A B C D E F G H I J K L M N O P Q R S T U V W X _
All Classes All Packages
All Classes All Packages
A
- AbstractAuthenticationStrategy - Class in org.apache.shiro.authc.pam
-
Abstract base implementation for Shiro's concrete
AuthenticationStrategy
implementations. - AbstractAuthenticationStrategy() - Constructor for class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
- AbstractAuthenticator - Class in org.apache.shiro.authc
-
Superclass for almost all
Authenticator
implementations that performs the common work around authentication attempts. - AbstractAuthenticator() - Constructor for class org.apache.shiro.authc.AbstractAuthenticator
-
Default no-argument constructor.
- AbstractCacheManager - Class in org.apache.shiro.cache
-
Very simple abstract
CacheManager
implementation that retains all createdCache
instances in an in-memoryConcurrentMap
. - AbstractCacheManager() - Constructor for class org.apache.shiro.cache.AbstractCacheManager
-
Default no-arg constructor that instantiates an internal name-to-cache
ConcurrentMap
. - AbstractContainerIT - Class in org.apache.shiro.testing.web
- AbstractContainerIT() - Constructor for class org.apache.shiro.testing.web.AbstractContainerIT
- AbstractFactory<T> - Class in org.apache.shiro.util
-
TODO - Class JavaDoc
- AbstractFactory() - Constructor for class org.apache.shiro.util.AbstractFactory
- AbstractFilter - Class in org.apache.shiro.web.servlet
-
Base abstract Filter simplifying Filter initialization and
access
to init parameters. - AbstractFilter() - Constructor for class org.apache.shiro.web.servlet.AbstractFilter
- AbstractHash - Class in org.apache.shiro.crypto.hash
-
Deprecated.in Shiro 1.1 in favor of using the concrete
SimpleHash
implementation directly. - AbstractHash() - Constructor for class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Creates an new instance without any of its properties set (no hashing is performed).
- AbstractHash(Object) - Constructor for class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Creates a hash of the specified
source
with nosalt
using a single hash iteration. - AbstractHash(Object, Object) - Constructor for class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Creates a hash of the specified
source
using the givensalt
using a single hash iteration. - AbstractHash(Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Creates a hash of the specified
source
using the givensalt
a total ofhashIterations
times. - AbstractLdapRealm - Class in org.apache.shiro.realm.ldap
-
A
Realm
that authenticates with an LDAP server to build the Subject for a user. - AbstractLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.AbstractLdapRealm
- AbstractNativeSessionManager - Class in org.apache.shiro.session.mgt
-
Abstract implementation supporting the
NativeSessionManager
interface, supportingSessionListener
s and application of theglobalSessionTimeout
. - AbstractNativeSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- AbstractRememberMeManager - Class in org.apache.shiro.mgt
-
Abstract implementation of the
RememberMeManager
interface that handlesserialization
andencryption
of the remembered user identity. - AbstractRememberMeManager() - Constructor for class org.apache.shiro.mgt.AbstractRememberMeManager
-
Default constructor that initializes a
DefaultSerializer
as theserializer
and anAesCipherService
as thecipherService
. - AbstractSessionDAO - Class in org.apache.shiro.session.mgt.eis
-
An abstract
SessionDAO
implementation that performs some sanity checks on session creation and reading and allows for pluggable Session ID generation strategies if desired. - AbstractSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Default no-arg constructor that defaults the
sessionIdGenerator
to be aJavaUuidSessionIdGenerator
. - AbstractSessionManager - Class in org.apache.shiro.session.mgt
-
Base abstract class of the
SessionManager
interface, enabling configuration of an application-wideglobalSessionTimeout
. - AbstractSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractSessionManager
- AbstractShiroAnnotationProcessorConfiguration - Class in org.apache.shiro.spring.config
- AbstractShiroAnnotationProcessorConfiguration() - Constructor for class org.apache.shiro.spring.config.AbstractShiroAnnotationProcessorConfiguration
- AbstractShiroBeanConfiguration - Class in org.apache.shiro.spring.config
- AbstractShiroBeanConfiguration() - Constructor for class org.apache.shiro.spring.config.AbstractShiroBeanConfiguration
- AbstractShiroConfiguration - Class in org.apache.shiro.spring.config
- AbstractShiroConfiguration() - Constructor for class org.apache.shiro.spring.config.AbstractShiroConfiguration
- AbstractShiroFilter - Class in org.apache.shiro.web.servlet
-
Abstract base class that provides all standard Shiro request filtering behavior and expects subclasses to implement configuration-specific logic (INI, XML, .properties, etc).
- AbstractShiroFilter() - Constructor for class org.apache.shiro.web.servlet.AbstractShiroFilter
- AbstractShiroWebConfiguration - Class in org.apache.shiro.spring.web.config
- AbstractShiroWebConfiguration() - Constructor for class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- AbstractShiroWebFilterConfiguration - Class in org.apache.shiro.spring.web.config
- AbstractShiroWebFilterConfiguration() - Constructor for class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- AbstractSymmetricCipherService - Class in org.apache.shiro.crypto
-
Base abstract class for supporting symmetric key cipher algorithms.
- AbstractSymmetricCipherService(String) - Constructor for class org.apache.shiro.crypto.AbstractSymmetricCipherService
- AbstractValidatingSessionManager - Class in org.apache.shiro.session.mgt
-
Default business-tier implementation of the
ValidatingSessionManager
interface. - AbstractValidatingSessionManager() - Constructor for class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- accepts(Object) - Method in interface org.apache.shiro.event.support.EventListener
-
Returns
true
if the listener instance can process the specified event object,false
otherwise. - accepts(Object) - Method in class org.apache.shiro.event.support.SingleArgumentMethodEventListener
- AccessControlFilter - Class in org.apache.shiro.web.filter
-
Superclass for any filter that controls access to a resource and may redirect the user to the login page if they are not authenticated.
- AccessControlFilter() - Constructor for class org.apache.shiro.web.filter.AccessControlFilter
- Account - Interface in org.apache.shiro.authc
-
An Account is a convenience interface that extends both
AuthenticationInfo
andAuthorizationInfo
and represents authentication and authorization for a single account in a single Realm. - AccountException - Exception in org.apache.shiro.authc
-
Exception thrown due to a problem with the account under which an authentication attempt is being executed.
- AccountException() - Constructor for exception org.apache.shiro.authc.AccountException
-
Creates a new AccountException.
- AccountException(String) - Constructor for exception org.apache.shiro.authc.AccountException
-
Constructs a new AccountException.
- AccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.AccountException
-
Constructs a new AccountException.
- AccountException(Throwable) - Constructor for exception org.apache.shiro.authc.AccountException
-
Constructs a new AccountException.
- accountExists(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- AccountInfoController - Class in org.apache.shiro.samples
- AccountInfoController() - Constructor for class org.apache.shiro.samples.AccountInfoController
- ACTIVE_SESSION_CACHE_NAME - Static variable in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
The default active sessions cache name, equal to
shiro-activeSessionCache
. - ActiveDirectoryRealm - Class in org.apache.shiro.realm.activedirectory
-
A
Realm
that authenticates with an active directory LDAP server to determine the roles for a particular user. - ActiveDirectoryRealm() - Constructor for class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- add(int, Filter) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- add(Object, String) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Adds the given principal to this collection.
- add(Object, String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- add(Filter) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- add(SimpleAccount) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- add(Permission) - Method in class org.apache.shiro.authz.SimpleRole
- add(SimpleRole) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- add(Destroyable) - Method in class org.apache.shiro.guice.ShiroModule
- addAccount(String, String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- addAccount(String, String, String...) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- addAll(int, Collection<? extends Filter>) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- addAll(Collection<? extends Filter>) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- addAll(Collection<Permission>) - Method in class org.apache.shiro.authz.SimpleRole
- addAll(Collection, String) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Adds all of the principals in the given collection to this collection.
- addAll(Collection, String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- addAll(PrincipalCollection) - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Adds all of the principals from the given principal collection to this collection.
- addAll(PrincipalCollection) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- addDefaultFilters(boolean) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- addFilter(String, Filter) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- addFilter(String, Filter) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Adds a filter to the 'pool' of available filters that can be used when
creating filter chains
. - addFilter(String, Filter, boolean) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- addFilter(String, Filter, boolean) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Adds a filter to the 'pool' of available filters that can be used when
creating filter chains
. - addFilter(String, Filter, boolean, boolean) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- addFilterChain(String, Key<? extends Filter>) - Method in class org.apache.shiro.guice.web.ShiroWebModule
- addFilterChain(String, Key<? extends Filter>...) - Method in class org.apache.shiro.guice.web.ShiroWebModule
-
Deprecated.
- addFilterChain(String, ShiroWebModule.FilterConfig<? extends Filter>...) - Method in class org.apache.shiro.guice.web.ShiroWebModule
-
Maps 'n' number of
filterConfig
s to a specific path pattern.
For example, a path of '/my_private_resource/**' to 'filterConfig(AUTHC)' would require any resource under the path '/my_private_resource' would be processed through theFormAuthenticationFilter
. - addObjectPermission(Permission) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns an object-based permission directly to this Account (not any of its realms).
- addObjectPermission(Permission) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) a permission to those directly associated with the account.
- addObjectPermissions(Collection<Permission>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns one or more object-based permissions directly to this Account (not any of its realms).
- addObjectPermissions(Collection<Permission>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) multiple permissions to those associated directly with the account.
- addPathDefinition(String, String) - Method in class org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition
- addPathDefinitions(Map<String, String>) - Method in class org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition
- addRole(String) - Method in class org.apache.shiro.authc.SimpleAccount
-
Adds a role to this Account's set of assigned roles.
- addRole(String) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) a role to those associated with the account.
- addRole(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- addRole(Collection<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Adds one or more roles to this Account's set of assigned roles.
- addRoles(Collection<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) multiple roles to those associated with the account.
- addSection(String) - Method in class org.apache.shiro.config.Ini
-
Ensures a section with the specified name exists, adding a new one if it does not yet exist.
- addStringPermission(String) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns a String-based permission directly to this Account (not to any of its realms).
- addStringPermission(String) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) a permission to those directly associated with the account.
- addStringPermissions(Collection<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Assigns one or more string-based permissions directly to this Account (not to any of its realms).
- addStringPermissions(Collection<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Adds (assigns) multiple permissions to those associated directly with the account.
- addToChain(String, String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- addToChain(String, String) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Adds (appends) a filter to the filter chain identified by the given
chainName
. - addToChain(String, String, String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- addToChain(String, String, String) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Adds (appends) a filter to the filter chain identified by the given
chainName
. - AdviceFilter - Class in org.apache.shiro.web.servlet
-
A Servlet Filter that enables AOP-style "around" advice for a ServletRequest via
preHandle
,postHandle
, andafterCompletion
hooks. - AdviceFilter() - Constructor for class org.apache.shiro.web.servlet.AdviceFilter
- AesCipherService - Class in org.apache.shiro.crypto
-
CipherService
using theAES
cipher algorithm for all encryption, decryption, and key operations. - AesCipherService() - Constructor for class org.apache.shiro.crypto.AesCipherService
-
Creates a new
CipherService
instance using theAES
cipher algorithm with the following important cipher default attributes: Attribute ValuekeySize
128
bitsblockSize
128
bits (required forAES
mode
GCM
*paddingScheme
NoPadding
***initializationVectorSize
128
bitsgenerateInitializationVectors
true
** - afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Simply returns the
aggregate
argument without modification. - afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy
-
Ensures that the
aggregate
method argument is notnull
andaggregate.
is notgetPrincipals()
null
, and if either isnull
, throws an AuthenticationException to indicate that none of the realms authenticated successfully. - afterAllAttempts(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator signifying that all of its configured Realms have been consulted for account data, allowing post-processing after all realms have completed.
- afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Base implementation that will aggregate the specified
singleRealmInfo
into theaggregateInfo
and then returns the aggregate. - afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in class org.apache.shiro.authc.pam.AllSuccessfulStrategy
-
Merges the specified
info
into theaggregate
argument and returns it (just as the parent implementation does), but additionally ensures the following: if theThrowable
argument is notnull
, re-throws it to immediately cancel the authentication process, since this strategy requires all realms to authenticate successfully. neither theinfo
oraggregate
argument isnull
to ensure that each realm did in fact authenticate successfully - afterAttempt(Realm, AuthenticationToken, AuthenticationInfo, AuthenticationInfo, Throwable) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator just after the given realm has been consulted for authentication, allowing post-authentication-attempt logic for that realm only.
- afterBound(String, Object) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- afterCacheManagerSet() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Template callback to notify subclasses that a
CacheManager
has been set and is available for use via thegetCacheManager()
method. - afterCacheManagerSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Simply calls
applyCacheManagerToRealms()
to allow the newly setCacheManager
to be propagated to the internal collection ofRealm
that would need to use it. - afterCacheManagerSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Calls
super.afterCacheManagerSet()
and then immediately callsapplyCacheManagerToSessionManager()
to ensure theCacheManager
is applied to the SessionManager as necessary. - afterCacheManagerSet() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
This implementation attempts to acquire an authentication cache if one is not already configured.
- afterCacheManagerSet() - Method in class org.apache.shiro.realm.AuthorizingRealm
- afterCacheManagerSet() - Method in class org.apache.shiro.realm.CachingRealm
-
Template method that may be implemented by subclasses should they wish to react to a
CacheManager
instance being set on the realm instance via theCachingRealm.setCacheManager(org.apache.shiro.cache.CacheManager)
mutator. - afterCompletion(ServletRequest, ServletResponse, Exception) - Method in class org.apache.shiro.web.servlet.AdviceFilter
-
Called in all cases in a
finally
block even ifpreHandle
returnsfalse
or if an exception is thrown during filter chain processing. - afterEventBusSet() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Template callback to notify subclasses that an
EventBus
has been set and is available for use via thegetEventBus()
method. - afterEventBusSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
- afterEventBusSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Sets any configured EventBus on the SessionManager if necessary.
- afterExpired(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- afterExpired(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- afterRealmsSet() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Passes on the
realms
to the internal delegateAuthenticator
instance so that it may use them during authentication attempts. - afterRealmsSet() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
-
First calls
super.afterRealmsSet()
and then sets these sameRealm
objects on this instance's wrappedAuthorizer
. - afterRealmsSet() - Method in class org.apache.shiro.mgt.RealmSecurityManager
- afterRoleCacheSet() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- afterSessionManagerSet() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- afterSessionManagerSet() - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- afterSessionValidationEnabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- afterStopped(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- afterStopped(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- afterUnbound(String, Object) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- ALGORITHM_NAME - Static variable in class org.apache.shiro.crypto.hash.Md2Hash
- ALGORITHM_NAME - Static variable in class org.apache.shiro.crypto.hash.Md5Hash
- ALGORITHM_NAME - Static variable in class org.apache.shiro.crypto.hash.Sha1Hash
- ALGORITHM_NAME - Static variable in class org.apache.shiro.crypto.hash.Sha256Hash
- ALGORITHM_NAME - Static variable in class org.apache.shiro.crypto.hash.Sha384Hash
- ALGORITHM_NAME - Static variable in class org.apache.shiro.crypto.hash.Sha512Hash
- ALLOW_BACKSLASH - Static variable in class org.apache.shiro.web.util.WebUtils
- AllowAllCredentialsMatcher - Class in org.apache.shiro.authc.credential
-
A credentials matcher that always returns
true
when matching credentials no matter what arguments are passed in. - AllowAllCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
- AllPermission - Class in org.apache.shiro.authz.permission
-
An all AllPermission instance is one that always implies any other permission; that is, its
implies
method always returns true. - AllPermission() - Constructor for class org.apache.shiro.authz.permission.AllPermission
- AllSuccessfulStrategy - Class in org.apache.shiro.authc.pam
-
AuthenticationStrategy implementation that requires all configured realms to successfully process the submitted AuthenticationToken during the log-in attempt.
- AllSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.AllSuccessfulStrategy
- ALREADY_FILTERED_SUFFIX - Static variable in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
Suffix that gets appended to the filter name for the "already filtered" request attribute.
- analyze(Throwable, NoRealmBeanConfiguredException) - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroNoRealmConfiguredFailureAnalyzer
- AND - org.apache.shiro.authz.annotation.Logical
- AnnotationAuthorizationFilter - Class in org.apache.shiro.web.jaxrs
-
A filter that grants or denies access to a JAX-RS resource based on the Shiro annotations on it.
- AnnotationAuthorizationFilter(Collection<Annotation>) - Constructor for class org.apache.shiro.web.jaxrs.AnnotationAuthorizationFilter
- annotationClass - Variable in class org.apache.shiro.aop.AnnotationHandler
-
The type of annotation this handler will process.
- AnnotationEventListenerResolver - Class in org.apache.shiro.event.support
-
Inspects an object for annotated methods of interest and creates an
EventListener
instance for each method discovered. - AnnotationEventListenerResolver() - Constructor for class org.apache.shiro.event.support.AnnotationEventListenerResolver
- AnnotationHandler - Class in org.apache.shiro.aop
-
Base support class for implementations that reads and processes JSR-175 annotations.
- AnnotationHandler(Class<? extends Annotation>) - Constructor for class org.apache.shiro.aop.AnnotationHandler
-
Constructs an
AnnotationHandler
who processes annotations of the specified type. - AnnotationMethodInterceptor - Class in org.apache.shiro.aop
-
MethodInterceptor that inspects a specific annotation on the method invocation before continuing its execution.
- AnnotationMethodInterceptor(AnnotationHandler) - Constructor for class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Constructs an
AnnotationMethodInterceptor
with theAnnotationHandler
that will be used to process annotations of a corresponding type. - AnnotationMethodInterceptor(AnnotationHandler, AnnotationResolver) - Constructor for class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Constructs an
AnnotationMethodInterceptor
with theAnnotationHandler
that will be used to process annotations of a corresponding type, using the specifiedAnnotationResolver
to acquire annotations at runtime. - AnnotationResolver - Interface in org.apache.shiro.aop
-
Defines an AOP-framework-independent way of determining if an Annotation exists on a Method.
- AnnotationsAuthorizingMethodInterceptor - Class in org.apache.shiro.authz.aop
-
An AnnotationsAuthorizingMethodInterceptor is a MethodInterceptor that asserts a given method is authorized to execute based on one or more configured AuthorizingAnnotationMethodInterceptors.
- AnnotationsAuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Default no-argument constructor that defaults the
methodInterceptors
attribute to contain two interceptors by default - theRoleAnnotationMethodInterceptor
and thePermissionAnnotationMethodInterceptor
to support role and permission annotations. - anon - org.apache.shiro.web.filter.mgt.DefaultFilter
- ANON - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- AnonymousFilter - Class in org.apache.shiro.web.filter.authc
-
Filter that allows access to a path immeidately without performing security checks of any kind.
- AnonymousFilter() - Constructor for class org.apache.shiro.web.filter.authc.AnonymousFilter
- AntPathMatcher - Class in org.apache.shiro.util
-
PathMatcher implementation for Ant-style path patterns.
- AntPathMatcher() - Constructor for class org.apache.shiro.util.AntPathMatcher
- anyShiroAnnotatedMethod() - Method in class org.apache.shiro.aspectj.ShiroAnnotationAuthorizingAspect
- AopAllianceAnnotationsAuthorizingMethodInterceptor - Class in org.apache.shiro.spring.security.interceptor
-
Allows Shiro Annotations to work in any AOP Alliance specific implementation environment (for example, Spring).
- AopAllianceAnnotationsAuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor
- appendQueryProperties(StringBuilder, Map, String) - Method in class org.apache.shiro.web.util.RedirectView
-
Append query properties to the redirect URL.
- appliedPaths - Variable in class org.apache.shiro.web.filter.PathMatchingFilter
-
A collection of path-to-config entries where the key is a path which this filter should process and the value is the (possibly null) configuration element specific to this Filter for that specific path.
- applyCacheManagerToRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Sets the internal
CacheManager
on any internal configuredRealms
that implement theCacheManagerAware
interface. - applyCacheManagerToSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Ensures the internal delegate
SessionManager
is injected with the newly setCacheManager
so it may use it for its internal caching needs. - applyChainConfig(String, Filter, String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- applyEventBusToCacheManager() - Method in class org.apache.shiro.mgt.CachingSecurityManager
- applyEventBusToRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Sets the internal
EventBus
on any internal configuredRealms
that implement theEventBusAware
interface. - applyEventBusToSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Ensures the internal delegate
SessionManager
is injected with the newly setEventBus
so it may use it for its internal event needs. - applyFilterChainResolver(Ini, Map<String, ?>) - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- applyGlobalProperty(Map, String, String) - Method in class org.apache.shiro.config.ReflectionBuilder
- applyGlobalSessionTimeout(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- applyInitParams() - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- applyPermissionResolverToRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the internal
ModularRealmAuthorizer.getPermissionResolver()
on any internal configuredRealms
that implement thePermissionResolverAware
interface. - applyProperty(Object, String, Object) - Method in class org.apache.shiro.config.ReflectionBuilder
- applyProperty(Object, String, String) - Method in class org.apache.shiro.config.ReflectionBuilder
- applyProperty(String, String, Map) - Method in class org.apache.shiro.config.ReflectionBuilder
- applyRealmsToSecurityManager(Collection<Realm>, SecurityManager) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- applyRolePermissionResolverToRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the internal
ModularRealmAuthorizer.getRolePermissionResolver()
on any internal configuredRealms
that implement theRolePermissionResolverAware
interface. - applySecurityManager(Ini) - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- applySingleProperty(Map, String, String, String) - Method in class org.apache.shiro.config.ReflectionBuilder
- asList() - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns a single Subject's principals retrieved from all configured Realms as a List, or an empty List if there are not any principals.
- asList() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- asList() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- asList(E...) - Static method in class org.apache.shiro.util.CollectionUtils
- AspectjAnnotationsAuthorizingMethodInterceptor - Class in org.apache.shiro.aspectj
-
Extends the annotations authorizing method interceptor class hierarchie to adapt an aspectj
JoinPoint
into aMethodInvocation
amd to perform the authorization of method invocations. - AspectjAnnotationsAuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.aspectj.AspectjAnnotationsAuthorizingMethodInterceptor
- Assert - Class in org.apache.shiro.util
-
Assertion utility class that assists in validating arguments.
- Assert() - Constructor for class org.apache.shiro.util.Assert
- assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler
-
Ensures that the calling
Subject
is authenticated, and if not, throws anUnauthenticatedException
indicating the method is not allowed to be executed. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
-
Ensures the calling Subject is authorized to execute based on the directive(s) found in the given annotation.
- assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.GuestAnnotationHandler
-
Ensures that the calling
Subject
is NOT a user, that is, they do not have anidentity
before continuing. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.PermissionAnnotationHandler
-
Ensures that the calling
Subject
has the Annotation's specified permissions, and if not, throws anAuthorizingException
indicating access is denied. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.RoleAnnotationHandler
-
Ensures that the calling
Subject
has the Annotation's specified roles, and if not, throws anAuthorizingException
indicating that access is denied. - assertAuthorized(Annotation) - Method in class org.apache.shiro.authz.aop.UserAnnotationHandler
-
Ensures that the calling
Subject
is a user, that is, they are eitherauthenticated
or remembered via remember me services before allowing access, and if not, throws anAuthorizingException
indicating access is not allowed. - assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Iterates over the internal
methodInterceptors
collection, and for each one, ensures that if the interceptorsupports
the invocation, that the interceptorasserts
that the invocation is authorized to proceed. - assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
-
Ensures the calling Subject is authorized to execute the specified
MethodInvocation
. - assertAuthorized(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
-
Asserts that the specified MethodInvocation is allowed to continue by performing any necessary authorization (access control) checks first.
