc.credential

Support for validating credentials (such as passwords or X509 certificates) during authentication via the CredentialsMatcher interface and its supporting implementations.

org.apache.shiro.authc.pam - package org.apache.shiro.authc.pam

Support for PAM, or Pluggable Authentication Modules, which is the capability to authenticate a user against multiple configurable (pluggable) modules (Shiro calls these Realms).

org.apache.shiro.authz - package org.apache.shiro.authz

Core interfaces and exceptions supporting Authorization (access control).

org.apache.shiro.authz.annotation - package org.apache.shiro.authz.annotation

Annotations used to restrict which classes, instances, or methods may be accessed or invoked depending on the caller's access abilities or authentication state.

org.apache.shiro.authz.aop - package org.apache.shiro.authz.aop

Contains AOP implementation support classes specifically used for authorization operations, particularly supporting AOP Method Interceptors and JSR-175 metadata Annotations.

org.apache.shiro.authz.permission - package org.apache.shiro.authz.permission

Support and default implementations for Shiro's Permission interface.

org.apache.shiro.concurrent - package org.apache.shiro.concurrent

Executor, ExecutorService, and ScheduledExecutorService implementations for transparent Subject association with threads in an asynchronous execution environment.

org.apache.shiro.config - package org.apache.shiro.config

org.apache.shiro.dao - package org.apache.shiro.dao

Package containing various components useful when building Data Access Objects (DAOs), including a generic Data Access Exception hierarchy.

org.apache.shiro.env - package org.apache.shiro.env

Concepts used to represent Shiro's aggregate state in an application.

org.apache.shiro.jndi - package org.apache.shiro.jndi

Enables accessing objects located in JNDI that might be useful when configuring a Shiro-enabled application.

org.apache.shiro.ldap - package org.apache.shiro.ldap

org.apache.shiro.mgt - package org.apache.shiro.mgt

Provides the master SecurityManager interface and a default implementation hierarchy for managing all aspects of Shiro's functionality in an application.

org.apache.shiro.realm - package org.apache.shiro.realm

Components and sub-packages used in supporting the core Realm interface.

org.apache.shiro.realm.activedirectory - package org.apache.shiro.realm.activedirectory

Realms that acquire security data from a Microsoft Active Directory.

org.apache.shiro.realm.jdbc - package org.apache.shiro.realm.jdbc

Realms that acquire security data from an RDBMS (Relational Database Management System) using the JDBC API.

org.apache.shiro.realm.jndi - package org.apache.shiro.realm.jndi

Support for acquiring Realms from JNDI, particularly useful for configuring Shiro in JEE or EJB environments.

org.apache.shiro.realm.ldap - package org.apache.shiro.realm.ldap

Realms that acquire security data from an LDAP (Lightweight Directory Access Protocol) server utilizing LDAP/Naming APIs.

org.apache.shiro.realm.text - package org.apache.shiro.realm.text

Realms that acquire security data from text-based data sources such as Files or text streams.

org.apache.shiro.session - package org.apache.shiro.session

Components related to managing sessions, the time-based data contexts in which a Subject interacts with an application.

org.apache.shiro.session.mgt - package org.apache.shiro.session.mgt

SessionManager components supporting enterprise session management.

org.apache.shiro.session.mgt.eis - package org.apache.shiro.session.mgt.eis

EIS (Enterprise Information System)-tier components that can perform CRUD operations for sessions using any EIS API.

org.apache.shiro.subject - package org.apache.shiro.subject

Components supporting the Subject interface, the most important concept in Shiro's API.

org.apache.shiro.subject.support - package org.apache.shiro.subject.support

Concrete support implementations of most of the org.apache.shiro.subject interfaces.

org.apache.shiro.util - package org.apache.shiro.util

Your run-of-the-mill 'util' package for components and logic widely used across the framework that can't find their home into a proper OO hierarchy (or, most likely for things used across many hierarchies).

P

PART_DIVIDER_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission

PasswordMatcher - Class in org.apache.shiro.authc.credential

A CredentialsMatcher that employs best-practices comparisons for hashed text passwords.

PasswordMatcher() - Constructor for class org.apache.shiro.authc.credential.PasswordMatcher

PasswordService - Interface in org.apache.shiro.authc.credential

A PasswordService supports common use cases when using passwords as a credentials mechanism.

passwordsMatch(Object, String) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

passwordsMatch(Object, String) - Method in interface org.apache.shiro.authc.credential.PasswordService

Returns true if the submittedPlaintext password matches the existing saved password, false otherwise.

passwordsMatch(Object, Hash) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

passwordsMatch(Object, Hash) - Method in interface org.apache.shiro.authc.credential.HashingPasswordService

Returns true if the submittedPlaintext password matches the existing savedPasswordHash, false otherwise.

PatternMatcher - Interface in org.apache.shiro.util

Interface for components that can match source strings against a specified pattern string.

Permission - Interface in org.apache.shiro.authz

A Permission represents the ability to perform an action or access a resource.

PermissionAnnotationHandler - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresPermissions annotation is declared, and if so, performs a permission check to see if the calling Subject is allowed continued access.

PermissionAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationHandler

Default no-argument constructor that ensures this handler looks for RequiresPermissions annotations.

PermissionAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresPermissions annotation is declared, and if so, performs a permission check to see if the calling Subject is allowed to call the method.

PermissionAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationMethodInterceptor

Default no-argument constructor that ensures this interceptor looks for RequiresPermissions annotations in a method declaration.

PermissionAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationMethodInterceptor

permissionResolver - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer

A PermissionResolver to be used by all configured realms.

PermissionResolver - Interface in org.apache.shiro.authz.permission

A PermisisonResolver resolves a String value and converts it into a Permission instance.

PermissionResolverAware - Interface in org.apache.shiro.authz.permission

Interface implemented by a component that wishes to use any application-configured PermissionResolver that might already exist instead of potentially creating one itself.

permissions - Variable in class org.apache.shiro.authz.SimpleRole

permissionsLookupEnabled - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm

permissionsQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm

PermissionUtils - Class in org.apache.shiro.util

Utility class to help with String-to-Permission object resolution.

PermissionUtils() - Constructor for class org.apache.shiro.util.PermissionUtils

PrincipalCollection - Interface in org.apache.shiro.subject

A collection of all principals associated with a corresponding Subject.

PrincipalMap - Interface in org.apache.shiro.subject

EXPERIMENTAL - DO NOT USE YET

principals - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo

The principals identifying the account associated with this AuthenticationInfo instance.

principals - Variable in class org.apache.shiro.subject.support.DelegatingSubject

principals(PrincipalCollection) - Method in class org.apache.shiro.subject.Subject.Builder

Ensures the Subject being built will reflect the specified principals (aka identity).

PRINCIPALS_SESSION_KEY - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext

The session key that is used to store subject principals.

principalSuffix - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm

principalSuffix - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

proceed() - Method in interface org.apache.shiro.aop.MethodInvocation

Continues the method invocation chain, or if the last in the chain, the method itself.

processDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

processRoleDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

processRoleDefinitions(Map<String, String>) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

processUserDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

processUserDefinitions(Map<String, String>) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

PropertiesRealm - Class in org.apache.shiro.realm.text

A TextConfigurationRealm that defers all logic to the parent class, but just enables Properties based configuration in addition to the parent class's String configuration.

PropertiesRealm() - Constructor for class org.apache.shiro.realm.text.PropertiesRealm

ProxiedSession - Class in org.apache.shiro.session

Simple Session implementation that immediately delegates all corresponding calls to an underlying proxied session instance.

ProxiedSession(Session) - Constructor for class org.apache.shiro.session.ProxiedSession

Constructs an instance that proxies the specified target.

publishEvent(Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

Publishes events on the event bus if the event bus is non-null, otherwise does nothing.

put(Object, Object) - Static method in class org.apache.shiro.util.ThreadContext

Binds value for the given key to the current thread.

put(String, Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap

put(String, Object) - Method in class org.apache.shiro.util.MapContext

putAll(Map<? extends String, ?>) - Method in class org.apache.shiro.subject.SimplePrincipalMap

putAll(Map<? extends String, ?>) - Method in class org.apache.shiro.util.MapContext

Q

queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

Builds an AuthenticationInfo object by querying the active directory LDAP context for the specified username.

queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Abstract method that should be implemented by subclasses to builds an AuthenticationInfo object by querying the LDAP context for the specified username.

queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

This implementation opens an LDAP connection using the token's discovered principal and provided credentials.

queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

Builds an AuthorizationInfo object by querying the active directory LDAP context for the groups that a user is a member of.

queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Abstract method that should be implemented by subclasses to builds an AuthorizationInfo object by querying the LDAP context for the specified principal.

queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Method that should be implemented by subclasses to build an AuthorizationInfo object by querying the LDAP context for the specified principal.