- assertAuthzCheckPossible() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- assertCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Asserts that the submitted
AuthenticationToken
's credentials match the stored accountAuthenticationInfo
's credentials, and if not, throws anAuthenticationException
. - assertHashFormatImpl(Class) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
- assertRealmsConfigured() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
- assertRealmsConfigured() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Used by the
Authorizer
implementation methods to ensure that therealms
has been set. - asSet() - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns a single Subject's principals retrieved from all configured Realms as a Set, or an empty Set if there are not any principals.
- asSet() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- asSet() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- asSet(E...) - Static method in class org.apache.shiro.util.CollectionUtils
- assignSessionId(Session, Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Utility method available to subclasses that wish to assign a generated session ID to the session instance directly.
- associateWith(Runnable) - Method in interface org.apache.shiro.subject.Subject
-
Returns a
Runnable
instance matching the given argument while additionally ensuring that it will retain and execute under this Subject's identity. - associateWith(Runnable) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- associateWith(Callable<V>) - Method in interface org.apache.shiro.subject.Subject
-
Returns a
Callable
instance matching the given argument while additionally ensuring that it will retain and execute under this Subject's identity. - associateWith(Callable<V>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- associateWithSubject(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
-
Utility method for subclasses to associate the argument
Runnable
with the currently executing subject and then return the associated Runnable. - associateWithSubject(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- associateWithSubject(Callable<T>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- AtLeastOneSuccessfulStrategy - Class in org.apache.shiro.authc.pam
-
AuthenticationStrategy implementation that requires at least one configured realm to successfully process the submitted AuthenticationToken during the log-in attempt.
- AtLeastOneSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy
- ATTRIBUTE_DELIMITER - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- authc - org.apache.shiro.web.filter.mgt.DefaultFilter
- AUTHC - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- AUTHC_BASIC - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- AUTHC_BEARER - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- authcBasic - org.apache.shiro.web.filter.mgt.DefaultFilter
- authcBearer - org.apache.shiro.web.filter.mgt.DefaultFilter
- authenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Implementation of the
Authenticator
interface that functions in the following manner: Calls templatedoAuthenticate
method for subclass execution of the actual authentication behavior. If anAuthenticationException
is thrown duringdoAuthenticate
,notify
any registeredAuthenticationListener
s of the exception and then propagate the exception for the caller to handle. If no exception is thrown (indicating a successful login),notify
any registeredAuthenticationListener
s of the successful attempt. Return theAuthenticationInfo
- authenticate(AuthenticationToken) - Method in interface org.apache.shiro.authc.Authenticator
-
Authenticates a user based on the submitted
AuthenticationToken
. - authenticate(AuthenticationToken) - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Delegates to the wrapped
Authenticator
for authentication. - authenticated - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- authenticated(boolean) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will be consideredauthenticated
. - AUTHENTICATED_SESSION_KEY - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext
-
The session key that is used to store whether or not the user is authenticated.
- AuthenticatedAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Handles
RequiresAuthentication
annotations and ensures the calling subject is authenticated before allowing access. - AuthenticatedAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler
-
Default no-argument constructor that ensures this handler to process
RequiresAuthentication
annotations. - AuthenticatedAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresAuthenticated
annotation is declared, and if so, ensures the callingSubject
.isAuthenticated()
before invoking the method. - AuthenticatedAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresAuthentication
annotations in a method declaration. - AuthenticatedAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.AuthenticatedAnnotationMethodInterceptor
- AuthenticatedTag - Class in org.apache.shiro.web.tags
-
JSP tag that renders the tag body only if the current user has executed a successful authentication attempt during their current session.
- AuthenticatedTag() - Constructor for class org.apache.shiro.web.tags.AuthenticatedTag
- AuthenticatingFilter - Class in org.apache.shiro.web.filter.authc
-
An
AuthenticationFilter
that is capable of automatically performing an authentication attempt based on the incoming request. - AuthenticatingFilter() - Constructor for class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- AuthenticatingRealm - Class in org.apache.shiro.realm
-
A top-level abstract implementation of the Realm interface that only implements authentication support (log-in) operations and leaves authorization (access control) behavior to subclasses.
- AuthenticatingRealm() - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingRealm(CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingRealm(CacheManager) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingRealm(CacheManager, CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthenticatingRealm
- AuthenticatingSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy that delegates all authentication operations to a wrappedAuthenticator
instance. - AuthenticatingSecurityManager() - Constructor for class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Default no-arg constructor that initializes its internal
authenticator
instance to aModularRealmAuthenticator
. - authentication - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- AuthenticationException - Exception in org.apache.shiro.authc
-
General exception thrown due to an error during the Authentication process.
- AuthenticationException() - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Creates a new AuthenticationException.
- AuthenticationException(String) - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Constructs a new AuthenticationException.
- AuthenticationException(String, Throwable) - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Constructs a new AuthenticationException.
- AuthenticationException(Throwable) - Constructor for exception org.apache.shiro.authc.AuthenticationException
-
Constructs a new AuthenticationException.
- AuthenticationFilter - Class in org.apache.shiro.web.filter.authc
-
Base class for all Filters that require the current user to be authenticated.
- AuthenticationFilter() - Constructor for class org.apache.shiro.web.filter.authc.AuthenticationFilter
- AuthenticationInfo - Interface in org.apache.shiro.authc
-
AuthenticationInfo
represents a Subject's (aka user's) stored account information relevant to the authentication/log-in process only. - AuthenticationListener - Interface in org.apache.shiro.authc
-
An
AuthenticationListener
listens for notifications whileSubject
s authenticate with the system. - authenticationQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- authenticationStrategy() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- authenticationStrategy() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- authenticationStrategy() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- authenticationStrategy() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- authenticationStrategy() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- AuthenticationStrategy - Interface in org.apache.shiro.authc.pam
-
A
AuthenticationStrategy
implementation assists theModularRealmAuthenticator
during the log-in process in a pluggable realm (PAM) environment. - AuthenticationToken - Interface in org.apache.shiro.authc
-
An AuthenticationToken is a consolidation of an account's principals and supporting credentials submitted by a user during an authentication attempt.
- authenticator() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- authenticator() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- authenticator() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- authenticator() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- authenticator() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- Authenticator - Interface in org.apache.shiro.authc
-
An Authenticator is responsible for authenticating accounts in an application.
- authorizationAttributeSourceAdvisor(SecurityManager) - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAnnotationProcessorAutoConfiguration
- authorizationAttributeSourceAdvisor(SecurityManager) - Method in class org.apache.shiro.spring.config.AbstractShiroAnnotationProcessorConfiguration
- authorizationAttributeSourceAdvisor(SecurityManager) - Method in class org.apache.shiro.spring.config.ShiroAnnotationProcessorConfiguration
- AuthorizationAttributeSourceAdvisor - Class in org.apache.shiro.spring.security.interceptor
-
TODO - complete JavaDoc
- AuthorizationAttributeSourceAdvisor() - Constructor for class org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor
-
Create a new AuthorizationAttributeSourceAdvisor.
- AuthorizationException - Exception in org.apache.shiro.authz
-
Exception thrown if there is a problem during authorization (access control check).
- AuthorizationException() - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Creates a new AuthorizationException.
- AuthorizationException(String) - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Constructs a new AuthorizationException.
- AuthorizationException(String, Throwable) - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Constructs a new AuthorizationException.
- AuthorizationException(Throwable) - Constructor for exception org.apache.shiro.authz.AuthorizationException
-
Constructs a new AuthorizationException.
- AuthorizationFilter - Class in org.apache.shiro.web.filter.authz
-
Superclass for authorization-related filters.
- AuthorizationFilter() - Constructor for class org.apache.shiro.web.filter.authz.AuthorizationFilter
- AuthorizationInfo - Interface in org.apache.shiro.authz
-
AuthorizationInfo
represents a single Subject's stored authorization data (roles, permissions, etc) used during authorization (access control) checks only. - authorizer() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- authorizer() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- authorizer() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- authorizer() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- authorizer() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- Authorizer - Interface in org.apache.shiro.authz
-
An Authorizer performs authorization (access control) operations for any given Subject (aka 'application user').
- AuthorizingAnnotationHandler - Class in org.apache.shiro.authz.aop
-
An AnnotationHandler that executes authorization (access control) behavior based on directive(s) found in a JSR-175 Annotation.
- AuthorizingAnnotationHandler(Class<? extends Annotation>) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationHandler
-
Constructs an
AuthorizingAnnotationHandler
who processes annotations of the specified type. - AuthorizingAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
An AnnotationMethodInterceptor that asserts the calling code is authorized to execute the method before allowing the invocation to continue by inspecting code annotations to perform an access control check.
- AuthorizingAnnotationMethodInterceptor(AuthorizingAnnotationHandler) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
-
Constructor that ensures the internal
handler
is set which will be used to perform the authorization assertion checks when a supported annotation is encountered. - AuthorizingAnnotationMethodInterceptor(AuthorizingAnnotationHandler, AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
- AuthorizingMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Basic abstract class to support intercepting methods that perform authorization (access control) checks.
- AuthorizingMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
- AuthorizingRealm - Class in org.apache.shiro.realm
-
An
AuthorizingRealm
extends theAuthenticatingRealm
's capabilities by adding Authorization (access control) support. - AuthorizingRealm() - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingRealm(CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingRealm(CacheManager) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingRealm(CacheManager, CredentialsMatcher) - Constructor for class org.apache.shiro.realm.AuthorizingRealm
- AuthorizingSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy that delegates all authorization (access control) operations to a wrappedAuthorizer
instance. - AuthorizingSecurityManager() - Constructor for class org.apache.shiro.mgt.AuthorizingSecurityManager
-
Default no-arg constructor that initializes an internal default
ModularRealmAuthorizer
. - awaitTermination(long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
B
- Base64 - Class in org.apache.shiro.codec
- Base64() - Constructor for class org.apache.shiro.codec.Base64
- BASE64 - org.apache.shiro.crypto.hash.format.ProvidedHashFormat
-
Value representing the
Base64Format
implementation. - Base64Format - Class in org.apache.shiro.crypto.hash.format
-
HashFormat
that outputs only the hash's digest bytes in Base64 format. - Base64Format() - Constructor for class org.apache.shiro.crypto.hash.format.Base64Format
- BasicHttpAuthenticationFilter - Class in org.apache.shiro.web.filter.authc
-
Requires the requesting user to be
authenticated
for the request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge. - BasicHttpAuthenticationFilter() - Constructor for class org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
- BasicIniEnvironment - Class in org.apache.shiro.env
-
Basic usage:
- BasicIniEnvironment(String) - Constructor for class org.apache.shiro.env.BasicIniEnvironment
- BasicIniEnvironment(Ini) - Constructor for class org.apache.shiro.env.BasicIniEnvironment
- BeanEvent - Class in org.apache.shiro.config.event
- BeanEvent(String, Object, Map<String, Object>) - Constructor for class org.apache.shiro.config.event.BeanEvent
- BearerHttpAuthenticationFilter - Class in org.apache.shiro.web.filter.authc
-
Requires the requesting user to be
authenticated
for the request to continue, and if they're not, requires the user to login via the HTTP Bearer protocol-specific challenge. - BearerHttpAuthenticationFilter() - Constructor for class org.apache.shiro.web.filter.authc.BearerHttpAuthenticationFilter
- BearerToken - Class in org.apache.shiro.authc
-
A
AuthenticationToken
that contains an a Bearer token or API key, typically received via an HTTPAuthorization
header. - BearerToken(String) - Constructor for class org.apache.shiro.authc.BearerToken
- BearerToken(String, String) - Constructor for class org.apache.shiro.authc.BearerToken
- BeforeAdviceMethodInvocationAdapter - Class in org.apache.shiro.aspectj
-
Helper class that adapts an AspectJ
JoinPoint
. - BeforeAdviceMethodInvocationAdapter(Object, Method, Object[]) - Constructor for class org.apache.shiro.aspectj.BeforeAdviceMethodInvocationAdapter
-
Creates a new
BeforeAdviceMethodInvocationAdapter
instance. - beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Simply returns
new
, which supports aggregating account data across realms.SimpleAuthenticationInfo
(); - beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator signifying that the authentication process is about to begin for the specified
token
- called before anyRealm
is actually invoked. - beforeAllAttempts(Collection<? extends Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
-
Returns
null
immediately, relying on this class'smerge
implementation to return only the firstinfo
object it encounters, ignoring all subsequent ones. - beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Simply returns the
aggregate
method argument, without modification. - beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AllSuccessfulStrategy
-
Because all realms in this strategy must complete successfully, this implementation ensures that the given
Realm
supports
the giventoken
argument. - beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.pam.AuthenticationStrategy
-
Method invoked by the ModularAuthenticator just prior to the realm being consulted for account data, allowing pre-authentication-attempt logic for that realm only.
- beforeAttempt(Realm, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
-
Throws ShortCircuitIterationException if stopAfterFirstSuccess is set and authentication is successful with a previously consulted realm.
- beforeInvalidNotification(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Returns the session instance to use to pass to registered
SessionListener
s for notification that the session has been invalidated (stopped or expired). - beforeLogout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- beforeLogout(Subject) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- beforeSessionValidationDisabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- beforeTest() - Method in class org.apache.shiro.testing.web.AbstractContainerIT
- bind() - Method in class org.apache.shiro.subject.support.SubjectThreadState
-
Binds a
Subject
andSecurityManager
to theThreadContext
so they can be retrieved later by anySecurityUtils.
getSubject()
calls that might occur during the thread's execution. - bind() - Method in interface org.apache.shiro.util.ThreadState
-
Binds any state that should be made accessible during a thread's execution.
- bind(String, Object) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Bind the given object to the current JNDI context, using the given name.
- bind(SecurityManager) - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies binding the application's SecurityManager instance to the ThreadContext.
- bind(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Deprecated.in favor of
save(subject)
. - bind(Subject) - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies binding a Subject to the ThreadContext.
- bindBeanType(TypeLiteral<T>, Key<? extends T>) - Method in class org.apache.shiro.guice.ShiroModule
-
Binds a key to use for injecting setters in shiro classes.
- bindEnvironment(AnnotatedBindingBuilder<Environment>) - Method in class org.apache.shiro.guice.ShiroModule
-
Binds the environment.
- bindEnvironment(AnnotatedBindingBuilder<Environment>) - Method in class org.apache.shiro.guice.web.ShiroWebModule
- bindEventBus(AnnotatedBindingBuilder<EventBus>) - Method in class org.apache.shiro.guice.ShiroModule
-
Binds the EventBus.
- bindGuiceFilter(Binder) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
- bindGuiceFilter(String, Binder) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
- bindRealm() - Method in class org.apache.shiro.guice.ShiroModule
-
This is the preferred manner to bind a realm.
- bindSecurityManager(AnnotatedBindingBuilder<? super SecurityManager>) - Method in class org.apache.shiro.guice.ShiroModule
-
Binds the security manager.
- bindSecurityManager(AnnotatedBindingBuilder<? super SecurityManager>) - Method in class org.apache.shiro.guice.web.ShiroWebModule
- bindSessionManager(AnnotatedBindingBuilder<SessionManager>) - Method in class org.apache.shiro.guice.ShiroModule
-
Binds the session manager.
- bindSessionManager(AnnotatedBindingBuilder<SessionManager>) - Method in class org.apache.shiro.guice.web.ShiroWebModule
-
Binds the session manager.
- bindShiroInterceptor(AnnotationMethodInterceptor) - Method in class org.apache.shiro.guice.aop.ShiroAopModule
- bindWebEnvironment(AnnotatedBindingBuilder<? super WebEnvironment>) - Method in class org.apache.shiro.guice.web.ShiroWebModule
- bindWebSecurityManager(AnnotatedBindingBuilder<? super WebSecurityManager>) - Method in class org.apache.shiro.guice.web.ShiroWebModule
-
Binds the security manager.
- BlowfishCipherService - Class in org.apache.shiro.crypto
-
CipherService
using theBlowfish
cipher algorithm for all encryption, decryption, and key operations. - BlowfishCipherService() - Constructor for class org.apache.shiro.crypto.BlowfishCipherService
-
Creates a new
CipherService
instance using theBlowfish
cipher algorithm with the following important cipher default attributes: Attribute ValuekeySize
128
bitsblockSize
64
bits (required forBlowfish
)mode
CBC
*paddingScheme
PKCS5
initializationVectorSize
64
bitsgenerateInitializationVectors
true
** - build() - Method in class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Builds a
HashRequest
instance reflecting the specified configuration. - buildAuthenticationInfo(String, char[]) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- buildAuthorizationInfo(Set<String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- buildChains(FilterChainManager, Ini) - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- buildCookie(String, int, String, String, boolean) - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- buildCookie(String, int, String, String, boolean, Cookie.SameSiteOptions) - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- Builder() - Constructor for class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Default no-arg constructor.
- Builder() - Constructor for class org.apache.shiro.subject.Subject.Builder
-
Constructs a new
Subject.Builder
instance, using theSecurityManager
instance available to the calling code as determined by a call toSecurityUtils.getSecurityManager()
to build theSubject
instance. - Builder(ServletRequest, ServletResponse) - Constructor for class org.apache.shiro.web.subject.WebSubject.Builder
-
Constructs a new
Web.Builder
instance using theSecurityManager
obtained by callingSecurityUtils.
getSecurityManager()
. - Builder(SecurityManager) - Constructor for class org.apache.shiro.subject.Subject.Builder
-
Constructs a new
Subject.Builder
instance which will use the specifiedSecurityManager
when building theSubject
instance. - Builder(SecurityManager, ServletRequest, ServletResponse) - Constructor for class org.apache.shiro.web.subject.WebSubject.Builder
-
Constructs a new
Web.Builder
instance using the specifiedSecurityManager
instance to create theWebSubject
instance. - buildHashRequest(ByteSource, Hash) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- buildHeaderValue(String, String, String, String, String, int, int, boolean, boolean) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- buildHeaderValue(String, String, String, String, String, int, int, boolean, boolean, Cookie.SameSiteOptions) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- buildObjects(Map<String, String>) - Method in class org.apache.shiro.config.ReflectionBuilder
- buildPermissions(String[], String) - Method in class org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
-
Builds a new array of permission strings based on the original argument, appending the specified action verb to each one per
WildcardPermission
conventions. - buildPermissions(HttpServletRequest, String[], String) - Method in class org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
-
Returns a collection of String permissions with which to perform a permission check to determine if the filter will allow the request to continue.
- buildSubject() - Method in class org.apache.shiro.subject.Subject.Builder
-
Creates and returns a new
Subject
instance reflecting the cumulative state acquired by the other methods in this class. - buildWebSubject() - Method in class org.apache.shiro.web.subject.WebSubject.Builder
-
Returns
super.buildSubject()
, but additionally ensures that the returned instance is aninstanceof
WebSubject
and to support a type-safe method so a caller does not have to cast. - byId(String) - Static method in enum org.apache.shiro.crypto.hash.format.ProvidedHashFormat
- bytes(byte[]) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns a new
ByteSource
instance representing the specified byte array. - bytes(char[]) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns a new
ByteSource
instance representing the specified character array's bytes. - bytes(File) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns a new
ByteSource
instance representing the specified File's bytes. - bytes(InputStream) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns a new
ByteSource
instance representing the specified InputStream's bytes. - bytes(Object) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns a
ByteSource
instance representing the specified byte source argument. - bytes(String) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns a new
ByteSource
instance representing the specified string's bytes. - bytes(ByteSource) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns a new
ByteSource
instance representing the specified ByteSource. - ByteSource - Interface in org.apache.shiro.util
-
A
ByteSource
wraps a byte array and provides additional encoding operations. - ByteSource.Util - Class in org.apache.shiro.util
-
Utility class that can construct ByteSource instances.
- byType(Class<T>) - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns all principals assignable from the specified type, or an empty Collection if no principals of that type are contained.
- byType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- byType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
C
- cache(Session, Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Caches the specified session under the cache entry key of
sessionId
. - cache(Session, Serializable, Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Caches the specified session in the given cache under the key of
sessionId
. - Cache<K,V> - Interface in org.apache.shiro.cache
-
A Cache efficiently stores temporary objects primarily to improve an application's performance.
- CacheException - Exception in org.apache.shiro.cache
-
Root class of all Shiro exceptions related to caching operations.
- CacheException() - Constructor for exception org.apache.shiro.cache.CacheException
-
Creates a new
CacheException
. - CacheException(String) - Constructor for exception org.apache.shiro.cache.CacheException
-
Creates a new
CacheException
. - CacheException(String, Throwable) - Constructor for exception org.apache.shiro.cache.CacheException
-
Creates a new
CacheException
. - CacheException(Throwable) - Constructor for exception org.apache.shiro.cache.CacheException
-
Creates a new
CacheException
. - cacheManager - Variable in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- CacheManager - Interface in org.apache.shiro.cache
-
A CacheManager provides and maintains the lifecycles of
Cache
instances. - CacheManagerAware - Interface in org.apache.shiro.cache
-
Interface implemented by components that utilize a CacheManager and wish that CacheManager to be supplied if one is available.
- CachingRealm - Class in org.apache.shiro.realm
-
A very basic abstract extension point for the
Realm
interface that provides caching support for subclasses. - CachingRealm() - Constructor for class org.apache.shiro.realm.CachingRealm
-
Default no-argument constructor that defaults
cachingEnabled
(for general caching) totrue
and sets a defaultname
based on the class name. - CachingSecurityManager - Class in org.apache.shiro.mgt
-
A very basic starting point for the SecurityManager interface that merely provides logging and caching support.
- CachingSecurityManager() - Constructor for class org.apache.shiro.mgt.CachingSecurityManager
-
Default no-arg constructor that will automatically attempt to initialize a default cacheManager
- CachingSessionDAO - Class in org.apache.shiro.session.mgt.eis
-
An CachingSessionDAO is a SessionDAO that provides a transparent caching layer between the components that use it and the underlying EIS (Enterprise Information System) session backing store (for example, filesystem, database, enterprise grid/cloud, etc).
- CachingSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Default no-arg constructor.
- call() - Method in class org.apache.shiro.subject.support.SubjectCallable
- CasAuthenticationException - Exception in org.apache.shiro.cas
-
Deprecated.replaced with Shiro integration in buji-pac4j.
- CasAuthenticationException() - Constructor for exception org.apache.shiro.cas.CasAuthenticationException
-
Deprecated.
- CasAuthenticationException(String) - Constructor for exception org.apache.shiro.cas.CasAuthenticationException
-
Deprecated.
- CasAuthenticationException(String, Throwable) - Constructor for exception org.apache.shiro.cas.CasAuthenticationException
-
Deprecated.
- CasAuthenticationException(Throwable) - Constructor for exception org.apache.shiro.cas.CasAuthenticationException
-
Deprecated.
- CasFilter - Class in org.apache.shiro.cas
-
Deprecated.replaced with Shiro integration in buji-pac4j.
- CasFilter() - Constructor for class org.apache.shiro.cas.CasFilter
-
Deprecated.
- CasRealm - Class in org.apache.shiro.cas
-
Deprecated.replaced with Shiro integration in buji-pac4j.
- CasRealm() - Constructor for class org.apache.shiro.cas.CasRealm
-
Deprecated.
- CasSubjectFactory - Class in org.apache.shiro.cas
-
Deprecated.replaced with Shiro integration in buji-pac4j.
- CasSubjectFactory() - Constructor for class org.apache.shiro.cas.CasSubjectFactory
-
Deprecated.
- CasToken - Class in org.apache.shiro.cas
-
Deprecated.replaced with Shiro integration in buji-pac4j.
- CasToken(String) - Constructor for class org.apache.shiro.cas.CasToken
-
Deprecated.
- CBC - org.apache.shiro.crypto.OperationMode
-
Cipher-block Chaining mode, defined in FIPS PUB 81.
- CCM - org.apache.shiro.crypto.OperationMode
-
Counter with CBC-MAC mode* - for block ciphers with 128 bit block-size only.
- CFB - org.apache.shiro.crypto.OperationMode
- checkForNullOrEmptyLiteral(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- checkHashFormatDurability() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- checkPermission(String) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject implies the specified permission String.