R

RandomSessionIdGenerator - Class in org.apache.shiro.session.mgt.eis

Generates session IDs by using a Random instance to generate random IDs.

RandomSessionIdGenerator() - Constructor for class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator

readSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO

Retrieves the Session object from the underlying EIS identified by sessionId by delegating to the AbstractSessionDAO.doReadSession(java.io.Serializable) method.

readSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Attempts to acquire the Session from the cache first using the session ID as the cache key.

readSession(Serializable) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO

Retrieves the session from the EIS uniquely identified by the specified sessionId.

Realm - Interface in org.apache.shiro.realm

A Realm is a security component that can access application-specific security entities such as users, roles, and permissions to determine authentication and authorization operations.

RealmFactory - Interface in org.apache.shiro.realm

Enables Shiro end-users to configure and initialize one or more Realm instances in any manner desired.

realms - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer

The realms to consult during any authorization check.

RealmSecurityManager - Class in org.apache.shiro.mgt

Shiro support of a SecurityManager class hierarchy based around a collection of Realms.

RealmSecurityManager() - Constructor for class org.apache.shiro.mgt.RealmSecurityManager

Default no-arg constructor.

rebind(String, Object) - Method in class org.apache.shiro.jndi.JndiTemplate

Rebind the given object to the current JNDI context, using the given name.

referral - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

RegExPatternMatcher - Class in org.apache.shiro.util

PatternMatcher implementation that uses standard java.util.regex objects.

RegExPatternMatcher() - Constructor for class org.apache.shiro.util.RegExPatternMatcher

releaseRunAs() - Method in interface org.apache.shiro.subject.Subject

Releases the current 'run as' (assumed) identity and reverts back to the previous 'pre run as' identity that existed before #runAs runAs was called.

releaseRunAs() - Method in class org.apache.shiro.subject.support.DelegatingSubject

reloadIntervalSeconds - Variable in class org.apache.shiro.realm.text.PropertiesRealm

rememberIdentity(Subject, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Remembers a subject-unique identity for retrieval later.

rememberIdentity(Subject, PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Remembers the specified account principals by first converting them to a byte array and then remembers that byte array.

RememberMeAuthenticationToken - Interface in org.apache.shiro.authc

An AuthenticationToken that indicates if the user wishes their identity to be remembered across sessions.

rememberMeFailedLogin(AuthenticationToken, AuthenticationException, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

rememberMeLogout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

rememberMeManager - Variable in class org.apache.shiro.mgt.DefaultSecurityManager

RememberMeManager - Interface in org.apache.shiro.mgt

A RememberMeManager is responsible for remembering a Subject's identity across that Subject's sessions with the application.

rememberMeSuccessfulLogin(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

rememberSerializedIdentity(Subject, byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Persists the identity bytes to a persistent store for retrieval later via the AbstractRememberMeManager.getRememberedSerializedIdentity(SubjectContext) method.

remove() - Static method in class org.apache.shiro.util.ThreadContext

Removes the underlying ThreadLocal from the thread.

remove(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap

remove(Object) - Method in class org.apache.shiro.util.MapContext

remove(Object) - Static method in class org.apache.shiro.util.ThreadContext

Unbinds the value for the given key from the current thread.

removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession

removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession

Immediately throws an InvalidSessionException in all cases because this proxy is immutable.

removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession

removeAttribute(Object) - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

removeAttribute(Object) - Method in interface org.apache.shiro.session.Session

Removes (unbinds) the object bound to this session under the specified key name.

removeAttribute(SessionKey, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

removeAttribute(SessionKey, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Removes (unbinds) the object bound to associated Session under the given attributeKey.

removeFromSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Removes any existing subject state from the Subject's session (if the session exists).

removeRealmPrincipal(String, String) - Method in interface org.apache.shiro.subject.PrincipalMap

removeRealmPrincipal(String, String) - Method in class org.apache.shiro.subject.SimplePrincipalMap

RequiredTypeException - Exception in org.apache.shiro.env

Exception thrown when attempting to acquire an object of a required type and that object does not equal, extend, or implement a specified Class.

RequiredTypeException(String) - Constructor for exception org.apache.shiro.env.RequiredTypeException

RequiredTypeException(String, Throwable) - Constructor for exception org.apache.shiro.env.RequiredTypeException

RequiresAuthentication - Annotation Type in org.apache.shiro.authz.annotation

Requires the current Subject to have been authenticated during their current session for the annotated class/instance/method to be accessed or invoked.

RequiresGuest - Annotation Type in org.apache.shiro.authz.annotation

Requires the current Subject to be a "guest", that is, they are not authenticated or remembered from a previous session for the annotated class/instance/method to be accessed or invoked.

RequiresPermissions - Annotation Type in org.apache.shiro.authz.annotation

Requires the current executor's Subject to imply a particular permission in order to execute the annotated method.

RequiresRoles - Annotation Type in org.apache.shiro.authz.annotation

Requires the currently executing Subject to have all of the specified roles.

RequiresUser - Annotation Type in org.apache.shiro.authz.annotation

Requires the current Subject to be an application user for the annotated class/instance/method to be accessed or invoked.

resolveAuthenticated() - Method in interface org.apache.shiro.subject.SubjectContext

resolveAuthenticated() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

resolveContextSession(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

resolveDelimitedPermissions(String, PermissionResolver) - Static method in class org.apache.shiro.util.PermissionUtils

resolveHost() - Method in interface org.apache.shiro.subject.SubjectContext

resolveHost() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

resolveIni() - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

Tries to resolve the Ini instance to use for configuration.

resolvePermission(String) - Method in interface org.apache.shiro.authz.permission.PermissionResolver

Resolves a Permission based on the given String representation.

resolvePermission(String) - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver

Returns a new WildcardPermission instance constructed based on the specified permissionString.

resolvePermissions(Collection<String>, PermissionResolver) - Static method in class org.apache.shiro.util.PermissionUtils

resolvePermissionsInRole(String) - Method in interface org.apache.shiro.authz.permission.RolePermissionResolver

Resolves a Collection of Permissions based on the given String representation.

resolvePrincipals() - Method in interface org.apache.shiro.subject.SubjectContext

resolvePrincipals() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

resolvePrincipals(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Attempts to resolve an identity (a PrincipalCollection) for the context using heuristics.

resolveSecurityManager() - Method in interface org.apache.shiro.subject.SubjectContext

Resolves the SecurityManager instance that should be used to back the constructed Subject instance (typically used to support DelegatingSubject implementations).

resolveSecurityManager() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

resolveSession() - Method in interface org.apache.shiro.subject.SubjectContext

resolveSession() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

resolveSession(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Attempts to resolve any associated session based on the context and returns a context that represents this resolved Session to ensure it may be referenced if necessary by the invoked SubjectFactory that performs actual Subject construction.

resourcePath - Variable in class org.apache.shiro.realm.text.PropertiesRealm

restore() - Method in class org.apache.shiro.subject.support.SubjectThreadState

Removes all thread-state that was bound by this instance.

restore() - Method in interface org.apache.shiro.util.ThreadState

Restores a thread to its state before bind bind was invoked.

retrieveSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

Looks up a session from the underlying data store based on the specified session key.

retrieveSession(SessionKey) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

retrieveSessionFromDataSource(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

RoleAnnotationHandler - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresRoles annotation is declared, and if so, performs a role check to see if the calling Subject is allowed to proceed.

RoleAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationHandler

Default no-argument constructor that ensures this handler looks for RequiresRoles annotations.

RoleAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresRoles annotation is declared, and if so, performs a role check to see if the calling Subject is allowed to invoke the method.

RoleAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationMethodInterceptor

Default no-argument constructor that ensures this interceptor looks for RequiresRoles annotations in a method declaration.

RoleAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationMethodInterceptor

roleExists(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm

rolePermissionResolver - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer

A RolePermissionResolver to be used by all configured realms.

RolePermissionResolver - Interface in org.apache.shiro.authz.permission

A RolePermissionResolver resolves a String value and converts it into a Collection of Permission instances.