- checkPermission(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermission(Permission) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject
implies
the specifiedPermission
. - checkPermission(Permission) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermission(Permission, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermission(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures the corresponding Subject/user implies the specified permission String.
- checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
- checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermission(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermission(PrincipalCollection, Permission) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures a subject/user
Permission.implies(Permission)
implies} the specified Permission. - checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
- checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermission(PrincipalCollection, Permission) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermissions(String...) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject
implies
all of the specified permission strings. - checkPermissions(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermissions(Collection<Permission>) - Method in interface org.apache.shiro.subject.Subject
-
Ensures this Subject
implies
all of the specified permission strings. - checkPermissions(Collection<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkPermissions(Collection<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermissions(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures the corresponding Subject/user
implies
all of the specified permission strings. - checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
- checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermissions(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkPermissions(PrincipalCollection, Collection<Permission>) - Method in interface org.apache.shiro.authz.Authorizer
-
Ensures the corresponding Subject/user
implies
all of the specified permission strings. - checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
- checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkPermissions(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRole(String) - Method in interface org.apache.shiro.subject.Subject
-
Asserts this Subject has the specified role by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRole(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkRole(String, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRole(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Asserts the corresponding Subject/user has the specified role by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
If !
- checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkRole(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRoles(String...) - Method in interface org.apache.shiro.subject.Subject
-
Same as
checkRoles(Collection
but doesn't require a collection as a an argument.roleIdentifiers) - checkRoles(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkRoles(Collection<String>) - Method in interface org.apache.shiro.subject.Subject
-
Asserts this Subject has all of the specified roles by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRoles(Collection<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- checkRoles(Collection<String>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRoles(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Same as
checkRoles(PrincipalCollection subjectPrincipal, Collection<String> roleIdentifiers)
but doesn't require a collection as an argument. - checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Calls
checkRole
for each role specified. - checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkRoles(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkRoles(PrincipalCollection, Collection<String>) - Method in interface org.apache.shiro.authz.Authorizer
-
Asserts the corresponding Subject/user has all of the specified roles by returning quietly if they do or throwing an
AuthorizationException
if they do not. - checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
- checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- checkRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- checkValid(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- checkValid(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns quietly if the associated session is valid (it exists and is not stopped or expired) or throws an
InvalidSessionException
indicating that the session id is invalid. - CipherService - Interface in org.apache.shiro.crypto
-
A
CipherService
uses a cryptographic algorithm called a Cipher to convert an original input source using akey
to an uninterpretable format. - CLASSPATH_PREFIX - Static variable in class org.apache.shiro.io.ResourceUtils
-
Resource path prefix that specifies to load from a classpath location, value is
classpath:
- ClassResolvingObjectInputStream - Class in org.apache.shiro.io
-
Enables correct ClassLoader lookup in various environments (e.g.
- ClassResolvingObjectInputStream(InputStream) - Constructor for class org.apache.shiro.io.ClassResolvingObjectInputStream
- ClassUtils - Class in org.apache.shiro.util
-
Utility method library used to conveniently interact with
Class
es, such as acquiring them from the applicationClassLoader
s and instantiating Objects from them. - ClassUtils() - Constructor for class org.apache.shiro.util.ClassUtils
- clean(String) - Static method in class org.apache.shiro.util.StringUtils
-
Returns a 'cleaned' representation of the specified argument.
- cleanup(ServletRequest, ServletResponse, Exception) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
-
Overrides the default behavior to call
AccessControlFilter.onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse, java.lang.Object)
and swallow the exception if the exception isUnauthenticatedException
. - cleanup(ServletRequest, ServletResponse, Exception) - Method in class org.apache.shiro.web.servlet.AdviceFilter
-
Executes cleanup logic in the
finally
code block in thedoFilterInternal
implementation. - clear() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Clears out (nulls) the username, password, rememberMe, and inetAddress.
- clear() - Method in interface org.apache.shiro.cache.Cache
-
Clear all entries from the cache.
- clear() - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Removes all elements in the cache, but leaves the cache in a useable state.
- clear() - Method in class org.apache.shiro.cache.MapCache
- clear() - Method in class org.apache.shiro.config.Ini
- clear() - Method in class org.apache.shiro.config.Ini.Section
- clear() - Method in interface org.apache.shiro.subject.MutablePrincipalCollection
-
Removes all Principals in this collection.
- clear() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- clear() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- clear() - Method in class org.apache.shiro.subject.support.SubjectThreadState
-
Completely
removes
theThreadContext
state. - clear() - Method in class org.apache.shiro.util.MapContext
- clear() - Method in class org.apache.shiro.util.SoftHashMap
- clear() - Method in interface org.apache.shiro.util.ThreadState
-
Completely clears/removes the
ThreadContext
state. - clear() - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- clearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
Clears out any cached data associated with the specified account identity/identities.
- clearCachedAuthenticationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Clears out the AuthenticationInfo cache entry for the specified account.
- clearCachedAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Clears out the AuthorizationInfo cache entry for the specified account.
- CliApp - Class in org.apache.shiro.samples
-
Spring Boot Application that show the usage of a user login, checking permissions, and annotation protected methods.
- CliApp() - Constructor for class org.apache.shiro.samples.CliApp
- close(InputStream) - Static method in class org.apache.shiro.io.ResourceUtils
-
Convenience method that closes the specified
InputStream
, logging anyIOException
that might occur. - closeConnection(Connection) - Static method in class org.apache.shiro.util.JdbcUtils
-
Close the given JDBC Connection and ignore any thrown exception.
- closeContext(LdapContext) - Static method in class org.apache.shiro.realm.ldap.LdapUtils
-
Closes an LDAP context, logging any errors, but not throwing an exception if there is a failure.
- closeEnumeration(NamingEnumeration) - Static method in class org.apache.shiro.realm.ldap.LdapUtils
- closeResultSet(ResultSet) - Static method in class org.apache.shiro.util.JdbcUtils
-
Close the given JDBC ResultSet and ignore any thrown exception.
- closeStatement(Statement) - Static method in class org.apache.shiro.util.JdbcUtils
-
Close the given JDBC Statement and ignore any thrown exception.
- CodecException - Exception in org.apache.shiro.codec
-
Root exception related to issues during encoding or decoding.
- CodecException() - Constructor for exception org.apache.shiro.codec.CodecException
-
Creates a new
CodecException
. - CodecException(String) - Constructor for exception org.apache.shiro.codec.CodecException
-
Creates a new
CodecException
. - CodecException(String, Throwable) - Constructor for exception org.apache.shiro.codec.CodecException
-
Creates a new
CodecException
. - CodecException(Throwable) - Constructor for exception org.apache.shiro.codec.CodecException
-
Creates a new
CodecException
. - CodecSupport - Class in org.apache.shiro.codec
-
Base abstract class that provides useful encoding and decoding operations, especially for character data.
- CodecSupport() - Constructor for class org.apache.shiro.codec.CodecSupport
- CollectionUtils - Class in org.apache.shiro.util
-
Static helper class for use dealing with Collections.
- CollectionUtils() - Constructor for class org.apache.shiro.util.CollectionUtils
- COLUMN - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
- combine(ByteSource, ByteSource) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
-
Combines the specified 'private' salt bytes with the specified additional extra bytes to use as the total salt during hash computation.
- COMMENT_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- COMMENT_POUND - Static variable in class org.apache.shiro.config.Ini
- COMMENT_SEMICOLON - Static variable in class org.apache.shiro.config.Ini
- CommonsInterpolator - Class in org.apache.shiro.config
-
Commons-Config interpolation wrapper.
- CommonsInterpolator() - Constructor for class org.apache.shiro.config.CommonsInterpolator
- compare(Class, Class) - Method in class org.apache.shiro.event.support.EventClassComparator
- compare(EventListener, EventListener) - Method in class org.apache.shiro.event.support.EventListenerComparator
- computeHash(HashRequest) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
-
Computes and responds with a hash based on the specified request.
- computeHash(HashRequest) - Method in interface org.apache.shiro.crypto.hash.HashService
-
Computes a hash based on the given request.
- ConcurrentAccessException - Exception in org.apache.shiro.authc
-
Thrown when an authentication attempt has been received for an account that has already been authenticated (i.e. logged-in), and the system is configured to prevent such concurrent access.
- ConcurrentAccessException() - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Creates a new ConcurrentAccessException.
- ConcurrentAccessException(String) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Constructs a new ConcurrentAccessException.
- ConcurrentAccessException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Constructs a new ConcurrentAccessException.
- ConcurrentAccessException(Throwable) - Constructor for exception org.apache.shiro.authc.ConcurrentAccessException
-
Constructs a new ConcurrentAccessException.
- config(Key<T>, String) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
-
Deprecated.
- config(TypeLiteral<T>, String) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
-
Deprecated.
- config(Class<T>, String) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
-
Deprecated.
- CONFIG_INIT_PARAM_NAME - Static variable in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- CONFIG_LOCATIONS_PARAM - Static variable in class org.apache.shiro.web.env.EnvironmentLoader
-
Servlet Context config param for the resource path to use for configuring the
WebEnvironment
instance:shiroConfigLocations
- CONFIG_PATH_INIT_PARAM_NAME - Static variable in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- ConfigurableHashService - Interface in org.apache.shiro.crypto.hash
-
A
HashService
that allows configuration of its strategy via JavaBeans-compatible setter methods. - ConfigurationException - Exception in org.apache.shiro.config
-
Root exception indicating there was a problem parsing or processing the Shiro configuration.
- ConfigurationException() - Constructor for exception org.apache.shiro.config.ConfigurationException
-
Creates a new ConfigurationException.
- ConfigurationException(String) - Constructor for exception org.apache.shiro.config.ConfigurationException
-
Constructs a new ConfigurationException.
- ConfigurationException(String, Throwable) - Constructor for exception org.apache.shiro.config.ConfigurationException
-
Constructs a new ConfigurationException.
- ConfigurationException(Throwable) - Constructor for exception org.apache.shiro.config.ConfigurationException
-
Constructs a new ConfigurationException.
- configure() - Method in class org.apache.shiro.guice.aop.ShiroAopModule
- configure() - Method in class org.apache.shiro.guice.ShiroModule
- configure() - Method in class org.apache.shiro.web.env.IniWebEnvironment
- configure() - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- configure(ResourceInfo, FeatureContext) - Method in class org.apache.shiro.web.jaxrs.ShiroAnnotationFilterFeature
- configure(FeatureContext) - Method in class org.apache.shiro.web.jaxrs.ShiroFeature
- ConfiguredBeanEvent - Class in org.apache.shiro.config.event
-
Event triggered when a configured bean has been instantiated and fully configured but right before the bean has been initialized.
- ConfiguredBeanEvent(String, Object, Map<String, Object>) - Constructor for class org.apache.shiro.config.event.ConfiguredBeanEvent
- configureDefaultInterceptors(AnnotationResolver) - Method in class org.apache.shiro.guice.aop.ShiroAopModule
- configureInterceptors(AnnotationResolver) - Method in class org.apache.shiro.guice.aop.ShiroAopModule
- configureShiro() - Method in class org.apache.shiro.guice.ShiroModule
-
Implement this method in order to configure your realms and any other Shiro customization you may need.
- configureShiro() - Method in class org.apache.shiro.guice.web.ShiroWebModule
- configureShiro() - Method in class QuickstartShiroModule
- configureShiroWeb() - Method in class org.apache.shiro.guice.web.ShiroWebModule
- CONTAINER_PREFIX - Static variable in class org.apache.shiro.jndi.JndiLocator
-
JNDI prefix used in a J2EE container
- contains(Object) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- containsAll(Collection<?>) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- containsKey(Object) - Method in class org.apache.shiro.config.Ini
- containsKey(Object) - Method in class org.apache.shiro.config.Ini.Section
- containsKey(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- containsKey(Object) - Method in class org.apache.shiro.util.MapContext
- containsKey(Object) - Method in class org.apache.shiro.util.SoftHashMap
- containsValue(Object) - Method in class org.apache.shiro.config.Ini
- containsValue(Object) - Method in class org.apache.shiro.config.Ini.Section
- containsValue(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- containsValue(Object) - Method in class org.apache.shiro.util.MapContext
- containsValue(Object) - Method in class org.apache.shiro.util.SoftHashMap
- contextAttribute(String, Object) - Method in class org.apache.shiro.subject.Subject.Builder
-
Allows custom attributes to be added to the underlying context
Map
used to construct theSubject
instance. - contextDestroyed(ServletContextEvent) - Method in class org.apache.shiro.web.env.EnvironmentLoaderListener
-
Destroys any previously created/bound
WebEnvironment
instance created by theEnvironmentLoaderListener.contextInitialized(javax.servlet.ServletContextEvent)
method. - contextFactoryClassName - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- contextInitialized(ServletContextEvent) - Method in class org.apache.shiro.web.env.EnvironmentLoaderListener
-
Initializes the Shiro
WebEnvironment
and binds it to theServletContext
at application startup for future reference. - continueInvocation(Object) - Method in class org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor
-
Simply casts the method argument to an
org.aopalliance.intercept.MethodInvocation
and then callsmethodInvocation.
proceed
() - convertBytesToPrincipals(byte[], SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
If a
cipherService
is available, it will be used to first decrypt the byte array. - convertConfigToIni(String) - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- convertJndiName(String) - Method in class org.apache.shiro.jndi.JndiLocator
-
Convert the given JNDI name into the actual JNDI name to use.
- convertPathToIni(String) - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.Converts the specified file path to an
Ini
instance. - convertPrincipalsToBytes(PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Converts the given principal collection the byte array that will be persisted to be 'remembered' later.
- convertSaltToBytes(Object) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Acquires the specified
salt
argument's bytes and returns them in the form of aByteSource
instance. - convertSourceToBytes(Object) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Acquires the specified
source
argument's bytes and returns them in the form of aByteSource
instance. - Cookie - Interface in org.apache.shiro.web.servlet
-
Interface representing HTTP cookie operations, supporting pojo-style getters and setters for all attributes which includes HttpOnly support.
- COOKIE_DATE_FORMAT_STRING - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- COOKIE_HEADER_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- COOKIE_SESSION_ID_SOURCE - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- Cookie.SameSiteOptions - Enum in org.apache.shiro.web.servlet
-
The SameSite attribute of the Set-Cookie HTTP response header allows you to declare if your cookie should be restricted to a first-party or same-site context.
- CookieRememberMeManager - Class in org.apache.shiro.web.mgt
-
Remembers a Subject's identity by saving the Subject's
principals
to aCookie
for later retrieval. - CookieRememberMeManager() - Constructor for class org.apache.shiro.web.mgt.CookieRememberMeManager
-
Constructs a new
CookieRememberMeManager
with a defaultrememberMe
cookie template. - copy(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- copy(SubjectContext) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- create(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Persists the given session instance to an underlying EIS (Enterprise Information System).
- create(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Creates the session by delegating EIS creation to subclasses via the
AbstractSessionDAO.doCreate(org.apache.shiro.session.Session)
method, and then asserting that the returned sessionId is not null. - create(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Calls
super.create(session)
, then caches the session keyed by the returnedsessionId
, and then returns thissessionId
. - create(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Inserts a new Session record into the underling EIS (e.g.
- createActiveSessionsCache() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Creates a cache instance used to store active sessions.
- createAnnotationResolver() - Method in class org.apache.shiro.guice.aop.ShiroAopModule
- createAuthenticationInfo(AuthenticationToken, Object, Object, LdapContext) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Returns the
AuthenticationInfo
resulting from a Subject's successful LDAP authentication attempt. - createBearerToken(String, ServletRequest) - Method in class org.apache.shiro.web.filter.authc.BearerHttpAuthenticationFilter
- createByteSource(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- createCache(String) - Method in class org.apache.shiro.cache.AbstractCacheManager
-
Creates a new
Cache
instance associated with the specifiedname
. - createCache(String) - Method in class org.apache.shiro.cache.MemoryConstrainedCacheManager
-
Returns a new
MapCache
instance backed by aSoftHashMap
. - createChain(String, String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- createChain(String, String) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Creates a filter chain for the given
chainName
with the specifiedchainDefinition
String. - createChains(Map<String, String>, FilterChainManager) - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- createDefaultChain(String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- createDefaultChain(String) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Creates a chain that should match any non-matched request paths, typically
/**
assuming anAntPathMatcher
I used. - createDefaultInstance() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- createDefaultInstance() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- createDefaultInstance() - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- createDefaultInstance() - Method in class org.apache.shiro.web.config.WebIniSecurityManagerFactory
-
Deprecated.Simply returns
new
to ensure a web-capableDefaultWebSecurityManager
();SecurityManager
is available by default. - createDefaults(Ini, Ini.Section) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- createDefaults(Ini, Ini.Section) - Method in class org.apache.shiro.web.config.WebIniSecurityManagerFactory
-
Deprecated.
- createDefaultSecurityManager() - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- createEnvironment(ServletContext) - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Instantiates a
WebEnvironment
based on the specified ServletContext. - createExposedSession(Session, SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- createExposedSession(Session, SessionContext) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- createExposedSession(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- createExposedSession(Session, SessionKey) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- createFilterChainManager() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
- createFilterChainResolver() - Method in class org.apache.shiro.web.env.IniWebEnvironment
- createFrom(JoinPoint) - Static method in class org.apache.shiro.aspectj.BeforeAdviceMethodInvocationAdapter
-
Factory method that creates a new
BeforeAdviceMethodInvocationAdapter
instance using the AspectJJoinPoint
provided. - createHashRequest(ByteSource) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- createHazelcastInstance() - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Implicitly creates and returns a new
HazelcastInstance
that will be used to back this implementation. - createIni(String, boolean) - Method in class org.apache.shiro.web.env.IniWebEnvironment
-
Creates an
Ini
instance reflecting the specified path, ornull
if the path does not exist and is not required. - createInitialContext() - Method in class org.apache.shiro.jndi.JndiTemplate
-
Create a new JNDI initial context.
- createInstance() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Creates a new object instance by using a configured INI source.
- createInstance() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
This implementation: Ensures the required
securityManager
property has been setCreates
aFilterChainManager
instance that reflects the configuredfilters
andfilter chain definitions
Wraps the FilterChainManager with a suitableFilterChainResolver
since the Shiro Filter implementations do not know ofFilterChainManager
s Sets both theSecurityManager
andFilterChainResolver
instances on a new Shiro Filter instance and returns that filter instance. - createInstance() - Method in class org.apache.shiro.util.AbstractFactory
- createInstance(Ini) - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- createInstance(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- createInstance(Ini) - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- createInstanceMap(FilterConfig) - Static method in enum org.apache.shiro.web.filter.mgt.DefaultFilter
- createLdapContext(Hashtable) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Creates and returns a new
InitialLdapContext
instance. - createLdapContext(Hashtable) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Creates and returns a new
InitialLdapContext
instance. - createMethodInvocation(Object) - Method in class org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor
-
Creates a
MethodInvocation
that wraps anorg.aopalliance.intercept.MethodInvocation
instance, enabling Shiro Annotations in AOP Alliance environments (Spring, etc). - createNewInstance(Map<String, Object>, String, String) - Method in class org.apache.shiro.config.ReflectionBuilder
- createParameterSpec(byte[], boolean) - Method in class org.apache.shiro.crypto.AesCipherService
- createParameterSpec(byte[], boolean) - Method in class org.apache.shiro.crypto.JcaCipherService
- createRealm(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Creates a
Realm
from the Ini instance containing account data. - createRemoteInvocation(MethodInvocation) - Method in class org.apache.shiro.spring.remoting.SecureRemoteInvocationFactory
-
Creates a
RemoteInvocation
with the current session ID as anattribute
. - createSecurityManager() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- createSecurityManager() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- createSession(HttpSession, String) - Method in class org.apache.shiro.web.session.mgt.ServletContainerSessionManager
- createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Creates a new
Session Session
instance based on the specified (possiblynull
) initialization data. - createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- createSession(SessionContext) - Method in interface org.apache.shiro.session.mgt.SessionFactory
-
Creates a new
Session
instance based on the specified contextual initialization data. - createSession(SessionContext) - Method in class org.apache.shiro.session.mgt.SimpleSessionFactory
-
Creates a new
SimpleSession
instance retaining the context'shost
if one can be found. - createSession(SessionContext) - Method in class org.apache.shiro.web.session.mgt.ServletContainerSessionManager
- createSessionContext() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- createSessionContext() - Method in class org.apache.shiro.web.subject.support.WebDelegatingSubject
- createSessionContext(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- createSessionContext(SubjectContext) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- createSessionManager(String) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- createSessionValidationScheduler() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- createSubject(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Creates a
WebSubject
instance to associate with the incoming request/response pair which will be used throughout the request/response execution. - createSubject(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Creates a
Subject
instance for the user represented by the given method arguments. - createSubject(SubjectContext) - Method in class org.apache.shiro.cas.CasSubjectFactory
-
Deprecated.
- createSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
This implementation functions as follows:
- createSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSubjectFactory
- createSubject(SubjectContext) - Method in interface org.apache.shiro.mgt.SecurityManager
-
Creates a
Subject
instance reflecting the specified contextual data. - createSubject(SubjectContext) - Method in interface org.apache.shiro.mgt.SubjectFactory
-
Creates a new Subject instance reflecting the state of the specified contextual data.
- createSubject(SubjectContext) - Method in class org.apache.shiro.web.mgt.DefaultWebSubjectFactory
- createSubjectContext() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- createSubjectContext() - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- createTicketValidator() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- createToken(String, String, boolean, String) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- createToken(String, String, ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- createToken(ServletRequest, ServletResponse) - Method in class org.apache.shiro.cas.CasFilter
-
Deprecated.The token created for this authentication is a CasToken containing the CAS service ticket received on the CAS service url (on which the filter must be configured).
- createToken(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- createToken(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
-
Creates an AuthenticationToken for use during login attempt with the provided credentials in the http header.
- createToken(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.BearerHttpAuthenticationFilter
-
Creates an AuthenticationToken for use during login attempt with the provided credentials in the http header.
- createToken(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- createWebSecurityManager() - Method in class org.apache.shiro.web.env.IniWebEnvironment
- credentials - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
The credentials verifying the account principals.
- CredentialsException - Exception in org.apache.shiro.authc
-
Exception thrown due to a problem with the credential(s) submitted for an account during the authentication process.
- CredentialsException() - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Creates a new CredentialsException.
- CredentialsException(String) - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Constructs a new CredentialsException.
- CredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Constructs a new CredentialsException.
- CredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.CredentialsException
-
Constructs a new CredentialsException.
- CredentialsMatcher - Interface in org.apache.shiro.authc.credential
-
Interface implemented by classes that can determine if an AuthenticationToken's provided credentials matches a corresponding account's credentials stored in the system.
- credentialsSalt - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Any salt used in hashing the credentials.
- CRYPT - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
- CryptoException - Exception in org.apache.shiro.crypto
-
Base Shiro exception for problems encountered during cryptographic operations.
- CryptoException(String) - Constructor for exception org.apache.shiro.crypto.CryptoException
- CryptoException(String, Throwable) - Constructor for exception org.apache.shiro.crypto.CryptoException
- CryptoException(Throwable) - Constructor for exception org.apache.shiro.crypto.CryptoException
- CTR - org.apache.shiro.crypto.OperationMode
-
Counter Mode, aka Integer Counter Mode (ICM) and Segmented Integer Counter (SIC).
- currentRequest - Variable in class org.apache.shiro.web.servlet.ShiroHttpSession
- customizeEnvironment(WebEnvironment) - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Any additional customization of the Environment can be by overriding this method.
D
- DataAccessException - Exception in org.apache.shiro.dao
-
Generic exception representing a problem when attempting to access data.
- DataAccessException(String) - Constructor for exception org.apache.shiro.dao.DataAccessException
-
Constructs a DataAccessException with a message explaining the cause of the exception.
- DataAccessException(String, Throwable) - Constructor for exception org.apache.shiro.dao.DataAccessException
-
Constructs a DataAccessException with a message explaining the cause of the exception.
- dataSource - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- DAY_MILLIS - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- decode(byte[]) - Static method in class org.apache.shiro.codec.Base64
-
Decodes Base64 data into octets
- decode(byte[]) - Static method in class org.apache.shiro.codec.Hex
-
Converts an array of character bytes representing hexadecimal values into an array of bytes of those same values.
- decode(char[]) - Static method in class org.apache.shiro.codec.Hex
-
Converts an array of characters representing hexadecimal values into an array of bytes of those same values.
- decode(String) - Static method in class org.apache.shiro.codec.Base64
-
Converts the specified UTF-8 Base64 encoded String and decodes it to a raw Base64 decoded byte array.
- decode(String) - Static method in class org.apache.shiro.codec.Hex
-
Converts the specified Hex-encoded String into a raw byte array.
- decodeRequestString(HttpServletRequest, String) - Static method in class org.apache.shiro.web.util.WebUtils
-
Decode the given source string with a URLDecoder.
- decodeToString(byte[]) - Static method in class org.apache.shiro.codec.Base64
-
Decodes the specified Base64 encoded byte array and returns the decoded result as a UTF-8 encoded.
- decodeToString(String) - Static method in class org.apache.shiro.codec.Base64
-
Converts the specified UTF-8 Base64 encoded String and decodes it to a resultant UTF-8 encoded string.
- decorate(Session) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- decrypt(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Decrypts the byte array using the configured
cipherService
. - decrypt(byte[], byte[]) - Method in interface org.apache.shiro.crypto.CipherService
-
Decrypts encrypted data via the specified cipher key and returns the original (pre-encrypted) data.
- decrypt(byte[], byte[]) - Method in class org.apache.shiro.crypto.JcaCipherService
- decrypt(InputStream, OutputStream, byte[]) - Method in interface org.apache.shiro.crypto.CipherService
-
Receives encrypted data from the given
InputStream
, decrypts it, and sends the resulting decrypted data to the givenOutputStream
. - decrypt(InputStream, OutputStream, byte[]) - Method in class org.apache.shiro.crypto.JcaCipherService
- DEFAULT_AUTHENTICATION_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve account data for the user.
- DEFAULT_CASE_SENSITIVE - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- DEFAULT_CHARACTER_ENCODING - Static variable in class org.apache.shiro.web.util.WebUtils
-
Default character encoding to use when
request.getCharacterEncoding
returnsnull
, according to the Servlet spec. - DEFAULT_CHARSET_NAME - Static variable in class org.apache.shiro.config.Ini
- DEFAULT_CONTEXT_FACTORY_CLASS_NAME - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
- DEFAULT_DELIMITER_CHAR - Static variable in class org.apache.shiro.util.StringUtils
-
Constant representing the default delimiter character (comma), equal to
','
- DEFAULT_ENABLED - Static variable in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- DEFAULT_ENCODING_SCHEME - Static variable in class org.apache.shiro.web.util.RedirectView
-
The default encoding scheme: UTF-8
- DEFAULT_ERROR_KEY_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- DEFAULT_GLOBAL_SESSION_TIMEOUT - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
-
Default main session timeout value, equal to
30
minutes. - DEFAULT_HASH_ALGORITHM - Static variable in class org.apache.shiro.authc.credential.DefaultPasswordService
- DEFAULT_HASH_ITERATIONS - Static variable in class org.apache.shiro.authc.credential.DefaultPasswordService
- DEFAULT_HTTP_PORT - Static variable in class org.apache.shiro.web.filter.authz.PortFilter
- DEFAULT_HTTPS_PORT - Static variable in class org.apache.shiro.web.filter.authz.SslFilter
- DEFAULT_INCLUDE_SUB_DOMAINS - Static variable in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- DEFAULT_INI_RESOURCE_PATH - Static variable in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- DEFAULT_LOGIN_URL - Static variable in class org.apache.shiro.web.filter.AccessControlFilter
-
Simple default login URL equal to
/login.jsp
, which can be overridden by calling thesetLoginUrl
method. - DEFAULT_MAX_AGE - Static variable in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- DEFAULT_MAX_AGE - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
-
-1
, indicating the cookie should expire when the browser closes. - DEFAULT_NEXT_BYTES_SIZE - Static variable in class org.apache.shiro.crypto.SecureRandomNumberGenerator
- DEFAULT_PASSWORD_PARAM - Static variable in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- DEFAULT_PATH_SEPARATOR - Static variable in class org.apache.shiro.util.AntPathMatcher
-
Default path separator: "/"
- DEFAULT_PERMISSIONS_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve permissions that apply to a particular role.
- DEFAULT_QUOTE_CHAR - Static variable in class org.apache.shiro.util.StringUtils
-
Constant representing the default quote character (double quote), equal to '"'
- DEFAULT_REDIRECT_URL - Static variable in class org.apache.shiro.web.filter.authc.LogoutFilter
-
The default redirect URL to where the user will be redirected after logout.
- DEFAULT_REFERRAL - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
- DEFAULT_REMEMBER_ME_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- DEFAULT_REMEMBER_ME_COOKIE_NAME - Static variable in class org.apache.shiro.web.mgt.CookieRememberMeManager
-
The default name of the underlying rememberMe cookie which is
rememberMe
. - DEFAULT_REMEMBER_ME_PARAM - Static variable in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- DEFAULT_SALTED_AUTHENTICATION_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve account data for the user when
JdbcRealm.saltStyle
is COLUMN. - DEFAULT_SECTION_NAME - Static variable in class org.apache.shiro.config.Ini
- DEFAULT_SECURITY_MANAGER_KEY - Static variable in class org.apache.shiro.env.DefaultEnvironment
-
The default name under which the application's
SecurityManager
instance may be acquired, equal tosecurityManager
. - DEFAULT_SESSION_ID_NAME - Static variable in class org.apache.shiro.web.servlet.ShiroHttpSession
- DEFAULT_SESSION_VALIDATION_INTERVAL - Static variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
The default interval at which sessions will be validated (1 hour); This can be overridden by calling
AbstractValidatingSessionManager.setSessionValidationInterval(long)
- DEFAULT_SESSION_VALIDATION_INTERVAL - Static variable in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
-
The default interval at which sessions will be validated (1 hour); This can be overridden by calling
QuartzSessionValidationScheduler.setSessionValidationInterval(long)
- DEFAULT_SUCCESS_URL - Static variable in class org.apache.shiro.web.filter.authc.AuthenticationFilter
- DEFAULT_USER_ROLES_QUERY - Static variable in class org.apache.shiro.realm.jdbc.JdbcRealm
-
The default query used to retrieve the roles that apply to a user.
- DEFAULT_USERNAME_PARAM - Static variable in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- DEFAULT_VALIDATION_PROTOCOL - Static variable in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- DEFAULT_VERSION - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
-
-1
indicating that no version property should be set on the cookie. - DEFAULT_WEB_INI_RESOURCE_PATH - Static variable in class org.apache.shiro.web.env.IniWebEnvironment
- DEFAULT_WEB_INI_RESOURCE_PATH - Static variable in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- defaultAdvisorAutoProxyCreator() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAnnotationProcessorAutoConfiguration
- defaultAdvisorAutoProxyCreator() - Method in class org.apache.shiro.spring.config.AbstractShiroAnnotationProcessorConfiguration
- defaultAdvisorAutoProxyCreator() - Method in class org.apache.shiro.spring.config.ShiroAnnotationProcessorConfiguration
- DefaultAnnotationResolver - Class in org.apache.shiro.aop
-
Default
AnnotationResolver
implementation that merely inspects theMethodInvocation
'starget method
, and returnstargetMethod
.getAnnotation(class)
. - DefaultAnnotationResolver() - Constructor for class org.apache.shiro.aop.DefaultAnnotationResolver
- DefaultBlockCipherService - Class in org.apache.shiro.crypto
-
Base abstract class for block cipher algorithms.
- DefaultBlockCipherService(String) - Constructor for class org.apache.shiro.crypto.DefaultBlockCipherService
-
Creates a new
DefaultBlockCipherService
using the specified block cipheralgorithmName
. - DefaultEnvironment - Class in org.apache.shiro.env
-
Simple/default
Environment
implementation that stores Shiro objects as key-value pairs in aMap
instance. - DefaultEnvironment() - Constructor for class org.apache.shiro.env.DefaultEnvironment
-
Creates a new instance with a thread-safe
ConcurrentHashMap
backing map. - DefaultEnvironment(Map<String, ?>) - Constructor for class org.apache.shiro.env.DefaultEnvironment
-
Creates a new instance with the specified backing map.
- DefaultEventBus - Class in org.apache.shiro.event.support
-
A default event bus implementation that synchronously publishes events to registered listeners.
- DefaultEventBus() - Constructor for class org.apache.shiro.event.support.DefaultEventBus
- DefaultFilter - Enum in org.apache.shiro.web.filter.mgt
-
Enum representing all of the default Shiro Filter instances available to web applications.
- DefaultFilterChainManager - Class in org.apache.shiro.web.filter.mgt
-
Default
FilterChainManager
implementation maintaining a map ofFilter
instances (key: filter name, value: Filter) as well as a map ofNamedFilterList
s created from theseFilter
s (key: filter chain name, value: NamedFilterList). - DefaultFilterChainManager() - Constructor for class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- DefaultFilterChainManager(FilterConfig) - Constructor for class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- DefaultHashFormatFactory - Class in org.apache.shiro.crypto.hash.format
-
This default
HashFormatFactory
implementation heuristically determines aHashFormat
class to instantiate based on the input argument and returns a new instance of the discovered class. - DefaultHashFormatFactory() - Constructor for class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
- DefaultHashService - Class in org.apache.shiro.crypto.hash
-
Default implementation of the
HashService
interface, supporting a customizable hash algorithm name, secure-random salt generation, multiple hash iterations and an optional internalprivateSalt
. - DefaultHashService() - Constructor for class org.apache.shiro.crypto.hash.DefaultHashService
-
Constructs a new
DefaultHashService
instance with the following defaults:hashAlgorithmName
=SHA-512
hashIterations
=1
randomNumberGenerator
= newSecureRandomNumberGenerator
()generatePublicSalt
=false
- DefaultInterpolator - Class in org.apache.shiro.config
-
This
Interpolator
simply returns the original value. - DefaultInterpolator() - Constructor for class org.apache.shiro.config.DefaultInterpolator
- DefaultLdapContextFactory - Class in org.apache.shiro.realm.ldap
-
Deprecated.replaced by the
JndiLdapContextFactory
implementation. This implementation will be removed prior to Shiro 2.0 - DefaultLdapContextFactory() - Constructor for class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- DefaultLdapRealm - Class in org.apache.shiro.realm.ldap
-
An LDAP
Realm
implementation utilizing Sun's/Oracle's JNDI API as an LDAP API. - DefaultLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Default no-argument constructor that defaults the internal
LdapContextFactory
instance to aJndiLdapContextFactory
. - DefaultPasswordService - Class in org.apache.shiro.authc.credential
-
Default implementation of the
PasswordService
interface that relies on an internalHashService
,HashFormat
, andHashFormatFactory
to function: - DefaultPasswordService() - Constructor for class org.apache.shiro.authc.credential.DefaultPasswordService
- DefaultSecurityManager - Class in org.apache.shiro.mgt
-
The Shiro framework's default concrete implementation of the
SecurityManager
interface, based around a collection ofRealm
s. - DefaultSecurityManager() - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager
-
Default no-arg constructor.
- DefaultSecurityManager(Collection<Realm>) - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager
-
Supporting constructor for multiple
realms
. - DefaultSecurityManager(Realm) - Constructor for class org.apache.shiro.mgt.DefaultSecurityManager
-
Supporting constructor for a single-realm application.
- DefaultSerializer<T> - Class in org.apache.shiro.io
-
Serializer implementation that uses the default JVM serialization mechanism (Object Input/Output Streams).
- DefaultSerializer() - Constructor for class org.apache.shiro.io.DefaultSerializer
- DefaultSessionContext - Class in org.apache.shiro.session.mgt
-
Default implementation of the
SessionContext
interface which provides getters and setters that wrap interaction with the underlying backing context map. - DefaultSessionContext() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionContext
- DefaultSessionContext(Map<String, Object>) - Constructor for class org.apache.shiro.session.mgt.DefaultSessionContext
- DefaultSessionKey - Class in org.apache.shiro.session.mgt
-
Default implementation of the
SessionKey
interface, which allows setting and retrieval of a concretesessionId
that theSessionManager
implementation can use to look up aSession
instance. - DefaultSessionKey() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionKey
- DefaultSessionKey(Serializable) - Constructor for class org.apache.shiro.session.mgt.DefaultSessionKey
- DefaultSessionManager - Class in org.apache.shiro.session.mgt
-
Default business-tier implementation of a
ValidatingSessionManager
. - DefaultSessionManager() - Constructor for class org.apache.shiro.session.mgt.DefaultSessionManager
- DefaultSessionStorageEvaluator - Class in org.apache.shiro.mgt
-
A Default
SessionStorageEvaluator
that provides reasonable control over if and how Sessions may be used for storing Subject state. - DefaultSessionStorageEvaluator() - Constructor for class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
- DefaultShiroFilterChainDefinition - Class in org.apache.shiro.spring.web.config
- DefaultShiroFilterChainDefinition() - Constructor for class org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition
- DefaultSubjectContext - Class in org.apache.shiro.subject.support
-
Default implementation of the
SubjectContext
interface. - DefaultSubjectContext() - Constructor for class org.apache.shiro.subject.support.DefaultSubjectContext
- DefaultSubjectContext(SubjectContext) - Constructor for class org.apache.shiro.subject.support.DefaultSubjectContext
- DefaultSubjectDAO - Class in org.apache.shiro.mgt
-
Default
SubjectDAO
implementation that stores Subject state in the Subject's Session by default (but this can be disabled - see below). - DefaultSubjectDAO() - Constructor for class org.apache.shiro.mgt.DefaultSubjectDAO
- DefaultSubjectFactory - Class in org.apache.shiro.mgt
-
Default
SubjectFactory
implementation that createsDelegatingSubject
instances. - DefaultSubjectFactory() - Constructor for class org.apache.shiro.mgt.DefaultSubjectFactory
- DefaultWebEnvironment - Class in org.apache.shiro.web.env
-
Default
WebEnvironment
implementation based on a backingMap
instance. - DefaultWebEnvironment() - Constructor for class org.apache.shiro.web.env.DefaultWebEnvironment
- DefaultWebSecurityManager - Class in org.apache.shiro.web.mgt
-
Default
WebSecurityManager
implementation used in web-based applications or any application that requires HTTP connectivity (SOAP, http remoting, etc). - DefaultWebSecurityManager() - Constructor for class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- DefaultWebSecurityManager(Collection<Realm>) - Constructor for class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- DefaultWebSecurityManager(Realm) - Constructor for class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- DefaultWebSessionContext - Class in org.apache.shiro.web.session.mgt
-
Default implementation of the
WebSessionContext
interface which provides getters and setters that wrap interaction with the underlying backing context map. - DefaultWebSessionContext() - Constructor for class org.apache.shiro.web.session.mgt.DefaultWebSessionContext
- DefaultWebSessionContext(Map<String, Object>) - Constructor for class org.apache.shiro.web.session.mgt.DefaultWebSessionContext
- DefaultWebSessionManager - Class in org.apache.shiro.web.session.mgt
-
Web-application capable
SessionManager
implementation. - DefaultWebSessionManager() - Constructor for class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- DefaultWebSessionStorageEvaluator - Class in org.apache.shiro.web.mgt
-
A web-specific
SessionStorageEvaluator
that performs the same logic as the parent classDefaultSessionStorageEvaluator
but additionally checks for a request-specific flag that may enable or disable session access. - DefaultWebSessionStorageEvaluator() - Constructor for class org.apache.shiro.web.mgt.DefaultWebSessionStorageEvaluator
- DefaultWebSubjectContext - Class in org.apache.shiro.web.subject.support
-
Default
WebSubjectContext
implementation that provides for additional storage and retrieval of aServletRequest
andServletResponse
. - DefaultWebSubjectContext() - Constructor for class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- DefaultWebSubjectContext(WebSubjectContext) - Constructor for class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- DefaultWebSubjectFactory - Class in org.apache.shiro.web.mgt
-
A
SubjectFactory
implementation that createsWebDelegatingSubject
instances. - DefaultWebSubjectFactory() - Constructor for class org.apache.shiro.web.mgt.DefaultWebSubjectFactory
- delegate - Variable in class org.apache.shiro.session.ProxiedSession
-
The proxied instance
- DelegatingSession - Class in org.apache.shiro.session.mgt
-
A DelegatingSession is a client-tier representation of a server side
Session
. - DelegatingSession(NativeSessionManager, SessionKey) - Constructor for class org.apache.shiro.session.mgt.DelegatingSession
- DelegatingSubject - Class in org.apache.shiro.subject.support
-
Implementation of the
Subject
interface that delegates method calls to an underlyingSecurityManager
instance for security checks. - DelegatingSubject(SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject
- DelegatingSubject(PrincipalCollection, boolean, String, Session, boolean, SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject
- DelegatingSubject(PrincipalCollection, boolean, String, Session, SecurityManager) - Constructor for class org.apache.shiro.subject.support.DelegatingSubject
- delete(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- delete(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Removes the specified session from any cache and then permanently deletes the session from the EIS by delegating to
CachingSessionDAO.doDelete(org.apache.shiro.session.Session)
. - delete(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- delete(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Deletes the associated EIS record of the specified
session
. - delete(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Removes (or 'unbinds') the Subject's state from the application, typically called during
DefaultSecurityManager.logout(org.apache.shiro.subject.Subject)
.. - delete(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Removes any existing subject state from the subject's session (if the session exists).
- delete(Subject) - Method in interface org.apache.shiro.mgt.SubjectDAO
-
Removes any persisted state for the specified
Subject
instance. - DELETED_COOKIE_VALUE - Static variable in interface org.apache.shiro.web.servlet.Cookie
-
The value of deleted cookie (with the maxAge 0).
- deserialize(byte[]) - Method in class org.apache.shiro.io.DefaultSerializer
-
This implementation deserializes the byte array using a
ObjectInputStream
using a sourceByteArrayInputStream
constructed with the argument byte array. - deserialize(byte[]) - Method in interface org.apache.shiro.io.Serializer
-
Converts the specified raw byte[] array back into an original Object form.
- deserialize(byte[]) - Method in class org.apache.shiro.io.XmlSerializer
-
Deprecated.Deserializes the specified
serialized
source back into an Object by using aByteArrayInputStream
to wrap the argument and then decode this stream via anXMLDecoder
, where thereadObject
call results in the original Object to return. - deserialize(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
De-serializes the given byte array by using the
serializer
'sdeserialize
method. - destroy() - Method in class org.apache.shiro.cache.AbstractCacheManager
- destroy() - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Shuts-down the wrapped Ehcache CacheManager only if implicitly created.
- destroy() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- destroy() - Method in class org.apache.shiro.config.ReflectionBuilder
- destroy() - Method in class org.apache.shiro.env.DefaultEnvironment
- destroy() - Method in class org.apache.shiro.guice.ShiroModule
-
Destroys all beans created within this module that implement
Destroyable
. - destroy() - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Destroys any
implicitly created
backingHazelcastInstance
. - destroy() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
- destroy() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- destroy() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Destroys the
cacheManager
viaLifecycleUtils.destroy
. - destroy() - Method in class org.apache.shiro.mgt.RealmSecurityManager
- destroy() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- destroy() - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Destroy reload scheduler if one exists.
- destroy() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- destroy() - Method in interface org.apache.shiro.util.Destroyable
-
Called when this object is being destroyed, allowing any necessary cleanup of internal resources.
- destroy() - Method in class org.apache.shiro.web.servlet.AbstractFilter
-
Default no-op implementation that can be overridden by subclasses for custom cleanup behavior.
- destroy(Object) - Static method in class org.apache.shiro.util.LifecycleUtils
- destroy(Collection) - Static method in class org.apache.shiro.util.LifecycleUtils
-
Calls
destroy
for each object in the collection. - destroy(Destroyable) - Static method in class org.apache.shiro.util.LifecycleUtils
- Destroyable - Interface in org.apache.shiro.util
-
Shiro container-agnostic interface that indicates that this object requires a callback during destruction.
- DestroyedBeanEvent - Class in org.apache.shiro.config.event
-
Event triggered when a configured bean has been destroyed.
- DestroyedBeanEvent(String, Object, Map<String, Object>) - Constructor for class org.apache.shiro.config.event.DestroyedBeanEvent
- destroyEnvironment(ServletContext) - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Destroys the
WebEnvironment
for the given servlet context. - determineEncoding(HttpServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
-
Determine the encoding for the given request.
- determineWebEnvironment(ServletContext) - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Return the WebEnvironment implementation class to use, based on the order of: A custom WebEnvironment class - specified in the
servletContext
EnvironmentLoader.ENVIRONMENT_ATTRIBUTE_KEY
propertyServiceLoader.load(WebEnvironment.class)
- (if more then one instance is found aConfigurationException
will be thrown A call toEnvironmentLoader.getDefaultWebEnvironmentClass()
(default:IniWebEnvironment
) - determineWebEnvironmentClass(ServletContext) - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Deprecated.This method is not longer used by Shiro, and will be removed in future versions, use
EnvironmentLoader.determineWebEnvironment(ServletContext)
orEnvironmentLoader.determineWebEnvironment(ServletContext)
- DisabledAccountException - Exception in org.apache.shiro.authc
-
Thrown when attempting to authenticate and the corresponding account has been disabled for some reason.
- DisabledAccountException() - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Creates a new DisabledAccountException.
- DisabledAccountException(String) - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Constructs a new DisabledAccountException.
- DisabledAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Constructs a new DisabledAccountException.
- DisabledAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.DisabledAccountException
-
Constructs a new DisabledAccountException.
- DisabledSessionException - Exception in org.apache.shiro.subject.support
-
Exception thrown if attempting to create a new
Subject
session
, but thatSubject
's sessions are disabled. - DisabledSessionException(String) - Constructor for exception org.apache.shiro.subject.support.DisabledSessionException
- disableSessionValidation() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- disableSessionValidation() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- disableSessionValidation() - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
- disableSessionValidation() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler
-
Disables the session validation job.
- doAuthenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Template design pattern hook for subclasses to implement specific authentication behavior.
- doAuthenticate(AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Attempts to authenticate the given token by iterating over the internal collection of
Realm
s. - doCall(Callable<V>) - Method in class org.apache.shiro.subject.support.SubjectCallable
- doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
This implementation clears out any cached authentication data by calling
AuthenticatingRealm.clearCachedAuthenticationInfo(org.apache.shiro.subject.PrincipalCollection)
. - doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Calls
super.doClearCache
to ensure any cached authentication data is removed and then callsAuthorizingRealm.clearCachedAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)
to remove any cached authorization data. - doClearCache(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
This implementation does nothing - it is a template to be overridden by subclasses if necessary.
- doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Subclass hook to actually persist the given Session instance to the underlying EIS.
- doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doCreate(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- doCreateSession(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- doCreateSession(SessionContext) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- doCreateSubject(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Actually creates a
Subject
instance by delegating to the internalsubjectFactory
. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
-
Returns
true
always no matter what the method arguments are. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.credential.CredentialsMatcher
-
Returns
true
if the provided token credentials match the stored account credentials,false
otherwise. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
This implementation first hashes the
token
's credentials, potentially using asalt
if theinfo
argument is aSaltedAuthenticationInfo
. - doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- doCredentialsMatch(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
This implementation acquires the
token
's credentials (viagetCredentials(token)
) and then theaccount
's credentials (viagetCredentials(account)
) and then passes both of them to theequals(tokenCredentials, accountCredentials)
method for equality comparison. - doDelete(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Subclass implementation hook to permanently delete the given Session from the underlying EIS.
- doDelete(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doesNotContain(String, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that the given text does not contain the given substring.