RolePermissionResolverAware - Interface in org.apache.shiro.authz.permission

Interface implemented by a component that wishes to use any application-configured RolePermissionResolver that might already exist instead of potentially creating one itself.

roles - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo

The internal roles collection.

roles - Variable in class org.apache.shiro.realm.SimpleAccountRealm

ROLES_LOCK - Variable in class org.apache.shiro.realm.SimpleAccountRealm

ROLES_SECTION_NAME - Static variable in class org.apache.shiro.realm.text.IniRealm

run() - Method in class org.apache.shiro.realm.text.PropertiesRealm

run() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

run() - Method in class org.apache.shiro.subject.support.SubjectRunnable

Binds the Subject thread state, executes the target Runnable and then guarantees the previous thread state's restoration:

runAs(PrincipalCollection) - Method in interface org.apache.shiro.subject.Subject

Allows this subject to 'run as' or 'assume' another identity indefinitely.

runAs(PrincipalCollection) - Method in class org.apache.shiro.subject.support.DelegatingSubject

S

SaltedAuthenticationInfo - Interface in org.apache.shiro.authc

Interface representing account information that may use a salt when hashing credentials.

saltIsBase64Encoded - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm

saltStyle - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm

save(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Saves the subject's state to a persistent location for future reference if necessary.

save(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Saves the subject's state to the subject's session only if sessionStorageEnabled(subject).

save(Subject) - Method in interface org.apache.shiro.mgt.SubjectDAO

Persists the specified Subject's state for later access.

saveToSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Saves the subject's state (it's principals and authentication state) to its session.

schedule(Runnable, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

schedule(Callable<V>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

scheduleAtFixedRate(Runnable, long, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

scheduler - Variable in class org.apache.shiro.realm.text.PropertiesRealm

scheduleWithFixedDelay(Runnable, long, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

searchBase - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm

searchBase - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

searchFilter - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm

SECURITY_MANAGER_KEY - Static variable in class org.apache.shiro.util.ThreadContext

SECURITY_MANAGER_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

securityManager - Variable in class org.apache.shiro.subject.support.DelegatingSubject

SecurityManager - Interface in org.apache.shiro.mgt

A SecurityManager executes all security operations for all Subjects (aka users) across a single application.

SecurityUtils - Class in org.apache.shiro

Accesses the currently accessible Subject for the calling code depending on runtime environment.

SecurityUtils() - Constructor for class org.apache.shiro.SecurityUtils

serialize(PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Serializes the given principals by serializing them to a byte array by using the serializer's serialize method.

session - Variable in class org.apache.shiro.subject.support.DelegatingSubject

session(Session) - Method in class org.apache.shiro.subject.Subject.Builder

Ensures the Subject being built will use the specified Session instance.

Session - Interface in org.apache.shiro.session

A Session is a stateful data context associated with a single Subject (user, daemon process, etc) who interacts with a software system over a period of time.

SESSION_CREATION_ENABLED - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext

SessionContext - Interface in org.apache.shiro.session.mgt

A SessionContext is a 'bucket' of data presented to a SessionFactory which interprets this data to construct Session instances.

sessionCreationEnabled - Variable in class org.apache.shiro.subject.support.DelegatingSubject

sessionCreationEnabled(boolean) - Method in class org.apache.shiro.subject.Subject.Builder

Configures whether or not the created Subject instance can create a new Session if one does not already exist.

sessionDAO - Variable in class org.apache.shiro.session.mgt.DefaultSessionManager

SessionDAO - Interface in org.apache.shiro.session.mgt.eis

Data Access Object design pattern specification to enable Session access to an EIS (Enterprise Information System).

SessionException - Exception in org.apache.shiro.session

General security exception attributed to problems during interaction with the system during a session.

SessionException() - Constructor for exception org.apache.shiro.session.SessionException

Creates a new SessionException.

SessionException(String) - Constructor for exception org.apache.shiro.session.SessionException

Constructs a new SessionException.

SessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.SessionException

Constructs a new SessionException.

SessionException(Throwable) - Constructor for exception org.apache.shiro.session.SessionException

Constructs a new SessionException.

SessionFactory - Interface in org.apache.shiro.session.mgt

A simple factory class that instantiates concrete Session instances.

sessionId(Serializable) - Method in class org.apache.shiro.subject.Subject.Builder

Enables building a Subject instance that owns the Session with the specified sessionId.

SessionIdGenerator - Interface in org.apache.shiro.session.mgt.eis

Interface allowing pluggable session ID generation strategies to be used with various SessionDAO implementations.

SessionKey - Interface in org.apache.shiro.session.mgt

A SessionKey is a key that allows look-up of any particular Session instance.

SessionListener - Interface in org.apache.shiro.session

Interface to be implemented by components that wish to be notified of events that occur during a Session's life cycle.

SessionListenerAdapter - Class in org.apache.shiro.session

Simple adapter implementation of the SessionListener interface, effectively providing no-op implementations of all methods.

SessionListenerAdapter() - Constructor for class org.apache.shiro.session.SessionListenerAdapter

SessionManager - Interface in org.apache.shiro.session.mgt

A SessionManager manages the creation, maintenance, and clean-up of all application Sessions.

SessionsSecurityManager - Class in org.apache.shiro.mgt

Shiro support of a SecurityManager class hierarchy that delegates all session operations to a wrapped SessionManager instance.

SessionsSecurityManager() - Constructor for class org.apache.shiro.mgt.SessionsSecurityManager

Default no-arg constructor, internally creates a suitable default SessionManager delegate instance.

SessionStorageEvaluator - Interface in org.apache.shiro.mgt

Evaluates whether or not Shiro may use a Subject's Session to persist that Subject's internal state.

sessionValidationInterval - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

sessionValidationScheduler - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

Scheduler used to validate sessions on a regular basis.

SessionValidationScheduler - Interface in org.apache.shiro.session.mgt

Interface that should be implemented by classes that can control validating sessions on a regular basis.

sessionValidationSchedulerEnabled - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

setActions(Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission

setActiveSessionsCache(Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Sets the cache instance to use for storing active sessions.

setActiveSessionsCacheName(String) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Sets the name of the active sessions cache to be returned by the CacheManager.

setAdditionalEnvironment(Map<String, String>) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

These entries are added to the environment map before initializing the LDAP context.

setAnnotationClass(Class<? extends Annotation>) - Method in class org.apache.shiro.aop.AnnotationHandler

Sets the type of annotation this handler will inspect and process.

setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession

setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession

Immediately throws an InvalidSessionException in all cases because this proxy is immutable.

setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.SimpleSession

setAttribute(Object, Object) - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

setAttribute(Object, Object) - Method in interface org.apache.shiro.session.Session

Binds the specified value to this session, uniquely identified by the specified key name.

setAttribute(SessionKey, Object, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

setAttribute(SessionKey, Object, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Binds the specified value to the associated session uniquely identified by the attributeKey.

setAttributes(Map<Object, Object>) - Method in class org.apache.shiro.session.mgt.SimpleSession

setAuthenticated(boolean) - Method in interface org.apache.shiro.subject.SubjectContext

Sets whether or not the constructed Subject instance should be considered as authenticated.

setAuthenticated(boolean) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setAuthentication(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

Sets the type of LDAP authentication to perform when connecting to the LDAP server.

setAuthenticationCache(Cache<Object, AuthenticationInfo>) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Sets an explicit Cache instance to use for authentication caching.

setAuthenticationCacheName(String) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Sets the name of a Cache to lookup from any available cacheManager if a cache is not explicitly configured via AuthenticatingRealm.setAuthenticationCache(org.apache.shiro.cache.Cache).

setAuthenticationCachingEnabled(boolean) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Sets whether or not authentication caching should be utilized if a CacheManager has been configured, false otherwise.

setAuthenticationInfo(AuthenticationInfo) - Method in interface org.apache.shiro.subject.SubjectContext

setAuthenticationInfo(AuthenticationInfo) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setAuthenticationListeners(Collection<AuthenticationListener>) - Method in class org.apache.shiro.authc.AbstractAuthenticator

Sets the AuthenticationListeners that should be notified during authentication attempts.

setAuthenticationMechanism(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Sets the type of LDAP authentication mechanism to use when connecting to the LDAP server.

setAuthenticationQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

Overrides the default query used to retrieve a user's password during authentication.

setAuthenticationStrategy(AuthenticationStrategy) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Allows overriding the default AuthenticationStrategy utilized during multi-realm log-in attempts.

setAuthenticationToken(AuthenticationToken) - Method in interface org.apache.shiro.subject.SubjectContext

setAuthenticationToken(AuthenticationToken) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setAuthenticationTokenClass(Class<? extends AuthenticationToken>) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Sets the authenticationToken class supported by this realm.

setAuthenticator(Authenticator) - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager

Sets the delegate Authenticator instance that this SecurityManager uses to perform all authentication operations.

setAuthorizationCache(Cache<Object, AuthorizationInfo>) - Method in class org.apache.shiro.realm.AuthorizingRealm

setAuthorizationCacheName(String) - Method in class org.apache.shiro.realm.AuthorizingRealm

setAuthorizationCachingEnabled(boolean) - Method in class org.apache.shiro.realm.AuthorizingRealm

Sets whether or not authorization caching should be utilized if a CacheManager has been configured, false otherwise.

setAuthorizer(Authorizer) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager

Sets the underlying Authorizer instance to which this SecurityManager implementation will delegate all of its authorization calls.

setCacheManager(CacheManager) - Method in class org.apache.shiro.mgt.CachingSecurityManager

Sets the CacheManager used by this SecurityManager and potentially any of its children components.

setCacheManager(CacheManager) - Method in class org.apache.shiro.realm.CachingRealm

Sets the CacheManager to be used for data caching to reduce EIS round trips.

setCacheManager(CacheManager) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

setCacheManager(CacheManager) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Sets the cacheManager to use for acquiring the activeSessionsCache if one is not configured.

setCachingEnabled(boolean) - Method in class org.apache.shiro.realm.CachingRealm

Sets whether or not caching should be used if a CacheManager has been configured.

setCaseSensitive(boolean) - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver

Set the case sensitivity of the resolved Wildcard permissions.

setCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Convenience method that sets the cipher key to use for both encryption and decryption.

setCipherService(CipherService) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Sets the CipherService to use for encrypting and decrypting serialized identity data to prevent easy inspection of Subject identity data.

setContextFactory(LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication attempts and authorization queries.

setContextFactoryClassName(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

The context factory to use.

setContextFactoryClassName(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

The name of the ContextFactory class to use.

setCredentials(Object) - Method in class org.apache.shiro.authc.SimpleAccount

Sets this Account's credentials that verify one or more of the Account's principals, such as a password or private key.

setCredentials(Object) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Sets the credentials that verify the principals/identity of the associated Realm account.

setCredentialsExpired(boolean) - Method in class org.apache.shiro.authc.SimpleAccount

Sets whether or not the Account's credentials are expired.

setCredentialsMatcher(CredentialsMatcher) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Sets the CrendialsMatcher used during an authentication attempt to verify submitted credentials with those stored in the system.

setCredentialsSalt(ByteSource) - Method in class org.apache.shiro.authc.SimpleAccount

Sets the salt to use to hash this Account's credentials (eg for password hashing), or null if no salt is used or credentials are not hashed at all.

setCredentialsSalt(ByteSource) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Sets the salt used to hash the credentials, or null if no salt was used or credentials were not hashed at all.

setDataSource(DataSource) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

Sets the datasource that should be used to retrieve connections used by this realm.

setDecryptionCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Sets the decryption key to use for decryption operations.

setDefaults(Map<String, ?>) - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

Sets the default objects used by this factory.

setDeleteInvalidSessions(boolean) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

Sets whether or not sessions should be automatically deleted after they are discovered to be invalid.

setDomain(String) - Method in class org.apache.shiro.authz.permission.DomainPermission

setEncryptionCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Sets the encryption key to use for encryption operations.

setEnvironment(Map) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Sets the base JNDI environment template to use when acquiring LDAP connections.

setEnvironment(Properties) - Method in class org.apache.shiro.jndi.JndiTemplate

Set the environment for the JNDI InitialContext.

setEventBus(EventBus) - Method in class org.apache.shiro.mgt.CachingSecurityManager

Sets the EventBus used by this SecurityManager and potentially any of its children components.

setEventBus(EventBus) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

Sets the EventBus to use to publish SessionEvents.

setExpired(boolean) - Method in class org.apache.shiro.session.mgt.SimpleSession

setGlobalSessionTimeout(long) - Method in class org.apache.shiro.session.mgt.AbstractSessionManager

Sets the system-wide default time in milliseconds that any session may remain idle before expiring.

setGroupRolesMap(Map<String, String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm

setHandler(AnnotationHandler) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor

Sets the AnnotationHandler used to perform authorization behavior based on an annotation discovered at runtime.

setHashAlgorithmName(String) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Sets the Hash algorithmName to use when performing hashes for credentials matching.

setHashFormat(HashFormat) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

setHashFormatFactory(HashFormatFactory) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

setHashIterations(int) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Sets the number of times a submitted AuthenticationToken's credentials will be hashed before comparing to the credentials stored in the system.

setHashSalted(boolean) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Deprecated.
since Shiro 1.1. Hash salting is now expected to be based on if the AuthenticationInfo returned from the Realm is a SaltedAuthenticationInfo instance and its getCredentialsSalt() method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if the Realm does not return SaltedAuthenticationInfo instances, but it is highly recommended that Realm implementations that support hashed credentials start returning SaltedAuthenticationInfo instances as soon as possible.
This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0.

setHashService(HashService) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService

setHost(String) - Method in class org.apache.shiro.authc.UsernamePasswordToken

Sets the host name or IP string from where the authentication attempt occurs.

setHost(String) - Method in class org.apache.shiro.session.mgt.DefaultSessionContext

setHost(String) - Method in interface org.apache.shiro.session.mgt.SessionContext

Sets the originating host name or IP address (as a String) from where the Subject is initiating the Session.

setHost(String) - Method in class org.apache.shiro.session.mgt.SimpleSession

setHost(String) - Method in interface org.apache.shiro.subject.SubjectContext

Sets the host name or IP that should reflect the constructed Subject's originating location.

setHost(String) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setHostAddress(String) - Method in exception org.apache.shiro.authz.HostUnauthorizedException

Sets the host associated with this exception.

setId(Serializable) - Method in class org.apache.shiro.session.mgt.SimpleSession

setIni(Ini) - Method in class org.apache.shiro.config.IniFactorySupport

Deprecated.

setIni(Ini) - Method in class org.apache.shiro.realm.text.IniRealm

Sets the Ini instance used to configure this realm.

setInterval(long) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

setJndiEnvironment(Properties) - Method in class org.apache.shiro.jndi.JndiLocator

Set the JNDI environment to use for JNDI lookups.

setJndiNames(String) - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory

Specifies a comma-delimited list of JNDI names to lookup, each one corresponding to a jndi-bound Realm.

setJndiNames(Collection<String>) - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory

Sets the JNDI names that will be used to look up Realm(s) from JNDI.

setJndiTemplate(JndiTemplate) - Method in class org.apache.shiro.jndi.JndiLocator

Set the JNDI template to use for JNDI lookups.

setLastAccessTime(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession

setLdapContextFactory(LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Configures the LdapContextFactory implementation that is used to create LDAP connections for authentication and authorization.

setLocked(boolean) - Method in class org.apache.shiro.authc.SimpleAccount

Sets whether or not the account is locked and can be used to login.

setMethodInterceptors(Collection<AuthorizingAnnotationMethodInterceptor>) - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor

Sets the method interceptors to execute for the annotated method.

setName(String) - Method in class org.apache.shiro.authz.SimpleRole

setName(String) - Method in class org.apache.shiro.realm.AuthenticatingRealm

setName(String) - Method in class org.apache.shiro.realm.AuthorizingRealm

setName(String) - Method in class org.apache.shiro.realm.CachingRealm

setObject(String, Object) - Method in class org.apache.shiro.env.DefaultEnvironment

setObjectPermissions(Set<Permission>) - Method in class org.apache.shiro.authc.SimpleAccount

Sets all object-based permissions assigned directly to this Account (not any of its realms).

setObjectPermissions(Set<Permission>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo

Sets the object-based permissions assigned directly to the account.

setParts(String) - Method in class org.apache.shiro.authz.permission.WildcardPermission

setParts(String, boolean) - Method in class org.apache.shiro.authz.permission.WildcardPermission

setParts(String, Set<String>, Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission

setParts(List<Set<String>>) - Method in class org.apache.shiro.authz.permission.WildcardPermission

Sets the pre-split String parts of this WildcardPermission.

setPassword(char[]) - Method in class org.apache.shiro.authc.UsernamePasswordToken

Sets the password for submission during an authentication attempt.

setPasswordService(PasswordService) - Method in class org.apache.shiro.authc.credential.PasswordMatcher

setPathSeparator(String) - Method in class org.apache.shiro.util.AntPathMatcher

Set the path separator to use for pattern parsing.

setPermissionResolver(PermissionResolver) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Sets the specified PermissionResolver on all of the wrapped realms that implement the PermissionResolverAware interface.

setPermissionResolver(PermissionResolver) - Method in interface org.apache.shiro.authz.permission.PermissionResolverAware

Sets the specified PermissionResolver on this instance.

setPermissionResolver(PermissionResolver) - Method in class org.apache.shiro.realm.AuthorizingRealm

setPermissions(Set<Permission>) - Method in class org.apache.shiro.authz.SimpleRole

setPermissionsLookupEnabled(boolean) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

Enables lookup of permissions during authorization.

setPermissionsQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

Overrides the default query used to retrieve a user's permissions during authorization.

setPoolingEnabled(boolean) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Sets whether or not connection pooling should be used when possible and appropriate.

setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.authc.SimpleAccount

Sets the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this Account.

setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Sets the identifying principal(s) represented by this instance.

setPrincipals(PrincipalCollection) - Method in interface org.apache.shiro.subject.SubjectContext

Sets the principals (aka identity) that the constructed Subject should reflect.

setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setPrincipalSuffix(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Used when initializing the default LdapContextFactory.

setPrincipalSuffix(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

A suffix appended to the username.