- doesNotContain(String, String, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that the given text does not contain the given substring.
- doFilter(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.servlet.ProxiedFilterChain
- doFilter(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
This
doFilter
implementation stores a request attribute for "already filtered", proceeding without filtering again if the attribute is already there. - doFilterInternal(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
doFilterInternal
implementation that sets-up, executes, and cleans-up a Shiro-filtered request. - doFilterInternal(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.AdviceFilter
- doFilterInternal(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
Same contract as for
OncePerRequestFilter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
, but guaranteed to be invoked only once per request. - doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.Authenticates a user and retrieves its information.
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Retrieves authentication data from an implementation-specific datasource (RDBMS, LDAP, etc) for the given authentication token.
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Delegates to
DefaultLdapRealm.queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, LdapContextFactory)
, wrapping anyNamingException
s in a ShiroAuthenticationException
to satisfy the parent method signature. - doGetAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.Retrieves the AuthorizationInfo for the given principals (the CAS previously authenticated user : id + attributes).
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Retrieves the AuthorizationInfo for the given principals from the underlying data store.
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
This implementation of the interface expects the principals collection to return a String username keyed off of this realm's
name
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
- doGetAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- doGetSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- doGetSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- doInContext(Context) - Method in interface org.apache.shiro.jndi.JndiCallback
-
Do something with the given JNDI context.
- DOMAIN_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- DomainPermission - Class in org.apache.shiro.authz.permission
-
Provides a base Permission class from which type-safe/domain-specific subclasses may extend.
- DomainPermission() - Constructor for class org.apache.shiro.authz.permission.DomainPermission
-
Creates a domain permission with *all* actions for *all* targets;
- DomainPermission(String) - Constructor for class org.apache.shiro.authz.permission.DomainPermission
- DomainPermission(String, String) - Constructor for class org.apache.shiro.authz.permission.DomainPermission
- DomainPermission(Set<String>, Set<String>) - Constructor for class org.apache.shiro.authz.permission.DomainPermission
- doMatch(String, String, boolean) - Method in class org.apache.shiro.util.AntPathMatcher
-
Actually match the given
path
against the givenpattern
. - doMultiRealmAuthentication(Collection<Realm>, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Performs the multi-realm authentication attempt by calling back to a
AuthenticationStrategy
object as each realm is consulted forAuthenticationInfo
for the specifiedtoken
. - doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Subclass implementation hook that retrieves the Session object from the underlying EIS or
null
if a session with that ID could not be found. - doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doReadSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- doRun(Runnable) - Method in class org.apache.shiro.subject.support.SubjectRunnable
- doSingleRealmAuthentication(Realm, AuthenticationToken) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Performs the authentication attempt by interacting with the single configured realm, which is significantly simpler than performing multi-realm logic.
- doStartTag() - Method in class org.apache.shiro.web.tags.SecureTag
- doUpdate(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Subclass implementation hook to actually persist the
Session
's state to the underlying EIS. - doUpdate(Session) - Method in class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- doValidate(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
E
- EAX - org.apache.shiro.crypto.OperationMode
-
EAX Mode*.
- ECB - org.apache.shiro.crypto.OperationMode
-
Electronic Codebook mode, defined in FIPS PUB 81.
- EhCache<K,V> - Class in org.apache.shiro.cache.ehcache
-
Shiro
Cache
implementation that wraps anEhcache
instance. - EhCache(Ehcache) - Constructor for class org.apache.shiro.cache.ehcache.EhCache
-
Constructs a new EhCache instance with the given cache.
- EhCacheManager - Class in org.apache.shiro.cache.ehcache
-
Shiro
CacheManager
implementation utilizing the Ehcache framework for all cache functionality. - EhCacheManager() - Constructor for class org.apache.shiro.cache.ehcache.EhCacheManager
-
Default no argument constructor
- EMPTY_STRING - Static variable in class org.apache.shiro.util.StringUtils
-
Constant representing the empty string, equal to ""
- enableSessionValidation() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- enableSessionValidation() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
-
Creates a single thread
ScheduledExecutorService
to validate sessions at fixed intervals and enables this scheduler. - enableSessionValidation() - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
-
Starts session validation by creating a Quartz simple trigger, linking it to the
QuartzSessionValidationJob
, and scheduling it with the Quartz scheduler. - enableSessionValidation() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler
-
Enables the session validation job.
- encode(byte[]) - Static method in class org.apache.shiro.codec.Base64
-
Encodes a byte[] containing binary data, into a byte[] containing characters in the Base64 alphabet.
- encode(byte[]) - Static method in class org.apache.shiro.codec.Hex
-
Converts an array of bytes into an array of characters representing the hexadecimal values of each byte in order.
- encode(byte[], boolean) - Static method in class org.apache.shiro.codec.Base64
-
Encodes binary data using the base64 algorithm, optionally chunking the output into 76 character blocks.
- encodeChunked(byte[]) - Static method in class org.apache.shiro.codec.Base64
-
Encodes binary data using the base64 algorithm and chunks the encoded output into 76 character blocks
- encodeRedirectUrl(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
- encodeRedirectURL(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
-
Encode the session identifier associated with this response into the specified redirect URL, if necessary.
- encodeToString(byte[]) - Static method in class org.apache.shiro.codec.Base64
-
Base64 encodes the specified byte array and then encodes it as a String using Shiro's preferred character encoding (UTF-8).
- encodeToString(byte[]) - Static method in class org.apache.shiro.codec.H64
-
Encodes the specified bytes to an
H64
-encoded String. - encodeToString(byte[]) - Static method in class org.apache.shiro.codec.Hex
-
Encodes the specified byte array to a character array and then returns that character array as a String.
- encodeUrl(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
- encodeURL(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
-
Encode the session identifier associated with this response into the specified URL, if necessary.
- encrypt(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Encrypts the byte array by using the configured
cipherService
. - encrypt(byte[], byte[]) - Method in interface org.apache.shiro.crypto.CipherService
-
Encrypts data via the specified cipher key.
- encrypt(byte[], byte[]) - Method in class org.apache.shiro.crypto.JcaCipherService
- encrypt(InputStream, OutputStream, byte[]) - Method in interface org.apache.shiro.crypto.CipherService
-
Receives the data from the given
InputStream
, encrypts it, and sends the resulting encrypted data to the givenOutputStream
. - encrypt(InputStream, OutputStream, byte[]) - Method in class org.apache.shiro.crypto.JcaCipherService
- encryptPassword(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- encryptPassword(Object) - Method in interface org.apache.shiro.authc.credential.PasswordService
-
Converts the specified plaintext password (usually acquired from your application's 'new user' or 'password reset' workflow) into a formatted string safe for storage.
- ensureChain(String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- ensureCombinedPrincipals() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- ensureHazelcastInstance() - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Ensures that this implementation has a backing
HazelcastInstance
, and if not, implicitly creates one viaHazelcastCacheManager.createHazelcastInstance()
. - ensureSecureRandom() - Method in class org.apache.shiro.crypto.JcaCipherService
- ensureSecurityManager(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Determines if there is a
SecurityManager
instance in the context, and if not, adds 'this' to the context. - ensureTicketValidator() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- EnterpriseCacheSessionDAO - Class in org.apache.shiro.session.mgt.eis
-
SessionDAO implementation that relies on an enterprise caching product as the EIS system of record for all sessions.
- EnterpriseCacheSessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
- entrySet() - Method in class org.apache.shiro.config.Ini
- entrySet() - Method in class org.apache.shiro.config.Ini.Section
- entrySet() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- entrySet() - Method in class org.apache.shiro.util.MapContext
- entrySet() - Method in class org.apache.shiro.util.SoftHashMap
- Environment - Interface in org.apache.shiro.env
-
An
Environment
instance encapsulates all of the objects that Shiro requires to function. - ENVIRONMENT_ATTRIBUTE_KEY - Static variable in class org.apache.shiro.web.env.EnvironmentLoader
- ENVIRONMENT_CLASS_PARAM - Static variable in class org.apache.shiro.web.env.EnvironmentLoader
-
Servlet Context config param for specifying the
WebEnvironment
implementation class to use:shiroEnvironmentClass
- EnvironmentException - Exception in org.apache.shiro.env
-
Exception thrown for errors related to
Environment
instances or configuration. - EnvironmentException(String) - Constructor for exception org.apache.shiro.env.EnvironmentException
- EnvironmentException(String, Throwable) - Constructor for exception org.apache.shiro.env.EnvironmentException
- EnvironmentLoader - Class in org.apache.shiro.web.env
-
An
EnvironmentLoader
is responsible for loading a web application's ShiroWebEnvironment
(which includes the web app'sWebSecurityManager
) into theServletContext
at application startup. - EnvironmentLoader() - Constructor for class org.apache.shiro.web.env.EnvironmentLoader
- EnvironmentLoaderListener - Class in org.apache.shiro.web.env
-
Bootstrap listener to startup and shutdown the web application's Shiro
WebEnvironment
at ServletContext startup and shutdown respectively. - EnvironmentLoaderListener() - Constructor for class org.apache.shiro.web.env.EnvironmentLoaderListener
- equals(Object) - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns
true
if the specified object is also aSimpleAccount
and itsprincipals
are equal to this object'sprincipals
,false
otherwise. - equals(Object) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Returns
true
if the Object argument is aninstanceof SimpleAuthenticationInfo
and itsprincipals
are equal to this instance's principals,false
otherwise. - equals(Object) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- equals(Object) - Method in class org.apache.shiro.authz.SimpleRole
- equals(Object) - Method in class org.apache.shiro.config.Ini
- equals(Object) - Method in class org.apache.shiro.config.Ini.Section
- equals(Object) - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Returns
true
if the specified object is a Hash and itsbyte array
is identical to this Hash's byte array,false
otherwise. - equals(Object) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Returns
true
if the specified object is a Hash and itsbyte array
is identical to this Hash's byte array,false
otherwise. - equals(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- equals(Object) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- equals(Object) - Method in class org.apache.shiro.util.SimpleByteSource
- equals(Object, Object) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
Returns
true
if thetokenCredentials
argument is logically equal to theaccountCredentials
argument. - ESCAPE_TOKEN - Static variable in class org.apache.shiro.config.Ini
- Event - Class in org.apache.shiro.event
-
Root class for all of Shiro's event classes.
- Event(Object) - Constructor for class org.apache.shiro.event.Event
- eventBus - Variable in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- eventBus() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroBeanAutoConfiguration
- eventBus() - Method in class org.apache.shiro.spring.config.AbstractShiroBeanConfiguration
- eventBus() - Method in class org.apache.shiro.spring.config.ShiroBeanConfiguration
- EventBus - Interface in org.apache.shiro.event
-
An event bus can publish events to event subscribers as well as provide a mechanism for registering and unregistering event subscribers.
- EventBusAware - Interface in org.apache.shiro.event
-
Interface implemented by components that utilize an EventBus for publishing and/or subscribing to/from events and wish that EventBus to be supplied if one is available.
- EventClassComparator - Class in org.apache.shiro.event.support
-
Compares two event classes based on their position in a class hierarchy.
- EventClassComparator() - Constructor for class org.apache.shiro.event.support.EventClassComparator
- EventListener - Interface in org.apache.shiro.event.support
-
An event listener knows how to accept and process events of a particular type (or types).
- EventListenerComparator - Class in org.apache.shiro.event.support
-
Compares two event listeners to determine the order in which they should be invoked when an event is dispatched.
- EventListenerComparator() - Constructor for class org.apache.shiro.event.support.EventListenerComparator
- EventListenerResolver - Interface in org.apache.shiro.event.support
-
An
EventListenerResolver
knows how to resolve (either create or lookup)EventListener
instances as a result of inspecting a subscriber object, mostly likely aSubscribe
-annotated object instance. - ExceptionMapper - Class in org.apache.shiro.web.jaxrs
-
JAX-RS exception mapper used to map Shiro
AuthorizationExceptions
to HTTP status codes. - ExceptionMapper() - Constructor for class org.apache.shiro.web.jaxrs.ExceptionMapper
- ExcessiveAttemptsException - Exception in org.apache.shiro.authc
-
Thrown when a system is configured to only allow a certain number of authentication attempts over a period of time and the current session has failed to authenticate successfully within that number.
- ExcessiveAttemptsException() - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Creates a new ExcessiveAttemptsException.
- ExcessiveAttemptsException(String) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Constructs a new ExcessiveAttemptsException.
- ExcessiveAttemptsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Constructs a new ExcessiveAttemptsException.
- ExcessiveAttemptsException(Throwable) - Constructor for exception org.apache.shiro.authc.ExcessiveAttemptsException
-
Constructs a new ExcessiveAttemptsException.
- execute(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
-
Executes the specified runnable by first associating it with the currently executing
Subject
and then dispatches the associated Runnable to the underlying targetExecutor
instance. - execute(Runnable) - Method in interface org.apache.shiro.subject.Subject
-
Associates the specified
Runnable
with thisSubject
instance and then executes it on the currently running thread. - execute(Runnable) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- execute(Callable<V>) - Method in interface org.apache.shiro.subject.Subject
-
Associates the specified
Callable
with thisSubject
instance and then executes it on the currently running thread. - execute(Callable<V>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- execute(JndiCallback) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Execute the given JNDI context callback implementation.
- execute(JobExecutionContext) - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationJob
-
Called when the job is executed by quartz.
- executeAnnotatedMethod(JoinPoint) - Method in class org.apache.shiro.aspectj.ShiroAnnotationAuthorizingAspect
- executeChain(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Executes a
FilterChain
for the given request. - executeChain(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.AdviceFilter
-
Actually executes the specified filter chain by calling
chain.doFilter(request,response);
. - executeLogin(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- ExecutionException - Exception in org.apache.shiro.subject
-
Exception wrapping any potential checked exception thrown when a
Subject
executes aCallable
. - ExecutionException(String, Throwable) - Constructor for exception org.apache.shiro.subject.ExecutionException
- ExecutionException(Throwable) - Constructor for exception org.apache.shiro.subject.ExecutionException
- ExecutorServiceSessionValidationScheduler - Class in org.apache.shiro.session.mgt
-
SessionValidationScheduler implementation that uses a
ScheduledExecutorService
to callValidatingSessionManager.validateSessions()
everyinterval
milliseconds. - ExecutorServiceSessionValidationScheduler() - Constructor for class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- ExecutorServiceSessionValidationScheduler(ValidatingSessionManager) - Constructor for class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- expire() - Method in class org.apache.shiro.session.mgt.SimpleSession
- ExpiredCredentialsException - Exception in org.apache.shiro.authc
-
Thrown during the authentication process when the system determines the submitted credential(s) has expired and will not allow login.
- ExpiredCredentialsException() - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Creates a new ExpiredCredentialsException.
- ExpiredCredentialsException(String) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Constructs a new ExpiredCredentialsException.
- ExpiredCredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Constructs a new ExpiredCredentialsException.
- ExpiredCredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.ExpiredCredentialsException
-
Constructs a new ExpiredCredentialsException.
- ExpiredSessionException - Exception in org.apache.shiro.session
-
A special case of a StoppedSessionException.
- ExpiredSessionException() - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Creates a new ExpiredSessionException.
- ExpiredSessionException(String) - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Constructs a new ExpiredSessionException.
- ExpiredSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Constructs a new ExpiredSessionException.
- ExpiredSessionException(Throwable) - Constructor for exception org.apache.shiro.session.ExpiredSessionException
-
Constructs a new ExpiredSessionException.
- EXPIRES_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- EXTERNAL - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
- extractPathWithinPattern(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
-
Given a pattern and a full path, determine the pattern-mapped part.
F
- Factory<T> - Interface in org.apache.shiro.util
-
Generics-aware interface supporting the Factory Method design pattern.
- FILE_PREFIX - Static variable in class org.apache.shiro.io.ResourceUtils
-
Resource path prefix that specifies to load from a file location, value is
file:
- fileLastModified - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- filter(ContainerRequestContext) - Method in class org.apache.shiro.web.jaxrs.AnnotationAuthorizationFilter
- filter(ContainerRequestContext) - Method in class org.apache.shiro.web.jaxrs.SubjectPrincipalRequestFilter
- FILTER_CHAIN_RESOLVER_NAME - Static variable in class org.apache.shiro.web.env.IniWebEnvironment
- FILTER_NAME - Static variable in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebFilterConfiguration
- FilterChainManager - Interface in org.apache.shiro.web.filter.mgt
- FilterChainResolver - Interface in org.apache.shiro.web.filter.mgt
- filterConfig - Variable in class org.apache.shiro.web.servlet.AbstractFilter
-
FilterConfig provided by the Servlet container at start-up.
- filterConfig(Key<T>) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
-
Builds a FilterConfig from a Filer and configuration String
- filterConfig(Key<T>, String) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
-
Builds a FilterConfig from a Filer and configuration String
- filterConfig(TypeLiteral<T>, String) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
-
Builds a FilterConfig from a Filer and configuration String
- filterConfig(Class<T>, String) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
-
Builds a FilterConfig from a Filer and configuration String
- filterMap - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- FILTERS - Static variable in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- filterShiroFilterRegistrationBean() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebFilterConfiguration
- finalizeEnvironment(WebEnvironment) - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Any additional cleanup of the Environment can be done by overriding this method.
- findEventBus(Map<String, ?>) - Method in class org.apache.shiro.config.ReflectionBuilder
- FirstSuccessfulStrategy - Class in org.apache.shiro.authc.pam
-
AuthenticationStrategy
implementation that only accepts the account data from the first successfully consulted Realm and ignores all subsequent realms. - FirstSuccessfulStrategy() - Constructor for class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
- forgetIdentity(Subject) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Forgets (removes) any remembered identity data for the specified
Subject
instance. - forgetIdentity(Subject) - Method in class org.apache.shiro.web.mgt.CookieRememberMeManager
-
Removes the 'rememberMe' cookie from the associated
WebSubject
's request/response pair. - forgetIdentity(SubjectContext) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Forgets any remembered identity corresponding to the subject context map being used to build a subject instance.
- forgetIdentity(SubjectContext) - Method in class org.apache.shiro.web.mgt.CookieRememberMeManager
-
Removes the 'rememberMe' cookie from the associated
WebSubjectContext
's request/response pair. - format(Hash) - Method in class org.apache.shiro.crypto.hash.format.Base64Format
-
Returns
hash != null ? hash.toBase64() : null
. - format(Hash) - Method in interface org.apache.shiro.crypto.hash.format.HashFormat
-
Returns a formatted string representing the specified Hash instance.
- format(Hash) - Method in class org.apache.shiro.crypto.hash.format.HexFormat
-
Returns
hash != null ? hash.toHex() : null
. - format(Hash) - Method in class org.apache.shiro.crypto.hash.format.Shiro1CryptFormat
- FormAuthenticationFilter - Class in org.apache.shiro.web.filter.authc
-
Requires the requesting user to be authenticated for the request to continue, and if they are not, forces the user to login via by redirecting them to the
loginUrl
you configure. - FormAuthenticationFilter() - Constructor for class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- forName(String) - Static method in class org.apache.shiro.util.ClassUtils
-
Attempts to load the specified class name from the current thread's
context class loader
, then the current ClassLoader (ClassUtils.class.getClassLoader()
), then the system/application ClassLoader (ClassLoader.getSystemClassLoader()
, in that order. - FORWARD_CONTEXT_PATH_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- FORWARD_PATH_INFO_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- FORWARD_QUERY_STRING_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- FORWARD_REQUEST_URI_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
-
Standard Servlet 2.4+ spec request attributes for forward URI and paths.
- FORWARD_SERVLET_PATH_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- fromBase64String(String) - Static method in class org.apache.shiro.crypto.hash.Md2Hash
- fromBase64String(String) - Static method in class org.apache.shiro.crypto.hash.Md5Hash
- fromBase64String(String) - Static method in class org.apache.shiro.crypto.hash.Sha1Hash
- fromBase64String(String) - Static method in class org.apache.shiro.crypto.hash.Sha256Hash
- fromBase64String(String) - Static method in class org.apache.shiro.crypto.hash.Sha384Hash
- fromBase64String(String) - Static method in class org.apache.shiro.crypto.hash.Sha512Hash
- fromHexString(String) - Static method in class org.apache.shiro.crypto.hash.Md2Hash
- fromHexString(String) - Static method in class org.apache.shiro.crypto.hash.Md5Hash
- fromHexString(String) - Static method in class org.apache.shiro.crypto.hash.Sha1Hash
- fromHexString(String) - Static method in class org.apache.shiro.crypto.hash.Sha256Hash
- fromHexString(String) - Static method in class org.apache.shiro.crypto.hash.Sha384Hash
- fromHexString(String) - Static method in class org.apache.shiro.crypto.hash.Sha512Hash
- fromRealm(String) - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns a single Subject's principals retrieved from the specified Realm only as a Collection, or an empty Collection if there are not any principals from that realm.
- fromRealm(String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- fromRealm(String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- fromResourcePath(String) - Static method in class org.apache.shiro.config.Ini
-
Creates a new
Ini
instance loaded with the INI-formatted data in the resource at the given path.
G
- GCM - org.apache.shiro.crypto.OperationMode
-
Galois/Counter mode* - for block ciphers with 128 bit block-size only.
- generateId(Session) - Method in class org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator
- generateId(Session) - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
-
Returns the String value of the configured
Random
'snextLong()
invocation. - generateId(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionIdGenerator
-
Generates a new ID to be applied to the specified
Session
instance. - generateInitializationVector(boolean) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- generateInitializationVector(boolean) - Method in class org.apache.shiro.crypto.JcaCipherService
- generateNewKey() - Method in class org.apache.shiro.crypto.AbstractSymmetricCipherService
-
Generates a new
Key
suitable for this CipherService'salgorithm
by callinggenerateNewKey(128)
(uses a 128 bit size by default). - generateNewKey(int) - Method in class org.apache.shiro.crypto.AbstractSymmetricCipherService
-
Generates a new
Key
of the specified size suitable for this CipherService (based on thealgorithmName
using the JDKKeyGenerator
. - generateSessionId(Session) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Generates a new ID to be applied to the specified
session
instance. - get(int) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- get(Object) - Method in class org.apache.shiro.config.Ini
- get(Object) - Method in class org.apache.shiro.config.Ini.Section
- get(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- get(Object) - Method in class org.apache.shiro.util.MapContext
- get(Object) - Method in class org.apache.shiro.util.SoftHashMap
- get(Object) - Static method in class org.apache.shiro.util.ThreadContext
-
Returns the object for the specified
key
that is bound to the current thread. - get(K) - Method in interface org.apache.shiro.cache.Cache
-
Returns the Cached value stored under the specified
key
ornull
if there is no Cache entry for thatkey
. - get(K) - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Gets a value of an element which matches the given key.
- get(K) - Method in class org.apache.shiro.cache.MapCache
- GET_METHOD - Static variable in class org.apache.shiro.web.filter.AccessControlFilter
-
Constant representing the HTTP 'GET' request method, equal to
GET
. - getActions() - Method in class org.apache.shiro.authz.permission.DomainPermission
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns all active sessions in the system.
- getActiveSessions() - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- getActiveSessions() - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Returns all sessions in the EIS that are considered active, meaning all sessions that haven't been stopped/expired.
- getActiveSessionsCache() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the cache instance to use for storing active sessions.
- getActiveSessionsCacheName() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the name of the actives sessions cache to be returned by the
CacheManager
. - getAlgorithmName() - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Implemented by subclasses, this specifies the
MessageDigest
algorithm name to use when performing the hash. - getAlgorithmName() - Method in interface org.apache.shiro.crypto.hash.Hash
-
Returns the name of the algorithm used to hash the input source, for example,
SHA-256
,MD5
, etc. - getAlgorithmName() - Method in interface org.apache.shiro.crypto.hash.HashRequest
-
Returns the name of the hash algorithm the
HashService
should use when computing theHash
, ornull
if the default algorithm configuration of theHashService
should be used. - getAlgorithmName() - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Returns the
MessageDigest
algorithm name to use when performing the hash. - getAlgorithmName() - Method in class org.apache.shiro.crypto.hash.SimpleHashRequest
- getAlgorithmName() - Method in class org.apache.shiro.crypto.JcaCipherService
-
Returns the cipher algorithm name that will be used for all encryption, decryption, and key operations (for example, 'AES', 'Blowfish', 'RSA', 'DSA', 'TripleDES', etc).