setRandom(Random) - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator

setRealm(Realm) - Method in class org.apache.shiro.mgt.RealmSecurityManager

Convenience method for applications using a single realm that merely wraps the realm in a list and then invokes the RealmSecurityManager.setRealms(java.util.Collection<org.apache.shiro.realm.Realm>) method.

setRealmPrincipal(String, String, Object) - Method in interface org.apache.shiro.subject.PrincipalMap

setRealmPrincipal(String, String, Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap

setRealmPrincipals(String, Map<String, Object>) - Method in interface org.apache.shiro.subject.PrincipalMap

setRealmPrincipals(String, Map<String, Object>) - Method in class org.apache.shiro.subject.SimplePrincipalMap

setRealms(Collection<Realm>) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator

Sets all realms used by this Authenticator, providing PAM (Pluggable Authentication Module) configuration.

setRealms(Collection<Realm>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Sets the realms wrapped by this Authorizer which are consulted during an authorization check.

setRealms(Collection<Realm>) - Method in class org.apache.shiro.mgt.RealmSecurityManager

Sets the realms managed by this SecurityManager instance.

setReferral(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

Sets the LDAP referral property.

setReferral(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Sets the LDAP referral behavior when creating a connection.

setReflectionBuilder(ReflectionBuilder) - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

Sets the ReflectionBuilder that will be used to create the SecurityManager based on the contents of the Ini configuration.

setReloadIntervalSeconds(int) - Method in class org.apache.shiro.realm.text.PropertiesRealm

Sets the interval in seconds at which the property file will be checked for changes and reloaded.

setRememberMe(boolean) - Method in class org.apache.shiro.authc.UsernamePasswordToken

Sets if the submitting user wishes their identity (principal(s)) to be remembered across sessions.

setRememberMeManager(RememberMeManager) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

setRequiredType(Class<? extends T>) - Method in class org.apache.shiro.jndi.JndiObjectFactory

setResolver(AnnotationResolver) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor

Returns the AnnotationResolver to use to acquire annotations from intercepted methods at runtime.

setResourceName(String) - Method in class org.apache.shiro.jndi.JndiObjectFactory

setResourcePath(String) - Method in class org.apache.shiro.realm.text.IniRealm

setResourcePath(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm

Sets the path of the properties file to load user, role, and permission information from.

setResourceRef(boolean) - Method in class org.apache.shiro.jndi.JndiLocator

Set whether the lookup occurs in a J2EE container, i.e. if the prefix "java:comp/env/" needs to be added if the JNDI name doesn't already contain it.

setResources(Map<Object, Object>) - Static method in class org.apache.shiro.util.ThreadContext

Allows a caller to explicitly set the entire resource map.

setRoleDefinitions(String) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

Sets a newline (\n) delimited String that defines role-to-permission definitions.

setRolePermissionResolver(RolePermissionResolver) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer

Sets the specified RolePermissionResolver on all of the wrapped realms that implement the PermissionResolverAware interface.

setRolePermissionResolver(RolePermissionResolver) - Method in interface org.apache.shiro.authz.permission.RolePermissionResolverAware

Sets the specified RolePermissionResolver on this instance.

setRolePermissionResolver(RolePermissionResolver) - Method in class org.apache.shiro.realm.AuthorizingRealm

setRoles(Set<String>) - Method in class org.apache.shiro.authc.SimpleAccount

Sets the Account's assigned roles.

setRoles(Set<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo

Sets the roles assigned to the account.

setSaltIsBase64Encoded(boolean) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

Makes it possible to switch off base64 encoding of password salt.

setSaltStyle(JdbcRealm.SaltStyle) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

Sets the salt style.

setSearchBase(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Used when initializing the default LdapContextFactory.

setSearchBase(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.
this attribute existed, but was never used in Shiro 1.x. It will be removed prior to Shiro 2.0.

setSearchFilter(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

setSecurityManager(SecurityManager) - Method in class org.apache.shiro.env.DefaultEnvironment

setSecurityManager(SecurityManager) - Static method in class org.apache.shiro.SecurityUtils

Sets a VM (static) singleton SecurityManager, specifically for transparent use in the getSubject() implementation.

setSecurityManager(SecurityManager) - Method in interface org.apache.shiro.subject.SubjectContext

Sets the SecurityManager instance that should be used to back the constructed Subject instance (typically used to support DelegatingSubject implementations).

setSecurityManager(SecurityManager) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setSecurityManagerName(String) - Method in class org.apache.shiro.env.DefaultEnvironment

Sets the name of the SecurityManager instance in the backing map.

setSerializer(Serializer<PrincipalCollection>) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager

Sets the Serializer used to serialize and deserialize PrincipalCollection instances for persistent remember me storage.

setSession(Session) - Method in interface org.apache.shiro.subject.SubjectContext

Sets the Session to use when building the Subject instance.

setSession(Session) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setSessionCreationEnabled(boolean) - Method in interface org.apache.shiro.subject.SubjectContext

Sets whether or not the constructed Subject instance should be allowed to create a session, false otherwise.

setSessionCreationEnabled(boolean) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setSessionDAO(SessionDAO) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

setSessionFactory(SessionFactory) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager

Sets the SessionFactory used to generate new Session instances.

setSessionId(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionContext

setSessionId(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionKey

setSessionId(Serializable) - Method in interface org.apache.shiro.session.mgt.SessionContext

setSessionId(Serializable) - Method in interface org.apache.shiro.subject.SubjectContext

Sets the session id of the session that should be associated with the constructed Subject instance.

setSessionId(Serializable) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setSessionIdGenerator(SessionIdGenerator) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO

Sets the SessionIdGenerator used by the AbstractSessionDAO.generateSessionId(org.apache.shiro.session.Session) method.

setSessionListeners(Collection<SessionListener>) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

setSessionManager(SessionManager) - Method in class org.apache.shiro.mgt.SessionsSecurityManager

Sets the underlying delegate SessionManager instance that will be used to support this implementation's SessionManager method calls.

setSessionManager(ValidatingSessionManager) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

setSessionStorageEnabled(boolean) - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator

Sets if any Subject's Session may be used to persist that Subject's state.

setSessionStorageEvaluator(SessionStorageEvaluator) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO

Sets the SessionStorageEvaluator that will determine if a Subject's state may be persisted in the Subject's session.

setSessionValidationInterval(long) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

If using the underlying default SessionValidationScheduler (that is, the setSessionValidationScheduler method is never called) , this method allows one to specify how frequently session should be validated (to check for orphans).

setSessionValidationScheduler(SessionValidationScheduler) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

setSessionValidationSchedulerEnabled(boolean) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

setSingleton(boolean) - Method in class org.apache.shiro.util.AbstractFactory

setStartTimestamp(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession

setStopAfterFirstSuccess(boolean) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy

setStopTimestamp(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession

setStoredCredentialsHexEncoded(boolean) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher

Sets the indicator if this system's stored credential hash is Hex encoded or not.

setStringPermissions(Set<String>) - Method in class org.apache.shiro.authc.SimpleAccount

Sets the String-based permissions assigned to this Account.

setStringPermissions(Set<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo

Sets the string-based permissions assigned directly to the account.

setSubject(Subject) - Method in interface org.apache.shiro.subject.SubjectContext

Sets the existing Subject that may be in use at the time the new Subject instance is being created.

setSubject(Subject) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext

setSubjectDAO(SubjectDAO) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Sets the SubjectDAO responsible for persisting Subject state, typically used after login or when an Subject identity is discovered (eg after RememberMe services).

setSubjectFactory(SubjectFactory) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Sets the SubjectFactory responsible for creating Subject instances exposed to the application.

setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Used when initializing the default LdapContextFactory.

setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

The system password that will be used when connecting to the LDAP server to retrieve authorization information about a user.

setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Sets the password of the systemUsername that will be used when creating an LDAP connection used for authorization queries.

setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Used when initializing the default LdapContextFactory.

setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

The system username that will be used when connecting to the LDAP server to retrieve authorization information about a user.

setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Sets the system username that will be used when creating an LDAP connection used for authorization queries.

setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor

Sets target Executor instance that will actually execute the subject-associated Runnable instances.

setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

setTargetExecutorService(ExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

setTargetExecutorService(ExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

setTargets(Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission

setTargetScheduledExecutorService(ScheduledExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

setThreadNamePrefix(String) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler

setTimeout(long) - Method in class org.apache.shiro.session.mgt.DelegatingSession

setTimeout(long) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession

Immediately throws an InvalidSessionException in all cases because this proxy is immutable.

setTimeout(long) - Method in class org.apache.shiro.session.mgt.SimpleSession

setTimeout(long) - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

setTimeout(long) - Method in interface org.apache.shiro.session.Session

Sets the time in milliseconds that the session may remain idle before expiring.

setTimeout(SessionKey, long) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

setTimeout(SessionKey, long) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Sets the time in milliseconds that the associated session may remain idle before expiring.

setUrl(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm

Used when initializing the default LdapContextFactory.

setUrl(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

The LDAP url to connect to.

setUrl(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

The LDAP url to connect to.

setUsePooling(boolean) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

Determines whether or not LdapContext pooling is enabled for connections made using the system user account.

setUserDefinitions(String) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm

Sets a newline (\n) delimited String that defines user-to-password-and-role(s) key/value pairs according to the following format:

setUserDnTemplate(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm

Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime.

setUsername(String) - Method in class org.apache.shiro.authc.UsernamePasswordToken

Sets the username for submission during an authentication attempt.

setUserRolesQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm

Overrides the default query used to retrieve a user's roles during authorization.

setUseXmlFormat(boolean) - Method in class org.apache.shiro.realm.text.PropertiesRealm

Determines whether or not the properties XML format should be used.

Sha1CredentialsMatcher - Class in org.apache.shiro.authc.credential

Deprecated.
since 1.1 - use the HashedCredentialsMatcher directly and set its hashAlgorithmName property.

Sha1CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha1CredentialsMatcher

Deprecated.

Sha256CredentialsMatcher - Class in org.apache.shiro.authc.credential

Deprecated.
since 1.1 - use the HashedCredentialsMatcher directly and set its hashAlgorithmName property.

Sha256CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha256CredentialsMatcher

Deprecated.

Sha384CredentialsMatcher - Class in org.apache.shiro.authc.credential

Deprecated.
since 1.1 - use the HashedCredentialsMatcher directly and set its hashAlgorithmName property.

Sha384CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha384CredentialsMatcher

Deprecated.

Sha512CredentialsMatcher - Class in org.apache.shiro.authc.credential

Deprecated.
since 1.1 - use the HashedCredentialsMatcher directly and set its hashAlgorithmName property.

Sha512CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha512CredentialsMatcher

Deprecated.

ShortCircuitIterationException - Exception in org.apache.shiro.authc.pam

Exception thrown during the authentication process using FirstSuccessfulStrategy, with stopAfterFirstSuccess set.

ShortCircuitIterationException() - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException

Creates a new ShortCircuitIterationException.

ShortCircuitIterationException(String) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException

Constructs a new ShortCircuitIterationException.

ShortCircuitIterationException(String, Throwable) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException

Constructs a new ShortCircuitIterationException.

ShortCircuitIterationException(Throwable) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException

Constructs a new ShortCircuitIterationException.

shouldImplicitlyCreateRealm(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory

Deprecated.

Returns true if the Ini contains account data and a Realm should be implicitly created to reflect the account data, false if no realm should be implicitly created.

shutdown() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

shutdownNow() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

SIMPLE_AUTHENTICATION_MECHANISM_NAME - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

SimpleAccount - Class in org.apache.shiro.authc

Simple implementation of the Account interface that contains principal and credential and authorization information (roles and permissions) as instance variables and exposes them via getters and setters using standard JavaBean notation.

SimpleAccount() - Constructor for class org.apache.shiro.authc.SimpleAccount

Default no-argument constructor.

SimpleAccount(Object, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.

SimpleAccount(Object, Object, String, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified realm with the given principal and credentials, with the the assigned roles and permissions.

SimpleAccount(Object, Object, ByteSource, String) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified realm with the given principals, hashedCredentials and credentials salt used when hashing the credentials.

SimpleAccount(Collection, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.

SimpleAccount(Collection, Object, String, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified realm with the given principals and credentials, with the the assigned roles and permissions.

SimpleAccount(PrincipalCollection, Object) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified principals and credentials.

SimpleAccount(PrincipalCollection, Object, Set<String>) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified principals and credentials, with the assigned roles.

SimpleAccount(PrincipalCollection, Object, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance from the given principals and credentials, with the the assigned roles and permissions.

SimpleAccount(PrincipalCollection, Object, ByteSource) - Constructor for class org.apache.shiro.authc.SimpleAccount

Constructs a SimpleAccount instance for the specified principals and credentials.

SimpleAccountRealm - Class in org.apache.shiro.realm

A simple implementation of the Realm interface that uses a set of configured user accounts and roles to support authentication and authorization.

SimpleAccountRealm() - Constructor for class org.apache.shiro.realm.SimpleAccountRealm

SimpleAccountRealm(String) - Constructor for class org.apache.shiro.realm.SimpleAccountRealm

SimpleAuthenticationInfo - Class in org.apache.shiro.authc

Simple implementation of the MergableAuthenticationInfo interface that holds the principals and credentials.

SimpleAuthenticationInfo() - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo

Default no-argument constructor.

SimpleAuthenticationInfo(Object, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo

Constructor that takes in a single 'primary' principal of the account and its corresponding credentials, associated with the specified realm.

SimpleAuthenticationInfo(Object, Object, ByteSource, String) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo

Constructor that takes in a single 'primary' principal of the account, its corresponding hashed credentials, the salt used to hash the credentials, and the name of the realm to associate with the principals.

SimpleAuthenticationInfo(PrincipalCollection, Object) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo

Constructor that takes in an account's identifying principal(s) and its corresponding credentials that verify the principals.

SimpleAuthenticationInfo(PrincipalCollection, Object, ByteSource) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo

Constructor that takes in an account's identifying principal(s), hashed credentials used to verify the principals, and the salt used when hashing the credentials.

SimpleAuthorizationInfo - Class in org.apache.shiro.authz

Simple POJO implementation of the AuthorizationInfo interface that stores roles and permissions as internal attributes.

SimpleAuthorizationInfo() - Constructor for class org.apache.shiro.authz.SimpleAuthorizationInfo

Default no-argument constructor.

SimpleAuthorizationInfo(Set<String>) - Constructor for class org.apache.shiro.authz.SimpleAuthorizationInfo

Creates a new instance with the specified roles and no permissions.

SimpleCredentialsMatcher - Class in org.apache.shiro.authc.credential

Simple CredentialsMatcher implementation.

SimpleCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.SimpleCredentialsMatcher

SimplePrincipalCollection - Class in org.apache.shiro.subject

A simple implementation of the MutablePrincipalCollection interface that tracks principals internally by storing them in a LinkedHashMap.

SimplePrincipalCollection() - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection

SimplePrincipalCollection(Object, String) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection

SimplePrincipalCollection(Collection, String) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection

SimplePrincipalCollection(PrincipalCollection) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection

SimplePrincipalMap - Class in org.apache.shiro.subject

Default implementation of the PrincipalMap interface.

SimplePrincipalMap() - Constructor for class org.apache.shiro.subject.SimplePrincipalMap

SimplePrincipalMap(Map<String, Map<String, Object>>) - Constructor for class org.apache.shiro.subject.SimplePrincipalMap

SimpleRole - Class in org.apache.shiro.authz

A simple representation of a security role that has a name and a collection of permissions.

SimpleRole() - Constructor for class org.apache.shiro.authz.SimpleRole

SimpleRole(String) - Constructor for class org.apache.shiro.authz.SimpleRole

SimpleRole(String, Set<Permission>) - Constructor for class org.apache.shiro.authz.SimpleRole

SimpleSession - Class in org.apache.shiro.session.mgt

Simple Session JavaBeans-compatible POJO implementation, intended to be used on the business/server tier.

SimpleSession() - Constructor for class org.apache.shiro.session.mgt.SimpleSession

SimpleSession(String) - Constructor for class org.apache.shiro.session.mgt.SimpleSession

SimpleSessionFactory - Class in org.apache.shiro.session.mgt

SessionFactory implementation that generates SimpleSession instances.

SimpleSessionFactory() - Constructor for class org.apache.shiro.session.mgt.SimpleSessionFactory

size() - Method in class org.apache.shiro.subject.SimplePrincipalMap

size() - Method in class org.apache.shiro.util.MapContext

size(Collection) - Static method in class org.apache.shiro.util.CollectionUtils

Returns the size of the specified collection or 0 if the collection is null.

size(Map) - Static method in class org.apache.shiro.util.CollectionUtils

Returns the size of the specified map or 0 if the map is null.

start(SessionContext) - Method in class org.apache.shiro.mgt.SessionsSecurityManager

start(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

start(SessionContext) - Method in interface org.apache.shiro.session.mgt.SessionManager

Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.

startReloadThread() - Method in class org.apache.shiro.realm.text.PropertiesRealm

stop() - Method in class org.apache.shiro.session.mgt.DelegatingSession

stop() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession

Immediately throws an InvalidSessionException in all cases because this proxy is immutable.

stop() - Method in class org.apache.shiro.session.mgt.SimpleSession

stop() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

stop() - Method in interface org.apache.shiro.session.Session

Explicitly stops (invalidates) this session and releases all associated resources.

stop(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

stop(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Explicitly stops the associated session, thereby releasing all of its resources.