- getAlgorithmName(HashRequest) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- getAllAttributeValues(Attribute) - Static method in class org.apache.shiro.realm.ldap.LdapUtils
-
Helper method used to retrieve all attribute values from a particular context attribute.
- getAlreadyFilteredAttributeName() - Method in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
Return name of the request attribute that identifies that a request has already been filtered.
- getAndClearSavedRequest(ServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
- getAnnotatedMethods(Class<?>, Class<? extends Annotation>) - Static method in class org.apache.shiro.util.ClassUtils
- getAnnotation(MethodInvocation) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns the Annotation that this interceptor will process for the specified method invocation.
- getAnnotation(MethodInvocation, Class<? extends Annotation>) - Method in interface org.apache.shiro.aop.AnnotationResolver
-
Returns an
Annotation
instance of the specified type based on the givenMethodInvocation
argument, ornull
if no annotation of that type could be found. - getAnnotation(MethodInvocation, Class<? extends Annotation>) - Method in class org.apache.shiro.aop.DefaultAnnotationResolver
- getAnnotation(MethodInvocation, Class<? extends Annotation>) - Method in class org.apache.shiro.spring.aop.SpringAnnotationResolver
- getAnnotationClass() - Method in class org.apache.shiro.aop.AnnotationHandler
-
Returns the type of annotation this handler inspects and processes.
- getAnnotationClass() - Method in class org.apache.shiro.event.support.AnnotationEventListenerResolver
-
Returns the type of annotation that indicates a method that should be represented as an
EventListener
, defaults toSubscribe
. - getAnnotationValue(Annotation) - Method in class org.apache.shiro.authz.aop.PermissionAnnotationHandler
-
Returns the annotation
value
, from which the Permission will be constructed. - getArguments() - Method in interface org.apache.shiro.aop.MethodInvocation
-
Returns the (possibly null) arguments to be supplied to the method invocation.
- getArguments() - Method in class org.apache.shiro.aspectj.BeforeAdviceMethodInvocationAdapter
- getAttribute(Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getAttribute(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- getAttribute(Object) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getAttribute(Object) - Method in interface org.apache.shiro.session.Session
-
Returns the object bound to this session identified by the specified key.
- getAttribute(Object) - Method in class org.apache.shiro.web.session.HttpServletSession
- getAttribute(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getAttribute(SessionKey, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getAttribute(SessionKey, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns the object bound to the associated session identified by the specified attribute key.
- getAttributeKeys() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getAttributeKeys() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getAttributeKeys() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getAttributeKeys() - Method in interface org.apache.shiro.session.Session
-
Returns the keys of all the attributes stored under this session.
- getAttributeKeys() - Method in class org.apache.shiro.web.session.HttpServletSession
- getAttributeKeys(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getAttributeKeys(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns all attribute keys maintained by the target session or an empty collection if there are no attributes.
- getAttributeNames() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getAttributes() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getAuthenticationCache() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns a
Cache
instance to use for authentication caching, ornull
if no cache has been set. - getAuthenticationCacheKey(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the key under which
AuthenticationInfo
instances are cached if authentication caching is enabled. - getAuthenticationCacheKey(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the key under which
AuthenticationInfo
instances are cached if authentication caching is enabled. - getAuthenticationCacheName() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the name of a
Cache
to lookup from any availablecacheManager
if a cache is not explicitly configured viaAuthenticatingRealm.setAuthenticationCache(org.apache.shiro.cache.Cache)
. - getAuthenticationInfo() - Method in interface org.apache.shiro.subject.SubjectContext
- getAuthenticationInfo() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getAuthenticationInfo(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
This implementation functions as follows: It attempts to acquire any cached
AuthenticationInfo
corresponding to the specifiedAuthenticationToken
argument. - getAuthenticationInfo(AuthenticationToken) - Method in interface org.apache.shiro.realm.Realm
-
Returns an account's authentication-specific information for the specified token, or null if no account could be found based on the token.
- getAuthenticationListeners() - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Returns the
AuthenticationListener
s that should be notified during authentication attempts. - getAuthenticationMechanism() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns the type of LDAP authentication mechanism to use when connecting to the LDAP server.
- getAuthenticationScheme() - Method in class org.apache.shiro.web.jaxrs.ShiroSecurityContext
- getAuthenticationStrategy() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Returns the
AuthenticationStrategy
utilized by this modular authenticator during a multi-realm log-in attempt. - getAuthenticationToken() - Method in interface org.apache.shiro.subject.SubjectContext
- getAuthenticationToken() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getAuthenticationTokenClass() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the authenticationToken class supported by this realm.
- getAuthenticator() - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Returns the delegate
Authenticator
instance that this SecurityManager uses to perform all authentication operations. - getAuthorizationCache() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getAuthorizationCacheKey(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
- getAuthorizationCacheName() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getAuthorizationInfo(PrincipalCollection) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Returns an account's authorization-specific information for the specified
principals
, ornull
if no account could be found. - getAuthorizer() - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
-
Returns the underlying wrapped Authorizer instance to which this SecurityManager implementation delegates all of its authorization calls.
- getAvailablePrincipal(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
A utility method for subclasses that returns the first available principal of interest to this particular realm.
- getBaseUri() - Static method in class org.apache.shiro.testing.web.AbstractContainerIT
- getBasicAuthorizationHeaderValue(String, String) - Static method in class org.apache.shiro.testing.web.AbstractContainerIT
- getBean() - Method in class org.apache.shiro.config.event.BeanEvent
- getBean(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- getBean(String, Class<T>) - Method in class org.apache.shiro.config.ReflectionBuilder
- getBeanContext() - Method in class org.apache.shiro.config.event.BeanEvent
- getBeanName() - Method in class org.apache.shiro.config.event.BeanEvent
- getBeans() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- getBlockSize() - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- getBytes() - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.
- getBytes() - Method in class org.apache.shiro.crypto.hash.SimpleHash
- getBytes() - Method in interface org.apache.shiro.util.ByteSource
-
Returns the wrapped byte array.
- getBytes() - Method in class org.apache.shiro.util.SimpleByteSource
- getCache(String) - Method in class org.apache.shiro.cache.AbstractCacheManager
-
Returns the cache with the specified
name
. - getCache(String) - Method in interface org.apache.shiro.cache.CacheManager
-
Acquires the cache with the specified
name
. - getCache(String) - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Loads an existing EhCache from the cache manager, or starts a new cache if one is not found.
- getCache(String) - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Returns a
MapCache
instance representing the named Hazelcast-managedIMap
. - getCachedSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the cached session with the corresponding
sessionId
ornull
if there is no session cached under that id (or if there is no Cache). - getCachedSession(Serializable, Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the Session with the specified id from the specified cache.
- getCacheManager() - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Returns the wrapped Ehcache
CacheManager
instance. - getCacheManager() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Returns the CacheManager used by this SecurityManager.
- getCacheManager() - Method in class org.apache.shiro.realm.CachingRealm
-
Returns the CacheManager used for data caching to reduce EIS round trips, or null if caching is disabled.
- getCacheManager() - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Returns the CacheManager to use for acquiring the
activeSessionsCache
if one is not configured. - getCacheManagerConfigFile() - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Returns the resource location of the config file used to initialize a new EhCache CacheManager instance.
- getCacheManagerConfigFileInputStream() - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Acquires the InputStream for the ehcache configuration file using
ResourceUtils.getInputStreamForPath
with the path returned fromgetCacheManagerConfigFile()
. - getCasServerUrlPrefix() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- getCasService() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- getChain(String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- getChain(String) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Returns the filter chain identified by the specified
chainName
ornull
if there is no chain with that name. - getChain(ServletRequest, ServletResponse, FilterChain) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainResolver
-
Returns the filter chain that should be executed for the given request, or
null
if the original chain should be used. - getChain(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
- getChainNames() - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- getChainNames() - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Returns the names of all configured chains or an empty
Set
if no chains have been configured. - getCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Convenience method that returns the cipher key to use for both encryption and decryption.
- getCipherService() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Returns the
CipherService
to use for encrypting and decrypting serialized identity data to prevent easy inspection of Subject identity data. - getCleanParam(ServletRequest, String) - Static method in class org.apache.shiro.web.util.WebUtils
-
Convenience method that returns a request parameter value, first running it through
StringUtils.clean(String)
. - getComment() - Method in interface org.apache.shiro.web.servlet.Cookie
- getComment() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getConfig() - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Returns the Hazelcast
Config
object to use to create a backingHazelcastInstance
if one is notsupplied
, ornull
if the default Hazelcast configuration mechanisms will be used. - getConfig() - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.Returns the actual INI configuration text to use to build the
SecurityManager
andFilterChainResolver
used by the web application ornull
if theconfigPath
should be used to load a fallback INI source. - getConfigLocations() - Method in class org.apache.shiro.web.env.ResourceBasedWebEnvironment
- getConfigPath() - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.Returns the config path to be used to load a .ini file for configuration if a configuration is not specified via the
config
attribute. - getConfigurationInterpolator() - Method in class org.apache.shiro.config.CommonsInterpolator
- getConfigValue() - Method in class org.apache.shiro.guice.web.ShiroWebModule.FilterConfig
- getConstructor(Class, Class...) - Static method in class org.apache.shiro.util.ClassUtils
- getContext() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
- getContextAttribute(String) - Method in class org.apache.shiro.web.servlet.ServletContextSupport
- getContextFactory() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Returns the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication attempts and authorization queries.
- getContextFactoryClassName() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the name of the ContextFactory class to use.
- getContextInitParam(String) - Method in class org.apache.shiro.web.servlet.ServletContextSupport
- getContextPath(HttpServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
-
Return the context path for the given request, detecting an include request URL if called within a RequestDispatcher include.
- getCookie() - Method in class org.apache.shiro.web.mgt.CookieRememberMeManager
-
Returns the cookie 'template' that will be used to set all attributes of outgoing rememberMe cookies created by this
RememberMeManager
. - getCreationTime() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getCredentials() - Method in interface org.apache.shiro.authc.AuthenticationInfo
-
Returns the credentials associated with the corresponding Subject.
- getCredentials() - Method in interface org.apache.shiro.authc.AuthenticationToken
-
Returns the credentials submitted by the user during the authentication process that verifies the submitted
account identity
. - getCredentials() - Method in class org.apache.shiro.authc.BearerToken
- getCredentials() - Method in class org.apache.shiro.authc.SimpleAccount
-
Simply returns
this.authcInfo.getCredentials
. - getCredentials() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
- getCredentials() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the
password
char array. - getCredentials() - Method in class org.apache.shiro.cas.CasToken
-
Deprecated.
- getCredentials(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns a
Hash
instance representing the already-hashed AuthenticationInfo credentials stored in the system. - getCredentials(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
Returns the
account
's credentials. - getCredentials(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
-
Returns the
token
's credentials. - getCredentialsMatcher() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns the
CredentialsMatcher
used during an authentication attempt to verify submitted credentials with those stored in the system. - getCredentialsSalt() - Method in interface org.apache.shiro.authc.SaltedAuthenticationInfo
-
Returns the salt used to salt the account's credentials or
null
if no salt was used. - getCredentialsSalt() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns the salt used to hash this Account's credentials (eg for password hashing), or
null
if no salt was used or credentials were not hashed at all. - getCredentialsSalt() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Returns the salt used to hash the credentials, or
null
if no salt was used or credentials were not hashed at all. - getDecryptionCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Returns the decryption cipher key to use for decryption operations.
- getDefaultConfigLocations() - Method in class org.apache.shiro.web.env.IniWebEnvironment
-
Returns an array with two elements,
/WEB-INF/shiro.ini
andclasspath:shiro.ini
. - getDefaultIni() - Method in class org.apache.shiro.web.env.IniWebEnvironment
- getDefaultNextBytesSize() - Method in class org.apache.shiro.crypto.SecureRandomNumberGenerator
-
Returns the size of the generated byte array for calls to
nextBytes()
. - getDefaultPermissions() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- getDefaultRoles() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- getDefaults() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Returns a mapping of String to bean representing the default set of object used by the factory.
- getDefaults() - Method in class org.apache.shiro.web.env.IniWebEnvironment
- getDefaultSecureRandom() - Static method in class org.apache.shiro.crypto.JcaCipherService
- getDefaultValue() - Method in class org.apache.shiro.web.tags.PrincipalTag
- getDefaultWebEnvironmentClass() - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Returns the default WebEnvironment class, which is unless overridden:
IniWebEnvironment
. - getDigest(String) - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Returns the JDK MessageDigest instance to use for executing the hash.
- getDigest(String) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Returns the JDK MessageDigest instance to use for executing the hash.
- getDiskStoreSize() - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Returns the size (in bytes) that this EhCache's disk store is consuming or
-1
if that number is unknown or cannot be calculated. - getDomain() - Method in class org.apache.shiro.authz.permission.DomainPermission
- getDomain() - Method in interface org.apache.shiro.web.servlet.Cookie
- getDomain() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getDomain(Class<? extends DomainPermission>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- getEncryptionCipherKey() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Returns the cipher key to use for encryption operations.
- getEnvironment() - Method in class org.apache.shiro.jndi.JndiTemplate
-
Return the environment for the JNDI InitialContext, or
null
if none should be used. - getEnvironment() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns the base JNDI environment template to use when acquiring an LDAP connection (an
LdapContext
). - getErrorPath() - Method in class org.apache.shiro.samples.RestrictedErrorController
- getEventBus() - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Returns the
EventBus
used by this SecurityManager and potentially any of its children components. - getEventBus() - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Returns the EventBus used to publish SessionEvents.
- getEventListenerResolver() - Method in class org.apache.shiro.event.support.DefaultEventBus
- getEventListeners(Object) - Method in class org.apache.shiro.event.support.AnnotationEventListenerResolver
-
Returns a new collection of
EventListener
instances, each instance corresponding to an annotated method discovered on the specifiedinstance
argument. - getEventListeners(Object) - Method in interface org.apache.shiro.event.support.EventListenerResolver
-
Returns
EventListener
instances as a result of inspecting a subscriber object, mostly likely withSubscribe
-annotated methods. - getEventType() - Method in class org.apache.shiro.event.support.SingleArgumentMethodEventListener
- getEventType() - Method in interface org.apache.shiro.event.support.TypedEventListener
- getExecutionChain(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Returns the
FilterChain
to execute for the given request. - getFailureKeyAttribute() - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- getFilter(String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- getFilterChainDefinitionMap() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Returns the chainName-to-chainDefinition map of chain definitions to use for creating filter chains intercepted by the Shiro Filter.
- getFilterChainManager() - Method in class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
- getFilterChainMap() - Method in class org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition
- getFilterChainMap() - Method in interface org.apache.shiro.spring.web.config.ShiroFilterChainDefinition
- getFilterChainResolver() - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- getFilterChainResolver() - Method in interface org.apache.shiro.web.env.WebEnvironment
-
Returns the web application's
FilterChainResolver
if one has been configured ornull
if one is not available. - getFilterChainResolver() - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- getFilterChains() - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- getFilterClass() - Method in enum org.apache.shiro.web.filter.mgt.DefaultFilter
- getFilterConfig() - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- getFilterConfig() - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
-
Returns the
FilterConfig
provided by the Servlet container at webapp startup. - getFilterConfig() - Method in class org.apache.shiro.web.servlet.AbstractFilter
-
Returns the servlet container specified
FilterConfig
instance provided atstartup
. - getFilters() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Returns the filterName-to-Filter map of filters available for reference when defining filter chain definitions.
- getFilters() - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- getFilters() - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Returns the pool of available
Filter
s managed by this manager, keyed byname
. - getFilters(Map<String, String>, Map<String, ?>) - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- getFormatClassNames() - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
-
Returns a
hashFormatAlias
-to-fullyQualifiedHashFormatClassNameImplementation
map. - getFrameworkIni() - Method in class org.apache.shiro.web.env.IniWebEnvironment
-
Extension point to allow subclasses to provide an
Ini
configuration that will be merged into the users configuration. - getGlobalFilters() - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- getGlobalSessionTimeout() - Method in class org.apache.shiro.session.mgt.AbstractSessionManager
-
Returns the system-wide default time in milliseconds that any session may remain idle before expiring.
- getHandler() - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns the
AnnotationHandler
used to perform authorization behavior based on an annotation discovered at runtime. - getHashAlgorithmName() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns the
Hash
algorithmName
to use when performing hashes for credentials matching. - getHashAlgorithmName() - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- getHashFormat() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- getHashFormatClass(String) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
-
Heuristically determine the fully qualified HashFormat implementation class name based on the specified token.
- getHashFormatClass(String, String) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
-
Heuristically determine the fully qualified
HashFormat
implementation class name in the specified package based on the provided token. - getHashFormatFactory() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- getHashIterations() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns the number of times a submitted
AuthenticationToken
's credentials will be hashed before comparing to the credentials stored in the system. - getHashIterations() - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- getHashService() - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- getHazelcastInstance() - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Returns the
HazelcastInstance
from which namedConcurrentMap
instances will be acquired to createMapCache
instances. - getHost() - Method in class org.apache.shiro.authc.BearerToken
- getHost() - Method in interface org.apache.shiro.authc.HostAuthenticationToken
-
Returns the host name of the client from where the authentication attempt originates or if the Shiro environment cannot or chooses not to resolve the hostname to improve performance, this method returns the String representation of the client's IP address.
- getHost() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the host name or IP string from where the authentication attempt occurs.
- getHost() - Method in exception org.apache.shiro.authz.HostUnauthorizedException
-
Returns the host associated with this exception.
- getHost() - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- getHost() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getHost() - Method in interface org.apache.shiro.session.mgt.SessionContext
-
Returns the originating host name or IP address (as a String) from where the
Subject
is initiating theSession
. - getHost() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getHost() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getHost() - Method in interface org.apache.shiro.session.Session
-
Returns the host name or IP string of the host that originated this session, or
null
if the host is unknown. - getHost() - Method in interface org.apache.shiro.subject.SubjectContext
-
Returns the host name or IP that should reflect the constructed
Subject
's originating location. - getHost() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getHost() - Method in class org.apache.shiro.subject.support.DelegatingSubject
-
Returns the host name or IP associated with the client who created/is interacting with this Subject.
- getHost() - Method in class org.apache.shiro.web.session.HttpServletSession
- getHost(ServletRequest) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
-
Returns the host name or IP associated with the current subject.
- getHost(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getHost(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns the host name or IP string of the host where the session was started, if known.
- getHsts() - Method in class org.apache.shiro.web.filter.authz.SslFilter
- getHttpMethodAction(String) - Method in class org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
-
Determines the corresponding application action that will be performed on the filtered resource based on the specified HTTP method (GET, POST, etc).
- getHttpMethodAction(ServletRequest) - Method in class org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
-
Determines the action (verb) attempting to be performed on the filtered resource by the current request.
- getHttpMethodActions() - Method in class org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
-
Returns the HTTP Method name (key) to action verb (value) mapping used to resolve actions based on an incoming
HttpServletRequest
. - getHttpRequest(Object) - Static method in class org.apache.shiro.web.util.WebUtils
- getHttpResponse(Object) - Static method in class org.apache.shiro.web.util.WebUtils
- getId() - Method in interface org.apache.shiro.crypto.hash.format.ModularCryptFormat
-
Returns the Modular Crypt Format identifier that indicates how the formatted String should be parsed.
- getId() - Method in class org.apache.shiro.crypto.hash.format.Shiro1CryptFormat
- getId() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getId() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getId() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getId() - Method in interface org.apache.shiro.session.Session
-
Returns the unique identifier assigned by the system upon session creation.
- getId() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getId() - Method in class org.apache.shiro.web.session.HttpServletSession
- getId(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- getIdentityToRemember(Subject, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
- getIni() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- getIni() - Method in class org.apache.shiro.realm.text.IniRealm
-
Returns the Ini instance used to configure this realm.
- getIni() - Method in class org.apache.shiro.web.env.IniWebEnvironment
-
Returns the
Ini
instance reflecting this WebEnvironment's configuration. - getInitializationVectorSize() - Method in class org.apache.shiro.crypto.JcaCipherService
-
Returns the algorithm-specific size in bits of generated initialization vectors.
- getInitParam(String) - Method in class org.apache.shiro.web.servlet.AbstractFilter
-
Returns the value for the named
init-param
, ornull
if there was noinit-param
specified by that name. - getInputStreamForPath(String) - Static method in class org.apache.shiro.io.ResourceUtils
-
Returns the InputStream for the resource represented by the specified path, supporting scheme prefixes that direct how to acquire the input stream (
CLASSPATH_PREFIX
,URL_PREFIX
, orFILE_PREFIX
). - getInstance() - Method in class org.apache.shiro.jndi.JndiObjectFactory
- getInstance() - Method in class org.apache.shiro.util.AbstractFactory
- getInstance() - Method in interface org.apache.shiro.util.Factory
-
Returns an instance of the required type.
- getInstance(String) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
- getInstance(String) - Method in interface org.apache.shiro.crypto.hash.format.HashFormatFactory
- getInterval() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- getIterations() - Method in interface org.apache.shiro.crypto.hash.Hash
-
Returns the number of hash iterations used to compute the hash.
- getIterations() - Method in interface org.apache.shiro.crypto.hash.HashRequest
-
Returns the number of requested hash iterations to be performed when computing the final
Hash
result. - getIterations() - Method in class org.apache.shiro.crypto.hash.SimpleHash
- getIterations() - Method in class org.apache.shiro.crypto.hash.SimpleHashRequest
- getIterations(HashRequest) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- getJndiEnvironment() - Method in class org.apache.shiro.jndi.JndiLocator
-
Return the JNDI environment to use for JNDI lookups.
- getJndiNames() - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
-
Returns the JNDI names that will be used to look up Realm(s) from JNDI.
- getJndiTemplate() - Method in class org.apache.shiro.jndi.JndiLocator
-
Return the JNDI template to use for JNDI lookups.
- getKey() - Method in class org.apache.shiro.guice.web.ShiroWebModule.FilterConfig
- getKeyNames() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getKeySize() - Method in class org.apache.shiro.crypto.JcaCipherService
-
Returns the size in bits (not bytes) of generated cipher keys.
- getLastAccessedTime() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getLastAccessTime() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getLastAccessTime() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getLastAccessTime() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- getLastAccessTime() - Method in interface org.apache.shiro.session.Session
-
Returns the last time the application received a request or method invocation from the user associated with this session.
- getLastAccessTime() - Method in class org.apache.shiro.web.session.HttpServletSession
- getLastAccessTime(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getLastAccessTime(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns the time the associated
Session
last interacted with the system. - getLdapContext(Object, Object) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- getLdapContext(Object, Object) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
This implementation returns an LdapContext based on the configured JNDI/LDAP environment configuration.
- getLdapContext(Object, Object) - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory
-
Creates (or retrieves from a pool) an
LdapContext
connection bound using the specified principal and credentials. - getLdapContext(String, String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.the
DefaultLdapContextFactory.getLdapContext(Object, Object)
method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release. - getLdapContext(String, String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Deprecated.the
JndiLdapContextFactory.getLdapContext(Object, Object)
method should be used in all cases to ensure more than String principals and credentials can be used. Shiro no longer calls this method - it will be removed before the 2.0 release. - getLdapContext(String, String) - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory
-
Deprecated.the
LdapContextFactory.getLdapContext(Object, Object)
method should be used in all cases to ensure more than String principals and credentials can be used. - getLdapPrincipal(AuthenticationToken) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Returns the principal to use when creating the LDAP connection for an authentication attempt.