StoppedSessionException - Exception in org.apache.shiro.session

Exception thrown when attempting to interact with the system under a session that has been stopped.

StoppedSessionException() - Constructor for exception org.apache.shiro.session.StoppedSessionException

Creates a new StoppedSessionException.

StoppedSessionException(String) - Constructor for exception org.apache.shiro.session.StoppedSessionException

Constructs a new StoppedSessionException.

StoppedSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.StoppedSessionException

Constructs a new StoppedSessionException.

StoppedSessionException(Throwable) - Constructor for exception org.apache.shiro.session.StoppedSessionException

Constructs a new StoppedSessionException.

stopSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

storeSession(Serializable, Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO

stringPermissions - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo

Collection of all string-based permissions associated with the account.

Subject - Interface in org.apache.shiro.subject

A Subject represents state and security operations for a single application user.

SUBJECT_KEY - Static variable in class org.apache.shiro.util.ThreadContext

Subject.Builder - Class in org.apache.shiro.subject

Builder design pattern implementation for creating Subject instances in a simplified way without requiring knowledge of Shiro's construction techniques.

SubjectAwareExecutor - Class in org.apache.shiro.concurrent

Executor implementation that will automatically first associate any argument Runnable instances with the currently available Subject and then dispatch the Subject-enabled runnable to an underlying delegate Executor instance.

SubjectAwareExecutor() - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutor

SubjectAwareExecutor(Executor) - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutor

SubjectAwareExecutorService - Class in org.apache.shiro.concurrent

ExecutorService implementation that will automatically first associate any argument Runnable or Callable instances with the currently available subject and then dispatch the Subject-enabled runnable or callable to an underlying delegate ExecutorService instance.

SubjectAwareExecutorService() - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutorService

SubjectAwareExecutorService(ExecutorService) - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutorService

SubjectAwareScheduledExecutorService - Class in org.apache.shiro.concurrent

Same concept as the SubjectAwareExecutorService but additionally supports the ScheduledExecutorService interface.

SubjectAwareScheduledExecutorService() - Constructor for class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

SubjectAwareScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService

SubjectCallable<V> - Class in org.apache.shiro.subject.support

A SubjectCallable associates a Subject with a target/delegate Callable to ensure proper Subject thread-state management when the Callable executes.

SubjectCallable(Subject, Callable<V>) - Constructor for class org.apache.shiro.subject.support.SubjectCallable

SubjectCallable(ThreadState, Callable<V>) - Constructor for class org.apache.shiro.subject.support.SubjectCallable

SubjectContext - Interface in org.apache.shiro.subject

A SubjectContext is a 'bucket' of data presented to a SecurityManager which interprets this data to construct Subject instances.

subjectDAO - Variable in class org.apache.shiro.mgt.DefaultSecurityManager

SubjectDAO - Interface in org.apache.shiro.mgt

A SubjectDAO is responsible for persisting a Subject instance's internal state such that the Subject instance can be recreated at a later time if necessary.

subjectFactory - Variable in class org.apache.shiro.mgt.DefaultSecurityManager

SubjectFactory - Interface in org.apache.shiro.mgt

A SubjectFactory is responsible for constructing Subject instances as needed.

SubjectRunnable - Class in org.apache.shiro.subject.support

A SubjectRunnable ensures that a target/delegate Runnable will execute such that any call to SecurityUtils.getSubject() during the Runnable's execution will return the associated Subject instance.

SubjectRunnable(Subject, Runnable) - Constructor for class org.apache.shiro.subject.support.SubjectRunnable

Creates a new SubjectRunnable that, when executed, will execute the target delegate, but guarantees that it will run associated with the specified Subject.

SubjectRunnable(ThreadState, Runnable) - Constructor for class org.apache.shiro.subject.support.SubjectRunnable

Creates a new SubjectRunnable that, when executed, will perform thread state binding and guaranteed restoration before and after the Runnable's execution, respectively.

SubjectThreadState - Class in org.apache.shiro.subject.support

Manages thread-state for Subject access (supporting SecurityUtils.getSubject() calls) during a thread's execution.

SubjectThreadState(Subject) - Constructor for class org.apache.shiro.subject.support.SubjectThreadState

Creates a new SubjectThreadState that will bind and unbind the specified Subject to the thread

submit(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

submit(Runnable, T) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

submit(Callable<T>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService

SUBPART_DIVIDER_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission

SUN_CONNECTION_POOLING_PROPERTY - Static variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

The Sun LDAP property used to enable connection pooling.

SUN_CONNECTION_POOLING_PROPERTY - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

The Sun LDAP property used to enable connection pooling.

supports(MethodInvocation) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor

Returns true if this interceptor supports, that is, should inspect, the specified MethodInvocation, false otherwise.

supports(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm

Convenience implementation that returns getAuthenticationTokenClass().isAssignableFrom( token.getClass() );.

supports(AuthenticationToken) - Method in interface org.apache.shiro.realm.Realm

Returns true if this realm wishes to authenticate the Subject represented by the given AuthenticationToken instance, false otherwise.

systemPassword - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm

systemPassword - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

systemUsername - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm

systemUsername - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

T

TextConfigurationRealm - Class in org.apache.shiro.realm.text

A SimpleAccountRealm that enables text-based configuration of the initial User, Role, and Permission objects created at startup.

TextConfigurationRealm() - Constructor for class org.apache.shiro.realm.text.TextConfigurationRealm

ThreadContext - Class in org.apache.shiro.util

A ThreadContext provides a means of binding and unbinding objects to the current thread based on key/value pairs.

ThreadContext() - Constructor for class org.apache.shiro.util.ThreadContext

Default no-argument constructor.

threadState - Variable in class org.apache.shiro.subject.support.SubjectCallable

threadState - Variable in class org.apache.shiro.subject.support.SubjectRunnable

ThreadState - Interface in org.apache.shiro.util

A ThreadState instance manages any state that might need to be bound and/or restored during a thread's execution.

throwImmutableException() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession

Simply throws an InvalidSessionException indicating that this proxy is immutable.

toLines(String) - Static method in class org.apache.shiro.realm.text.TextConfigurationRealm

toMap(Collection<String>) - Static method in class org.apache.shiro.realm.text.TextConfigurationRealm

toPermissionStrings(String) - Static method in class org.apache.shiro.util.PermissionUtils

toSet(String, String) - Static method in class org.apache.shiro.realm.SimpleAccountRealm

toString() - Method in class org.apache.shiro.authc.SimpleAccount

Returns principals.toString() if they are not null, otherwise prints out the string "empty"

toString() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo

Simple implementation that merely returns principals.toString()

toString() - Method in class org.apache.shiro.authc.UsernamePasswordToken

Returns the String representation.

toString() - Method in class org.apache.shiro.authz.permission.WildcardPermission

toString() - Method in class org.apache.shiro.authz.SimpleRole

toString() - Method in class org.apache.shiro.session.mgt.SimpleSession

Returns the string representation of this SimpleSession, equal to getClass().getName() + ",id=" + getId().

toString() - Method in class org.apache.shiro.subject.SimplePrincipalCollection

Returns a simple string representation suitable for printing.

touch() - Method in class org.apache.shiro.session.mgt.DelegatingSession

touch() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession

Immediately throws an InvalidSessionException in all cases because this proxy is immutable.

touch() - Method in class org.apache.shiro.session.mgt.SimpleSession

touch() - Method in class org.apache.shiro.session.ProxiedSession

Immediately delegates to the underlying proxied session.

touch() - Method in interface org.apache.shiro.session.Session

Explicitly updates the lastAccessTime of this session to the current time when this method is invoked.

touch(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager

touch(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager

Updates the last accessed time of the session identified by sessionId.

U

UnauthenticatedException - Exception in org.apache.shiro.authz

Exception thrown when attempting to execute an authorization action when a successful authentication hasn't yet occurred.

UnauthenticatedException() - Constructor for exception org.apache.shiro.authz.UnauthenticatedException

Creates a new UnauthenticatedException.

UnauthenticatedException(String) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException

Constructs a new UnauthenticatedException.

UnauthenticatedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException

Constructs a new UnauthenticatedException.

UnauthenticatedException(Throwable) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException

Constructs a new UnauthenticatedException.

UnauthorizedException - Exception in org.apache.shiro.authz

Thrown to indicate a requested operation or access to a requested resource is not allowed.

UnauthorizedException() - Constructor for exception org.apache.shiro.authz.UnauthorizedException

Creates a new UnauthorizedException.

UnauthorizedException(String) - Constructor for exception org.apache.shiro.authz.UnauthorizedException

Constructs a new UnauthorizedException.

UnauthorizedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.UnauthorizedException

Constructs a new UnauthorizedException.

UnauthorizedException(Throwable) - Constructor for exception org.apache.shiro.authz.UnauthorizedException

Constructs a new UnauthorizedException.

UnavailableSecurityManagerException - Exception in org.apache.shiro

Exception thrown when attempting to acquire the application's SecurityManager instance, but Shiro's lookup heuristics cannot find one.

UnavailableSecurityManagerException(String) - Constructor for exception org.apache.shiro.UnavailableSecurityManagerException

UnavailableSecurityManagerException(String, Throwable) - Constructor for exception org.apache.shiro.UnavailableSecurityManagerException

Deprecated.
This constructor is NOT used by Shiro directly, and will be removed in the future.

unbind(String) - Method in class org.apache.shiro.jndi.JndiTemplate

Remove the binding for the given name from the current JNDI context.

unbind(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager

Deprecated.
in Shiro 1.2 in favor of DefaultSecurityManager.delete(org.apache.shiro.subject.Subject)

unbindSecurityManager() - Static method in class org.apache.shiro.util.ThreadContext

Convenience method that simplifies removal of the application's SecurityManager instance from the thread.

unbindSubject() - Static method in class org.apache.shiro.util.ThreadContext

Convenience method that simplifies removal of a thread-local Subject from the thread.

uncache(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Removes the specified Session from the cache.

UnknownAccountException - Exception in org.apache.shiro.authc

Thrown when attempting to authenticate with a principal that doesn't exist in the system (e.g.

UnknownAccountException() - Constructor for exception org.apache.shiro.authc.UnknownAccountException

Creates a new UnknownAccountException.

UnknownAccountException(String) - Constructor for exception org.apache.shiro.authc.UnknownAccountException

Constructs a new UnknownAccountException.

UnknownAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.UnknownAccountException

Constructs a new UnknownAccountException.

UnknownAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.UnknownAccountException

Constructs a new UnknownAccountException.

UnknownSessionException - Exception in org.apache.shiro.session

Exception thrown when attempting to interact with the system under the pretense of a particular session (e.g. under a specific session id), and that session does not exist in the system.

UnknownSessionException() - Constructor for exception org.apache.shiro.session.UnknownSessionException

Creates a new UnknownSessionException.

UnknownSessionException(String) - Constructor for exception org.apache.shiro.session.UnknownSessionException

Constructs a new UnknownSessionException.

UnknownSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.UnknownSessionException

Constructs a new UnknownSessionException.

UnknownSessionException(Throwable) - Constructor for exception org.apache.shiro.session.UnknownSessionException

Constructs a new UnknownSessionException.

UnsupportedAuthenticationMechanismException - Exception in org.apache.shiro.ldap

Exception thrown when a configured LDAP Authentication Mechanism is unsupported by the target LDAP server.

UnsupportedAuthenticationMechanismException(String) - Constructor for exception org.apache.shiro.ldap.UnsupportedAuthenticationMechanismException

UnsupportedAuthenticationMechanismException(String, Throwable) - Constructor for exception org.apache.shiro.ldap.UnsupportedAuthenticationMechanismException

UnsupportedTokenException - Exception in org.apache.shiro.authc.pam

Exception thrown during the authentication process when an AuthenticationToken implementation is encountered that is not supported by one or more configured Realms.

UnsupportedTokenException() - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException

Creates a new UnsupportedTokenException.

UnsupportedTokenException(String) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException

Constructs a new UnsupportedTokenException.

UnsupportedTokenException(String, Throwable) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException

Constructs a new UnsupportedTokenException.

UnsupportedTokenException(Throwable) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException

Constructs a new UnsupportedTokenException.

update(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO

Updates the state of the given session to the EIS by first delegating to CachingSessionDAO.doUpdate(org.apache.shiro.session.Session).

update(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO

update(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO

Updates (persists) data from a previously created Session instance in the EIS identified by {@link Session#getId() session.getId()}.

url - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm

url - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory

Deprecated.

UserAnnotationHandler - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresUser annotation is declared, and if so, ensures the calling Subject is either authenticated or remembered via remember me services before allowing access.

UserAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.UserAnnotationHandler

Default no-argument constructor that ensures this handler looks for RequiresUser annotations.

UserAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop

Checks to see if a @RequiresUser annotation is declared, and if so, ensures the calling Subject is either authenticated or remembered via remember me services before invoking the method.

UserAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.UserAnnotationMethodInterceptor

Default no-argument constructor that ensures this interceptor looks for RequiresUser annotations in a method declaration.

UserAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.UserAnnotationMethodInterceptor

UsernamePasswordToken - Class in org.apache.shiro.authc

A simple username/password authentication token to support the most widely-used authentication mechanism.

UsernamePasswordToken() - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

JavaBeans compatible no-arg constructor.

UsernamePasswordToken(String, char[]) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted during an authentication attempt, with a null host and a rememberMe default of false.

UsernamePasswordToken(String, char[], boolean) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user wishes their identity to be remembered across sessions.

UsernamePasswordToken(String, char[], boolean, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.

UsernamePasswordToken(String, char[], String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the inetAddress from where the attempt is occurring, and a default rememberMe value of false

UsernamePasswordToken(String, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted during an authentication attempt, with a null host and a rememberMe default of false

UsernamePasswordToken(String, String, boolean) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user wishes their identity to be remembered across sessions.

UsernamePasswordToken(String, String, boolean, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.

UsernamePasswordToken(String, String, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken

Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the inetAddress from where the attempt is occurring, and a default rememberMe value of false

userRolesQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm

users - Variable in class org.apache.shiro.realm.SimpleAccountRealm

USERS_LOCK - Variable in class org.apache.shiro.realm.SimpleAccountRealm

USERS_SECTION_NAME - Static variable in class org.apache.shiro.realm.text.IniRealm

useXmlFormat - Variable in class org.apache.shiro.realm.text.PropertiesRealm

V

validate() - Method in class org.apache.shiro.session.mgt.SimpleSession

validate() - Method in interface org.apache.shiro.session.mgt.ValidatingSession

validate(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

validateAuthenticationInfo(Hashtable<String, Object>) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory

Validates the configuration in the JNDI environment settings and throws an exception if a problem exists.

validateSessions() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager

validateSessions() - Method in interface org.apache.shiro.session.mgt.ValidatingSessionManager

Performs session validation for all open/active sessions in the system (those that have not been stopped or expired), and validates each one.

ValidatingSession - Interface in org.apache.shiro.session.mgt

A ValidatingSession is a Session that is capable of determining it is valid or not and is able to validate itself if necessary.

ValidatingSessionManager - Interface in org.apache.shiro.session.mgt

A ValidatingSessionManager is a SessionManager that can proactively validate any or all sessions that may be expired.

value() - Method in annotation type org.apache.shiro.authz.annotation.RequiresPermissions

The permission string which will be passed to Subject.isPermitted(String) to determine if the user is allowed to invoke the code protected by this annotation.

value() - Method in annotation type org.apache.shiro.authz.annotation.RequiresRoles

A single String role name or multiple comma-delimited role names required in order for the method invocation to be allowed.

valueOf(String) - Static method in enum org.apache.shiro.authz.annotation.Logical

Returns the enum constant of this type with the specified name.

valueOf(String) - Static method in enum org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle

Returns the enum constant of this type with the specified name.

values() - Static method in enum org.apache.shiro.authz.annotation.Logical

Returns an array containing the constants of this enum type, in the order they are declared.

values() - Static method in enum org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle

Returns an array containing the constants of this enum type, in the order they are declared.

values() - Method in class org.apache.shiro.subject.SimplePrincipalMap

values() - Method in class org.apache.shiro.util.MapContext

W

WILDCARD_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission

WildcardPermission - Class in org.apache.shiro.authz.permission

A WildcardPermission is a very flexible permission construct supporting multiple levels of permission matching.

WildcardPermission() - Constructor for class org.apache.shiro.authz.permission.WildcardPermission

Default no-arg constructor for subclasses only - end-user developers instantiating Permission instances must provide a wildcard string at a minimum, since Permission instances are immutable once instantiated.

WildcardPermission(String) - Constructor for class org.apache.shiro.authz.permission.WildcardPermission

WildcardPermission(String, boolean) - Constructor for class org.apache.shiro.authz.permission.WildcardPermission

WildcardPermissionResolver - Class in org.apache.shiro.authz.permission

PermissionResolver implementation that returns a new WildcardPermission based on the input string.

WildcardPermissionResolver() - Constructor for class org.apache.shiro.authz.permission.WildcardPermissionResolver

Default constructor.

WildcardPermissionResolver(boolean) - Constructor for class org.apache.shiro.authz.permission.WildcardPermissionResolver

Constructor to specify case sensitivity for the resolved premissions.

A B C D E F G H I J K L M N O P Q R S T U V W
All Classes All Packages