- getLoginUrl() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Returns the application's login URL to be assigned to all acquired Filters that subclass
AccessControlFilter
ornull
if no value should be assigned globally. - getLoginUrl() - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Returns the login URL used to authenticate a user.
- getMajorVersion() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Get the major version code.
- getMaxAge() - Method in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- getMaxAge() - Method in interface org.apache.shiro.web.servlet.Cookie
- getMaxAge() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getMaxInactiveInterval() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getMemoryStoreSize() - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Returns the size (in bytes) that this EhCache's memory store is using (RAM), or
-1
if that number is unknown or cannot be calculated. - getMemoryUsage() - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Returns the size (in bytes) that this EhCache is using in memory (RAM), or
-1
if that number is unknown or cannot be calculated. - getMethod() - Method in interface org.apache.shiro.aop.MethodInvocation
-
Returns the actual
Method
to be invoked. - getMethod() - Method in class org.apache.shiro.aspectj.BeforeAdviceMethodInvocationAdapter
- getMethod() - Method in class org.apache.shiro.event.support.SingleArgumentMethodEventListener
- getMethod() - Method in class org.apache.shiro.web.util.SavedRequest
- getMethodArgumentType(Method) - Method in class org.apache.shiro.event.support.SingleArgumentMethodEventListener
- getMethodInterceptors() - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Returns the method interceptors to execute for the annotated method.
- getModeName() - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- getName() - Method in class org.apache.shiro.authz.SimpleRole
- getName() - Method in class org.apache.shiro.config.Ini.Section
- getName() - Method in class org.apache.shiro.realm.CachingRealm
- getName() - Method in interface org.apache.shiro.realm.Realm
-
Returns the (application-unique) name assigned to this
Realm
. - getName() - Method in interface org.apache.shiro.web.filter.mgt.NamedFilterList
-
Returns the configuration-unique name assigned to this
Filter
list. - getName() - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- getName() - Method in interface org.apache.shiro.web.servlet.Cookie
- getName() - Method in class org.apache.shiro.web.servlet.NameableFilter
-
Returns the filter's name.
- getName() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getName() - Method in class org.apache.shiro.web.tags.PermissionTag
- getName() - Method in class org.apache.shiro.web.tags.RoleTag
- getName(String, String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- getObject() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Lazily creates and returns a
AbstractShiroFilter
concrete instance via theShiroFilterFactoryBean.createInstance()
method. - getObject(String, Class<T>) - Method in class org.apache.shiro.env.DefaultEnvironment
- getObject(String, Class<T>) - Method in interface org.apache.shiro.env.NamedObjectEnvironment
-
Returns the object in Shiro's environment with the specified name and type or
null
if no object with that name was found. - getObjectPermissions() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns all object-based permissions assigned directly to this Account (not any of its realms).
- getObjectPermissions() - Method in interface org.apache.shiro.authz.AuthorizationInfo
-
Returns all type-safe
Permission
s assigned to the corresponding Subject. - getObjectPermissions() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
- getObjects() - Method in class org.apache.shiro.config.ReflectionBuilder
- getObjects() - Method in class org.apache.shiro.env.DefaultEnvironment
-
Returns the live (modifiable) internal objects collection.
- getObjectType() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Returns
AbstractShiroFilter
.class - getOrder() - Method in class org.apache.shiro.spring.LifecycleBeanPostProcessor
-
Order value of this BeanPostProcessor.
- getPaddingSchemeName() - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- getParts() - Method in class org.apache.shiro.authz.permission.WildcardPermission
- getPassword() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the password submitted during an authentication attempt as a character array.
- getPassword(ServletRequest) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- getPasswordParam() - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- getPasswordService() - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- getPath() - Method in interface org.apache.shiro.web.servlet.Cookie
- getPath() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getPathMatcher() - Method in class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
-
Returns the
PatternMatcher
used when determining if an incoming request's path matches a configured filter chain. - getPathWithinApplication(HttpServletRequest) - Method in class org.apache.shiro.spring.web.ShiroUrlPathHelper
- getPathWithinApplication(HttpServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
-
Return the path within the web application for the given request.
- getPathWithinApplication(ServletRequest) - Method in class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
-
Merely returns
WebUtils.
and can be overridden by subclasses for custom request-to-application-path resolution behavior.getPathWithinApplication(request)
- getPathWithinApplication(ServletRequest) - Method in class org.apache.shiro.web.filter.PathMatchingFilter
-
Returns the context path within the application based on the specified
request
. - getPathWithinServletMapping(HttpServletRequest) - Method in class org.apache.shiro.spring.web.ShiroUrlPathHelper
- getPermissionAttributeNames() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- getPermissionResolver() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns the PermissionResolver to be used on all configured realms, or
null
- getPermissionResolver() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getPermissions() - Method in class org.apache.shiro.authz.SimpleRole
- getPermissions(Connection, String, Collection<String>) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- getPermissions(AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- getPermissionString() - Method in exception org.apache.shiro.authz.permission.InvalidPermissionStringException
Returns the permission string that was invalid and caused this exception to be thrown.- getPort() - Method in class org.apache.shiro.web.filter.authz.PortFilter
- getPreviousPrincipals() - Method in interface org.apache.shiro.subject.Subject
Returns the previous 'pre run as' identity of thisSubject
before assuming the currentrunAs
identity, ornull
if thisSubject
is not operating under an assumed identity (normal state).- getPreviousPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getPrimaryPrincipal() - Method in interface org.apache.shiro.subject.PrincipalCollection
Returns the primary principal used application-wide to uniquely identify the owning account/Subject.- getPrimaryPrincipal() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
Returns the first available principal from any of theRealm
principals, ornull
if there are no principals yet.- getPrimaryPrincipal() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getPrincipal() - Method in interface org.apache.shiro.authc.AuthenticationToken
Returns the account identity submitted during the authentication process.- getPrincipal() - Method in class org.apache.shiro.authc.BearerToken
- getPrincipal() - Method in class org.apache.shiro.authc.UsernamePasswordToken
Simply returnsgetUsername()
.- getPrincipal() - Method in class org.apache.shiro.cas.CasToken
Deprecated.- getPrincipal() - Method in interface org.apache.shiro.subject.Subject
Returns this Subject's application-wide uniquely identifying principal, ornull
if this Subject is anonymous because it doesn't yet have any associated account data (for example, if they haven't logged in).- getPrincipal() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getPrincipals() - Method in interface org.apache.shiro.authc.AuthenticationInfo
Returns all principals associated with the corresponding Subject.- getPrincipals() - Method in class org.apache.shiro.authc.SimpleAccount
Returns the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this Account.- getPrincipals() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
- getPrincipals() - Method in interface org.apache.shiro.subject.Subject
Returns this Subject's principals (identifying attributes) in the form of aPrincipalCollection
ornull
if this Subject is anonymous because it doesn't yet have any associated account data (for example, if they haven't logged in).- getPrincipals() - Method in interface org.apache.shiro.subject.SubjectContext
Returns the principals (aka identity) that the constructedSubject
should reflect.- getPrincipals() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getPrincipalsAndCredentials(String, String) - Method in class org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
Returns the username and password pair based on the specifiedencoded
String obtained from the request's authorization header.- getPrincipalsAndCredentials(String, String) - Method in class org.apache.shiro.web.filter.authc.BearerHttpAuthenticationFilter
- getPrincipalsLazy(String) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- getPrivateSalt() - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- getProperty() - Method in class org.apache.shiro.web.tags.PrincipalTag
- getPublicSalt(HashRequest) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
Returns the public salt that should be used to compute a hash based on the specified request ornull
if no public salt should be used.- getQueryString() - Method in class org.apache.shiro.web.util.SavedRequest
- getRandom() - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
- getRandomNumberGenerator() - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- getRealmNames() - Method in interface org.apache.shiro.subject.PrincipalCollection
Returns the realm names that this collection has principals for.- getRealmNames() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- getRealmNames() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getRealmPrincipal(String, String) - Method in interface org.apache.shiro.subject.PrincipalMap
- getRealmPrincipal(String, String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getRealmPrincipals(String) - Method in interface org.apache.shiro.subject.PrincipalMap
- getRealmPrincipals(String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- getRealms() - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
Returns the realm(s) used by thisAuthenticator
during an authentication attempt.- getRealms() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
Returns the realms wrapped by thisAuthorizer
which are consulted during an authorization check.- getRealms() - Method in class org.apache.shiro.mgt.RealmSecurityManager
Returns theRealm
s managed by this SecurityManager instance.- getRealms() - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
Performs the JNDI lookups for each specifiedJNDI name
and returns all discovered Realms in an ordered collection.- getRealms() - Method in interface org.apache.shiro.realm.RealmFactory
Returns a collection ofRealm
instances that will be used to construct the application's SecurityManager instance.- getRedirectUrl() - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
Returns the URL to where the user will be redirected after logout.- getRedirectUrl(ServletRequest, ServletResponse, Subject) - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
Returns the redirect URL to send the user after logout.- getReferencedObject(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- getReferral() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the LDAP referral behavior when creating a connection.- getReflectionBuilder() - Method in class org.apache.shiro.config.IniSecurityManagerFactory
Deprecated.Returns the ReflectionBuilder instance used to create SecurityManagers object graph.- getRememberedIdentity(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- getRememberedPrincipals(SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
Implements the interface method by firstacquiring
the remembered serialized byte array.- getRememberedPrincipals(SubjectContext) - Method in interface org.apache.shiro.mgt.RememberMeManager
Based on the specified subject context map being used to build a Subject instance, returns any previously remembered principals for the subject for automatic identity association (aka 'Remember Me').- getRememberedSerializedIdentity(SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
Based on the given subject context data, retrieves the previously persisted serialized identity, ornull
if there is no available data.- getRememberedSerializedIdentity(SubjectContext) - Method in class org.apache.shiro.web.mgt.CookieRememberMeManager
Returns a previously serialized identity byte array ornull
if the byte array could not be acquired.- getRememberMeAttributeName() - Method in class org.apache.shiro.cas.CasRealm
Deprecated.- getRememberMeManager() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- getRememberMeParam() - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- getRemoteUser() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- getRequest() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
- getRequest(Object) - Static method in class org.apache.shiro.web.util.WebUtils
- getRequestedSessionId() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- getRequestUri(HttpServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
Deprecated.use getPathWithinApplication() to get the path minus the context path, or call HttpServletRequest.getRequestURI() directly from your code.- getRequestURI() - Method in class org.apache.shiro.web.util.SavedRequest
- getRequestUrl() - Method in class org.apache.shiro.web.util.SavedRequest
- getRequiredType() - Method in class org.apache.shiro.jndi.JndiObjectFactory
- getRequiredWebEnvironment(ServletContext) - Static method in class org.apache.shiro.web.util.WebUtils
Find the ShiroWebEnvironment
for this web application, which is typically loaded via theEnvironmentLoaderListener
.- getResolver() - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
Returns theAnnotationResolver
to use to acquire annotations from intercepted methods at runtime.- getResourceAsStream(String) - Static method in class org.apache.shiro.util.ClassUtils
Returns the specified resource by checking the current thread'scontext class loader
, then the current ClassLoader (ClassUtils.class.getClassLoader()
), then the system/application ClassLoader (ClassLoader.getSystemClassLoader()
, in that order, usinggetResourceAsStream(name)
.- getResourceName() - Method in class org.apache.shiro.jndi.JndiObjectFactory
- getResourcePath() - Method in class org.apache.shiro.realm.text.IniRealm
- getResources() - Static method in class org.apache.shiro.util.ThreadContext
Returns the ThreadLocal Map.- getResponse(Object) - Static method in class org.apache.shiro.web.util.WebUtils
- getRole(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getRoleAttributeNames() - Method in class org.apache.shiro.cas.CasRealm
Deprecated.- getRoleDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- getRolename(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- getRoleNamesForGroups(Collection<String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
This method is called by the default implementation to translate Active Directory group names to role names.- getRoleNamesForUser(String, LdapContext) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- getRoleNamesForUser(Connection, String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- getRolePermissionResolver() - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
Returns the RolePermissionResolver to be used on all configured realms, ornull
- getRolePermissionResolver() - Method in class org.apache.shiro.realm.AuthorizingRealm
- getRoles() - Method in class org.apache.shiro.authc.SimpleAccount
Returnsthis.authzInfo.getRoles();
- getRoles() - Method in interface org.apache.shiro.authz.AuthorizationInfo
Returns the names of all roles assigned to a corresponding Subject.- getRoles() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
- getSalt() - Method in interface org.apache.shiro.crypto.hash.Hash
Returns a salt used to compute the hash ornull
if no salt was used.- getSalt() - Method in interface org.apache.shiro.crypto.hash.HashRequest
Returns a salt to be used by theHashService
during hash computation, ornull
if no salt is provided as part of the request.- getSalt() - Method in class org.apache.shiro.crypto.hash.SimpleHash
- getSalt() - Method in class org.apache.shiro.crypto.hash.SimpleHashRequest
- getSalt(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
Deprecated.since Shiro 1.1. Hash salting is now expected to be based on if theAuthenticationInfo
returned from theRealm
is aSaltedAuthenticationInfo
instance and itsgetCredentialsSalt()
method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if theRealm
does not returnSaltedAuthenticationInfo
instances, but it is highly recommended thatRealm
implementations that support hashed credentials start returningSaltedAuthenticationInfo
instances as soon as possible. This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0.- getSaltForUser(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
- getSameSite() - Method in interface org.apache.shiro.web.servlet.Cookie
- getSameSite() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getSavedRequest(ServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
- getScheduler() - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
- getScheme(String, int) - Method in class org.apache.shiro.web.filter.authz.PortFilter
- getScheme(String, int) - Method in class org.apache.shiro.web.filter.authz.SslFilter
- getSearchPackages() - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
Returns a set of package names that can be searched forHashFormat
implementations according to heuristics defined in thegetHashFormat(packageName, token)
JavaDoc.- getSection(String) - Method in class org.apache.shiro.config.Ini
Returns theIni.Section
with the given name ornull
if no section with that name exists.- getSectionName(String) - Static method in class org.apache.shiro.config.Ini
- getSectionNames() - Method in class org.apache.shiro.config.Ini
Returns the names of all sections managed by thisIni
instance or an empty collection if there are no sections.- getSectionProperty(String, String) - Method in class org.apache.shiro.config.Ini
Returns the value of the specified section property, ornull
if the section or property do not exist.- getSectionProperty(String, String, String) - Method in class org.apache.shiro.config.Ini
Returns the value of the specified section property, or thedefaultValue
if the section or property do not exist.- getSections() - Method in class org.apache.shiro.config.Ini
Returns the sections managed by thisIni
instance or an empty collection if there are no sections.- getSecureRandom() - Method in class org.apache.shiro.crypto.JcaCipherService
Returns a source of randomness for encryption operations.- getSecureRandom() - Method in class org.apache.shiro.crypto.SecureRandomNumberGenerator
Returns theSecureRandom
backing this instance.- getSecurityManager() - Method in class org.apache.shiro.env.DefaultEnvironment
Returns the application'sSecurityManager
instance accessible in the backing map using thesecurityManagerName
property as the lookup key.- getSecurityManager() - Method in interface org.apache.shiro.env.Environment
Returns the application'sSecurityManager
instance.- getSecurityManager() - Static method in class org.apache.shiro.SecurityUtils
Returns the SecurityManager accessible to the calling code.- getSecurityManager() - Method in class org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor
- getSecurityManager() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
Sets the applicationSecurityManager
instance to be used by the constructed Shiro Filter.- getSecurityManager() - Method in interface org.apache.shiro.subject.SubjectContext
Returns the SecurityManager instance that should be used to back the constructedSubject
instance ornull
if one has not yet been provided to this context.- getSecurityManager() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSecurityManager() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getSecurityManager() - Static method in class org.apache.shiro.util.ThreadContext
Convenience method that simplifies retrieval of the application's SecurityManager instance from the current thread.- getSecurityManager() - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- getSecurityManager() - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- getSecurityManagerFactory() - Method in class org.apache.shiro.web.env.IniWebEnvironment
Returns the SecurityManager factory used by this WebEnvironment.- getSecurityManagerName() - Method in class org.apache.shiro.env.DefaultEnvironment
Returns the name of theSecurityManager
instance in the backing map.- getSerializer() - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
Returns theSerializer
used to serialize and deserializePrincipalCollection
instances for persistent remember me storage.- getServletContext() - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- getServletContext() - Method in interface org.apache.shiro.web.env.WebEnvironment
Returns theServletContext
associated with thisWebEnvironment
instance.- getServletContext() - Method in class org.apache.shiro.web.servlet.ServletContextSupport
- getServletContext() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getServletContextIniResource(String) - Method in class org.apache.shiro.web.servlet.IniShiroFilter
Deprecated.Returns the INI instance reflecting the specified servlet context resource path ornull
if no resource was found.- getServletRequest() - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionContext
- getServletRequest() - Method in interface org.apache.shiro.web.session.mgt.WebSessionContext
Returns theServletRequest
received by the servlet container triggering the creation of theSession
instance.- getServletRequest() - Method in class org.apache.shiro.web.session.mgt.WebSessionKey
- getServletRequest() - Method in class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- getServletRequest() - Method in class org.apache.shiro.web.subject.support.WebDelegatingSubject
- getServletRequest() - Method in interface org.apache.shiro.web.subject.WebSubject
Returns theServletRequest
accessible when the Subject instance was created.- getServletRequest() - Method in interface org.apache.shiro.web.subject.WebSubjectContext
Returns theServletRequest
received by the servlet container triggering the creation of theSubject
instance.- getServletRequest() - Method in interface org.apache.shiro.web.util.RequestPairSource
Returns the incomingServletRequest
associated with the component.- getServletResponse() - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionContext
- getServletResponse() - Method in interface org.apache.shiro.web.session.mgt.WebSessionContext
The pairedServletResponse
corresponding to the associatedservletRequest
.- getServletResponse() - Method in class org.apache.shiro.web.session.mgt.WebSessionKey
- getServletResponse() - Method in class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- getServletResponse() - Method in class org.apache.shiro.web.subject.support.WebDelegatingSubject
- getServletResponse() - Method in interface org.apache.shiro.web.subject.WebSubject
Returns theServletResponse
accessible when the Subject instance was created.- getServletResponse() - Method in interface org.apache.shiro.web.subject.WebSubjectContext
The pairedServletResponse
corresponding to the associatedservletRequest
.- getServletResponse() - Method in interface org.apache.shiro.web.util.RequestPairSource
Returns the outgoingServletResponse
paired with the incomingservletRequest
.- getSession() - Method in interface org.apache.shiro.subject.Subject
Returns the applicationSession
associated with this Subject.- getSession() - Method in interface org.apache.shiro.subject.SubjectContext
Returns theSession
to use when building theSubject
instance.- getSession() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSession() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getSession() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- getSession() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getSession(boolean) - Method in interface org.apache.shiro.subject.Subject
Returns the applicationSession
associated with this Subject.- getSession(boolean) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- getSession(boolean) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- getSession(SessionKey) - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- getSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getSession(SessionKey) - Method in interface org.apache.shiro.session.mgt.SessionManager
Retrieves the session corresponding to the specified contextual data (such as a session ID if applicable), ornull
if no Session could be found.- getSession(SessionKey) - Method in class org.apache.shiro.web.session.mgt.ServletContainerSessionManager
- getSessionContext() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getSessionDAO() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- getSessionFactory() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
Returns theSessionFactory
used to generate newSession
instances.- getSessionId() - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- getSessionId() - Method in class org.apache.shiro.session.mgt.DefaultSessionKey
- getSessionId() - Method in interface org.apache.shiro.session.mgt.SessionContext
- getSessionId() - Method in interface org.apache.shiro.session.mgt.SessionKey
Returns the id of the session to acquire.- getSessionId() - Method in interface org.apache.shiro.subject.SubjectContext
Returns the session id of the session that should be associated with the constructedSubject
instance.- getSessionId() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSessionId(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- getSessionId(SessionKey) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- getSessionId(SessionKey) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- getSessionIdCookie() - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- getSessionIdGenerator() - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
Returns theSessionIdGenerator
used by theAbstractSessionDAO.generateSessionId(org.apache.shiro.session.Session)
method.- getSessionKey(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- getSessionKey(SubjectContext) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- getSessionListeners() - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getSessionManager() - Method in class org.apache.shiro.mgt.SessionsSecurityManager
Returns this security manager's internal delegateSessionManager
.- getSessionManager() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- getSessionMode() - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
Deprecated.- getSessionStorageEvaluator() - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
Returns theSessionStorageEvaluator
that will determine if aSubject
's state may be persisted in the Subject's session.- getSessionValidationInterval() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- getSessionValidationScheduler() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- getSource() - Method in interface org.apache.shiro.crypto.hash.HashRequest
Returns the source data that will be hashed by aHashService
.- getSource() - Method in class org.apache.shiro.crypto.hash.SimpleHashRequest
- getSpecifiedIni(String[]) - Method in class org.apache.shiro.web.env.IniWebEnvironment
- getStartTimestamp() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getStartTimestamp() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getStartTimestamp() - Method in class org.apache.shiro.session.ProxiedSession
Immediately delegates to the underlying proxied session.- getStartTimestamp() - Method in interface org.apache.shiro.session.Session
Returns the time the session was started; that is, the time the system created the instance.- getStartTimestamp() - Method in class org.apache.shiro.web.session.HttpServletSession
- getStartTimestamp(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getStartTimestamp(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
Returns the time the associatedSession
started (was created).- getStopAfterFirstSuccess() - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
- getStopTimestamp() - Method in class org.apache.shiro.session.mgt.SimpleSession
Returns the time the session was stopped, or null if the session is still active.- getStoredPassword(AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- getStreamingBlockSize() - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- getStreamingBufferSize() - Method in class org.apache.shiro.crypto.JcaCipherService
Returns the size in bytes of the internal buffer used to transfer data from one stream to another during stream operations (JcaCipherService.encrypt(java.io.InputStream, java.io.OutputStream, byte[])
andJcaCipherService.decrypt(java.io.InputStream, java.io.OutputStream, byte[])
).- getStreamingModeName() - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
Same purpose as themodeName
attribute, but is used instead only for for streaming operations (JcaCipherService.encrypt(java.io.InputStream, java.io.OutputStream, byte[])
andJcaCipherService.decrypt(java.io.InputStream, java.io.OutputStream, byte[])
).- getStreamingPaddingSchemeName() - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- getStringPermissions() - Method in class org.apache.shiro.authc.SimpleAccount
Returns all String-based permissions assigned to this Account.- getStringPermissions() - Method in interface org.apache.shiro.authz.AuthorizationInfo
Returns all string-based permissions assigned to the corresponding Subject.- getStringPermissions() - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
- getSubject() - Method in class org.apache.shiro.aop.AnnotationHandler
Returns theSubject
associated with the currently-executing code.- getSubject() - Method in class org.apache.shiro.aop.MethodInterceptorSupport
Returns theSubject
associated with the currently-executing code.- getSubject() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
Returns the currently Subject instance that should be associated with Runnable or Callable instances before being dispatched to the targetExecutor
instance.- getSubject() - Static method in class org.apache.shiro.SecurityUtils
Returns the currently accessibleSubject
available to the calling code depending on runtime environment.- getSubject() - Method in interface org.apache.shiro.subject.SubjectContext
Returns any existingSubject
that may be in use at the time the newSubject
instance is being created.- getSubject() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- getSubject() - Method in class org.apache.shiro.subject.support.SubjectThreadState
Returns theSubject
instance managed by thisThreadState
implementation.- getSubject() - Static method in class org.apache.shiro.util.ThreadContext
Convenience method that simplifies retrieval of a thread-bound Subject.- getSubject() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- getSubject() - Method in class org.apache.shiro.web.tags.SecureTag
- getSubject(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.AccessControlFilter
Convenience method that acquires the Subject associated with the request.- getSubject(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
Returns the currently executingSubject
.- getSubjectContext() - Method in class org.apache.shiro.subject.Subject.Builder
Returns the backing context used to build theSubject
instance, available to subclasses since thecontext
class attribute is marked asprivate
.- getSubjectDAO() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
Returns theSubjectDAO
responsible for persisting Subject state, typically used after login or when an Subject identity is discovered (eg after RememberMe services).- getSubjectFactory() - Method in class org.apache.shiro.mgt.DefaultSecurityManager
Returns theSubjectFactory
responsible for creatingSubject
instances exposed to the application.- getSubjectPrincipal() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- getSubmittedPassword(AuthenticationToken) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- getSuccessUrl() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
Returns the application's after-login success URL to be assigned to all acquired Filters that subclassAuthenticationFilter
ornull
if no value should be assigned globally.- getSuccessUrl() - Method in class org.apache.shiro.web.filter.authc.AuthenticationFilter
Returns the success url to use as the default location a user is sent after logging in.- getSystemLdapContext() - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
Deprecated.- getSystemLdapContext() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
This implementation delegates toJndiLdapContextFactory.getLdapContext(Object, Object)
using thesystemUsername
andsystemPassword
properties as arguments.- getSystemLdapContext() - Method in interface org.apache.shiro.realm.ldap.LdapContextFactory
Creates (or retrieves from a pool) aLdapContext
connection bound using the system account, or anonymously if no system account is configured.- getSystemPassword() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the password of thesystemUsername
that will be used when creating an LDAP connection used for authorization queries.- getSystemUsername() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the system username that will be used when creating an LDAP connection used for authorization queries.- getTarget() - Method in class org.apache.shiro.event.support.SingleArgumentMethodEventListener
- getTargetExecutor() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
Returns the target Executor instance that will actually execute the subject-associated Runnable instances.- getTargetExecutorService() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- getTargets() - Method in class org.apache.shiro.authz.permission.DomainPermission
- getTargetScheduledExecutorService() - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- getThis() - Method in interface org.apache.shiro.aop.MethodInvocation
Returns the object that holds the current joinpoint's static part.- getThis() - Method in class org.apache.shiro.aspectj.BeforeAdviceMethodInvocationAdapter
- getThreadNamePrefix() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- getTimeout() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- getTimeout() - Method in class org.apache.shiro.session.mgt.SimpleSession
- getTimeout() - Method in class org.apache.shiro.session.ProxiedSession
Immediately delegates to the underlying proxied session.- getTimeout() - Method in interface org.apache.shiro.session.Session
Returns the time in milliseconds that the session session may remain idle before expiring.- getTimeout() - Method in class org.apache.shiro.web.session.HttpServletSession
- getTimeout(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- getTimeout(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
Returns the time in milliseconds that the associated session may remain idle before expiring.- getTimeout(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
Subclass template hook in case per-session timeout is not based onSession.getTimeout()
.- getTimestamp() - Method in class org.apache.shiro.event.Event
Returns the timestamp when this event occurred as the number of milliseconds since Epoch (UTC time zone).- getTlsBaseUri() - Static method in class org.apache.shiro.testing.web.AbstractContainerIT
- getToken() - Method in class org.apache.shiro.authc.BearerToken
- getTransformationName() - Method in enum org.apache.shiro.crypto.PaddingScheme
Returns the actual string name to use when building theCipher
transformation string
.- getTransformationString(boolean) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
Returns the transformation string to use with theCipher.getInstance(java.lang.String)
call.- getTransformationString(boolean) - Method in class org.apache.shiro.crypto.JcaCipherService
Returns the transformation string to use with theCipher.getInstance(java.lang.String)
invocation when creating a newCipher
instance.- getType() - Method in class org.apache.shiro.web.tags.PrincipalTag
- getTypedValue(String, Class<E>) - Method in class org.apache.shiro.util.MapContext
Performs aget
operation but additionally ensures that the value returned is of the specifiedtype
.- getUnauthorizedUrl() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
Returns the application's after-login success URL to be assigned to all acquired Filters that subclassAuthenticationFilter
ornull
if no value should be assigned globally.- getUnauthorizedUrl() - Method in class org.apache.shiro.web.filter.authz.AuthorizationFilter
Returns the URL to which users should be redirected if they are denied access to an underlying path or resource, ornull
if a rawHttpServletResponse.SC_UNAUTHORIZED
response should be issued (401 Unauthorized).- getUrl() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
Returns the LDAP url to connect to.- getUrl() - Method in class org.apache.shiro.web.util.RedirectView
- getUser(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getUserDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- getUserDn(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the LDAP User Distinguished Name (DN) to use when acquiring anLdapContext
from theLdapContextFactory
.- getUserDnPrefix() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the User DN prefix to use when building a runtime User DN value ornull
if nouserDnTemplate
has been configured.- getUserDnSuffix() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the User DN suffix to use when building a runtime User DN value.- getUserDnTemplate() - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
Returns the User Distinguished Name (DN) template to use when creating User DNs at runtime - see thesetUserDnTemplate
JavaDoc for a full explanation.- getUsername() - Method in class org.apache.shiro.authc.UsernamePasswordToken
Returns the username submitted during an authentication attempt.- getUsername(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- getUsername(ServletRequest) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- getUsername(SimpleAccount) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getUsername(PrincipalCollection) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- getUsernameParam() - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- getUserPrincipal() - Method in class org.apache.shiro.web.jaxrs.ShiroSecurityContext
- getUserPrincipal() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- getValidationProtocol() - Method in class org.apache.shiro.cas.CasRealm
Deprecated.- getValue() - Method in interface org.apache.shiro.web.servlet.Cookie
- getValue() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getValue(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getValueNames() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- getVersion() - Static method in class org.apache.shiro.util.JavaEnvironment
Deprecated.Return the full Java version string, as returned bySystem.getProperty("java.version")
.- getVersion() - Method in interface org.apache.shiro.web.servlet.Cookie
- getVersion() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- getWarDir() - Static method in class org.apache.shiro.testing.web.AbstractContainerIT
- getWebEnvironment(ServletContext) - Static method in class org.apache.shiro.web.util.WebUtils
Find the ShiroWebEnvironment
for this web application, which is typically loaded viaEnvironmentLoaderListener
.- getWebEnvironment(ServletContext, String) - Static method in class org.apache.shiro.web.util.WebUtils
Find the ShiroWebEnvironment
for this web application.- getWebSecurityManager() - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- getWebSecurityManager() - Method in interface org.apache.shiro.web.env.WebEnvironment
Returns the web application's security manager instance.- globalFilters() - Method in class org.apache.shiro.guice.web.ShiroWebModule
- globalFilters() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebFilterConfiguration
- globalFilters() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- globalFilters() - Method in class org.apache.shiro.spring.web.config.ShiroWebFilterConfiguration
- GMT_TIME_ZONE_ID - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- GuestAnnotationHandler - Class in org.apache.shiro.authz.aop
Checks to see if a @RequiresGuest
annotation is declared, and if so, ensures the callingSubject
does not have anidentity
before invoking the method.- GuestAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationHandler
Default no-argument constructor that ensures this interceptor looks forRequiresGuest
annotations in a method declaration.- GuestAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
Checks to see if a @RequiresGuest
annotation is declared, and if so, ensures the callingSubject
does not have anidentity
before invoking the method.- GuestAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationMethodInterceptor
Default no-argument constructor that ensures this interceptor looks forRequiresGuest
annotations in a method declaration.- GuestAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.GuestAnnotationMethodInterceptor
- GuestTag - Class in org.apache.shiro.web.tags
JSP tag that renders the tag body if the current user is not known to the system, either because they haven't logged in yet, or because they have no 'RememberMe' identity.- GuestTag() - Constructor for class org.apache.shiro.web.tags.GuestTag
- guiceFilterModule() - Static method in class org.apache.shiro.guice.web.ShiroWebModule
- guiceFilterModule(String) - Static method in class org.apache.shiro.guice.web.ShiroWebModule
- GuiceShiroFilter - Class in org.apache.shiro.guice.web
Shiro filter that is managed by and receives its filter chain configurations from Guice.H
- H64 - Class in org.apache.shiro.codec
-
Codec for Unix Crypt-style encoding.
- H64() - Constructor for class org.apache.shiro.codec.H64
- handleException(AuthorizationException, Model) - Method in class org.apache.shiro.samples.WebApp
- hasAllRoles(Collection<String>) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject has all of the specified roles,false
otherwise. - hasAllRoles(Collection<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasAllRoles(PrincipalCollection, Collection<String>) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user has all of the specified roles, false otherwise.
- hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
iff any of the configured realms'ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String)
call returnstrue
for all roles specified,false
otherwise. - hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- hasAllRoles(PrincipalCollection, Collection<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- HasAnyRolesTag - Class in org.apache.shiro.web.tags
-
Displays body content if the current user has any of the roles specified.
- HasAnyRolesTag() - Constructor for class org.apache.shiro.web.tags.HasAnyRolesTag
- hasChains() - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- hasChains() - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Returns
true
if one or more configured chains are available,false
if none are configured. - hash(byte[]) - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Hashes the specified byte array without a salt for a single iteration.
- hash(byte[]) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Hashes the specified byte array without a salt for a single iteration.
- hash(byte[], byte[]) - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Hashes the specified byte array using the given
salt
for a single iteration. - hash(byte[], byte[]) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Hashes the specified byte array using the given
salt
for a single iteration. - hash(byte[], byte[], int) - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Hashes the specified byte array using the given
salt
for the specified number of iterations. - hash(byte[], byte[], int) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Hashes the specified byte array using the given
salt
for the specified number of iterations. - Hash - Interface in org.apache.shiro.crypto.hash
-
A Cryptographic
Hash
represents a one-way conversion algorithm that transforms an input source to an underlying byte array. - hashCode() - Method in class org.apache.shiro.authc.SimpleAccount
-
If the
principals
are not null, returnsprincipals.hashCode()
, otherwise returns 0 (zero). - hashCode() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Returns the hashcode of the internal
principals
instance. - hashCode() - Method in class org.apache.shiro.authz.permission.WildcardPermission
- hashCode() - Method in class org.apache.shiro.authz.SimpleRole
- hashCode() - Method in class org.apache.shiro.config.Ini
- hashCode() - Method in class org.apache.shiro.config.Ini.Section
- hashCode() - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Simply returns toHex().hashCode();
- hashCode() - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Simply returns toHex().hashCode();
- hashCode() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Returns the hashCode.
- hashCode() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- hashCode() - Method in class org.apache.shiro.util.SimpleByteSource
- HashedCredentialsMatcher - Class in org.apache.shiro.authc.credential
-
A
HashedCredentialMatcher
provides support for hashing of suppliedAuthenticationToken
credentials before being compared to those in theAuthenticationInfo
from the data store. - HashedCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
JavaBeans-compatible no-arg constructor intended for use in IoC/Dependency Injection environments.
- HashedCredentialsMatcher(String) - Constructor for class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Creates an instance using the specified
hashAlgorithmName
to hash submitted credentials. - Hasher - Class in org.apache.shiro.tools.hasher
-
Commandline line utility to hash data such as strings, passwords, resources (files, urls, etc).
- Hasher() - Constructor for class org.apache.shiro.tools.hasher.Hasher
- HashFormat - Interface in org.apache.shiro.crypto.hash.format
-
A
HashFormat
is able to format aHash
instance into a well-defined formatted String. - HashFormatFactory - Interface in org.apache.shiro.crypto.hash.format
- HashingPasswordService - Interface in org.apache.shiro.authc.credential
-
A
HashingPasswordService
is aPasswordService
that performs password encryption and comparisons based on cryptographicHash
es. - hashPassword(Object) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- hashPassword(Object) - Method in interface org.apache.shiro.authc.credential.HashingPasswordService
-
Hashes the specified plaintext password using internal hashing configuration settings pertinent to password hashing.
- hashProvidedCredentials(Object, Object, int) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Hashes the provided credentials a total of
hashIterations
times, using the given salt. - hashProvidedCredentials(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Hash the provided
token
's credentials using the salt stored with the account if theinfo
instance is aninstanceof
SaltedAuthenticationInfo
(see the class-level JavaDoc for why this is the preferred approach). - HashRequest - Interface in org.apache.shiro.crypto.hash
-
A
HashRequest
is composed of data that will be used by aHashService
to compute a hash (aka 'digest'). - HashRequest.Builder - Class in org.apache.shiro.crypto.hash
-
A Builder class representing the Builder design pattern for constructing
HashRequest
instances. - HashService - Interface in org.apache.shiro.crypto.hash
-
A
HashService
hashes input sources utilizing a particular hashing strategy. - hasLength(String) - Static method in class org.apache.shiro.util.Assert
-
Assert that the given String is not empty; that is, it must not be
null
and not the empty String. - hasLength(String) - Static method in class org.apache.shiro.util.StringUtils
-
Check that the given String is neither
null
nor of length 0. - hasLength(String, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that the given String is not empty; that is, it must not be
null
and not the empty String. - HasPermissionTag - Class in org.apache.shiro.web.tags
- HasPermissionTag() - Constructor for class org.apache.shiro.web.tags.HasPermissionTag
- hasPrincipals() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasResourcePrefix(String) - Static method in class org.apache.shiro.io.ResourceUtils
-
Returns
true
if the resource path is not null and starts with one of the recognized resource prefixes (CLASSPATH_PREFIX
,URL_PREFIX
, orFILE_PREFIX
),false
otherwise. - hasRole(String) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject has the specified role,false
otherwise. - hasRole(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasRole(String, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- hasRole(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user has the specified role, false otherwise.
- hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String)
call returnstrue
,false
otherwise. - hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- hasRole(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- hasRoles(List<String>) - Method in interface org.apache.shiro.subject.Subject
-
Checks if this Subject has the specified roles, returning a boolean array indicating which roles are associated.
- hasRoles(List<String>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- hasRoles(List<String>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- hasRoles(PrincipalCollection, List<String>) - Method in interface org.apache.shiro.authz.Authorizer
-
Checks if the corresponding Subject/user has the specified roles, returning a boolean array indicating which roles are associated with the given subject.
- hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Calls
ModularRealmAuthorizer.hasRole(org.apache.shiro.subject.PrincipalCollection, String)
for each role name in the specified collection and places the return value from each call at the respective location in the returned array. - hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- hasRoles(PrincipalCollection, List<String>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- HasRoleTag - Class in org.apache.shiro.web.tags
- HasRoleTag() - Constructor for class org.apache.shiro.web.tags.HasRoleTag
- hasText(String) - Static method in class org.apache.shiro.util.Assert
-
Assert that the given String has valid text content; that is, it must not be
null
and must contain at least one non-whitespace character. - hasText(String) - Static method in class org.apache.shiro.util.StringUtils
-
Check whether the given String has actual text.
- hasText(String, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that the given String has valid text content; that is, it must not be
null
and must contain at least one non-whitespace character. - HazelcastCacheManager - Class in org.apache.shiro.hazelcast.cache
-
A
CacheManager
implementation backed by Hazelcast, "an open source clustering and highly scalable data distribution platform for Java" - HazelcastCacheManager() - Constructor for class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
- HelloController - Class in org.apache.shiro.samples
- HelloController() - Constructor for class org.apache.shiro.samples.HelloController
- Hex - Class in org.apache.shiro.codec
-
Hexadecimal encoder and decoder.
- Hex() - Constructor for class org.apache.shiro.codec.Hex
- HEX - org.apache.shiro.crypto.hash.format.ProvidedHashFormat
-
Value representing the
HexFormat
implementation. - HexFormat - Class in org.apache.shiro.crypto.hash.format
-
HashFormat
that outputs only The hash's digest bytes in hex format. - HexFormat() - Constructor for class org.apache.shiro.crypto.hash.format.HexFormat
- home(HttpServletRequest, Model) - Method in class org.apache.shiro.samples.HelloController
- home(Model) - Method in class org.apache.shiro.samples.AccountInfoController
- host - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- host(String) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will reflect the specified host name or IP as its originating location. - HOST_KEY - Static variable in class org.apache.shiro.spring.remoting.SecureRemoteInvocationFactory
- HostAuthenticationToken - Interface in org.apache.shiro.authc
-
A
HostAuthenticationToken
retains the host information from where an authentication attempt originates. - HostFilter - Class in org.apache.shiro.web.filter.authz
-
A Filter that can allow or deny access based on the host that sent the request.
- HostFilter() - Constructor for class org.apache.shiro.web.filter.authz.HostFilter
- HostUnauthorizedException - Exception in org.apache.shiro.authz
-
Thrown when a particular client (that is, host address) has not been enabled to access the system or if the client has been enabled access but is not permitted to perform a particular operation or access a particular resource.
- HostUnauthorizedException() - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Creates a new HostUnauthorizedException.
- HostUnauthorizedException(String) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Constructs a new HostUnauthorizedException.
- HostUnauthorizedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Constructs a new HostUnauthorizedException.
- HostUnauthorizedException(Throwable) - Constructor for exception org.apache.shiro.authz.HostUnauthorizedException
-
Constructs a new HostUnauthorizedException.
- HSTS() - Constructor for class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- HTTP_HEADER - Static variable in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- HTTP_ONLY_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- HTTP_SCHEME - Static variable in class org.apache.shiro.web.filter.authz.PortFilter
- HTTP_SESSION_MODE - Static variable in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
-
Deprecated.
- HttpMethodPermissionFilter - Class in org.apache.shiro.web.filter.authz
-
A filter that translates an HTTP Request's Method (eg GET, POST, etc) into an corresponding action (verb) and uses that verb to construct a permission that will be checked to determine access.
- HttpMethodPermissionFilter() - Constructor for class org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
-
Creates the filter instance with default method-to-action values in the instance's
http method actions map
. - HTTPS_SCHEME - Static variable in class org.apache.shiro.web.filter.authz.SslFilter
- HttpServletSession - Class in org.apache.shiro.web.session
-
Session
implementation that is backed entirely by a standard servlet containerHttpSession
instance. - HttpServletSession(HttpSession, String) - Constructor for class org.apache.shiro.web.session.HttpServletSession
- httpSessions - Variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
I
- ID - Static variable in class org.apache.shiro.crypto.hash.format.Shiro1CryptFormat
- IDENTITY_REMOVED_KEY - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- ImmutableProxiedSession - Class in org.apache.shiro.session.mgt
-
Implementation of the
Session
interface that proxies anotherSession
, but does not allow any 'write' operations to the underlying session. - ImmutableProxiedSession(Session) - Constructor for class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Constructs a new instance of this class proxying the specified
Session
. - implies(Permission) - Method in class org.apache.shiro.authz.permission.AllPermission
-
Always returns true, indicating any Subject granted this permission can do anything.
- implies(Permission) - Method in interface org.apache.shiro.authz.Permission
-
Returns
true
if this current instance implies all the functionality and/or resource access described by the specifiedPermission
argument,false
otherwise. - implies(Permission) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- INCLUDE_CONTEXT_PATH_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- INCLUDE_PATH_INFO_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- INCLUDE_QUERY_STRING_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- INCLUDE_REQUEST_URI_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
-
Standard Servlet 2.3+ spec request attributes for include URI and paths.
- INCLUDE_SERVLET_PATH_ATTRIBUTE - Static variable in class org.apache.shiro.web.util.WebUtils
- IncorrectCredentialsException - Exception in org.apache.shiro.authc
-
Thrown when attempting to authenticate with credential(s) that do not match the actual credentials associated with the account principal.
- IncorrectCredentialsException() - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Creates a new IncorrectCredentialsException.
- IncorrectCredentialsException(String) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Constructs a new IncorrectCredentialsException.
- IncorrectCredentialsException(String, Throwable) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Constructs a new IncorrectCredentialsException.
- IncorrectCredentialsException(Throwable) - Constructor for exception org.apache.shiro.authc.IncorrectCredentialsException
-
Constructs a new IncorrectCredentialsException.
- indexOf(Object) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- Ini - Class in org.apache.shiro.config
-
A class representing the INI text configuration format.
- Ini() - Constructor for class org.apache.shiro.config.Ini
-
Creates a new empty
Ini
instance. - Ini(Ini) - Constructor for class org.apache.shiro.config.Ini
-
Creates a new
Ini
instance with the specified defaults. - INI_REALM_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- Ini.Section - Class in org.apache.shiro.config
- iniClasspathRealm() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- IniFactorySupport<T> - Class in org.apache.shiro.config
-
Deprecated.use Shiro's
Environment
mechanisms instead. - IniFactorySupport() - Constructor for class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- IniFactorySupport(Ini) - Constructor for class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- IniFilterChainResolverFactory - Class in org.apache.shiro.web.config
- IniFilterChainResolverFactory() - Constructor for class org.apache.shiro.web.config.IniFilterChainResolverFactory
- IniFilterChainResolverFactory(Ini) - Constructor for class org.apache.shiro.web.config.IniFilterChainResolverFactory
- IniFilterChainResolverFactory(Ini, Map<String, ?>) - Constructor for class org.apache.shiro.web.config.IniFilterChainResolverFactory
- iniMetaInfClasspathRealm() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- IniRealm - Class in org.apache.shiro.realm.text
- IniRealm() - Constructor for class org.apache.shiro.realm.text.IniRealm
- IniRealm(String) - Constructor for class org.apache.shiro.realm.text.IniRealm
-
This constructor will immediately process the definitions in the
Ini
resolved from the specifiedresourcePath
. - IniRealm(Ini) - Constructor for class org.apache.shiro.realm.text.IniRealm
-
This constructor will immediately process the definitions in the
Ini
argument. - iniRealmFromLocation(String) - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- IniSecurityManagerFactory - Class in org.apache.shiro.config
-
Deprecated.use Shiro's
Environment
mechanisms instead. - IniSecurityManagerFactory() - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Creates a new instance.
- IniSecurityManagerFactory(String) - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- IniSecurityManagerFactory(Ini) - Constructor for class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- IniShiroFilter - Class in org.apache.shiro.web.servlet
-
Deprecated.in 1.2 in favor of using the
ShiroFilter
- IniShiroFilter() - Constructor for class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- init() - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Initializes this instance.
- init() - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Initializes this instance by
ensuring
there is a backingHazelcastInstance
. - init() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Initializes this realm and potentially enables an authentication cache, depending on configuration.
- init() - Method in interface org.apache.shiro.util.Initializable
-
Initializes this object.
- init() - Method in class org.apache.shiro.web.env.IniWebEnvironment
- init() - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- init() - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- init() - Method in class org.apache.shiro.web.servlet.ShiroFilter
-
Configures this instance based on the existing
WebEnvironment
instance available to the currently accessibleservletContext
. - init(Object) - Static method in class org.apache.shiro.util.LifecycleUtils
- init(Collection) - Static method in class org.apache.shiro.util.LifecycleUtils
-
Calls
init
for each object in the collection. - init(FilterConfig) - Method in class org.apache.shiro.web.servlet.AbstractFilter
-
Sets the filter's
filterConfig
and then immediately callsonFilterConfigSet()
to trigger any processing a subclass might wish to perform. - init(Initializable) - Static method in class org.apache.shiro.util.LifecycleUtils
- initEnvironment(ServletContext) - Method in class org.apache.shiro.web.env.EnvironmentLoader
-
Initializes Shiro's
WebEnvironment
instance for the specifiedServletContext
based on theEnvironmentLoader.CONFIG_LOCATIONS_PARAM
value. - initFilter(Filter) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
-
Initializes the filter by calling
filter.init(
.getFilterConfig()
); - Initializable - Interface in org.apache.shiro.util
-
Shiro container-agnostic interface that indicates that this object requires initialization.
- InitializedBeanEvent - Class in org.apache.shiro.config.event
-
Event triggered when a configured bean has been instantiated, fully configured and initialized.
- InitializedBeanEvent(String, Object, Map<String, Object>) - Constructor for class org.apache.shiro.config.event.InitializedBeanEvent
- IniWebEnvironment - Class in org.apache.shiro.web.env
- IniWebEnvironment() - Constructor for class org.apache.shiro.web.env.IniWebEnvironment
- instantiate(Constructor, Object...) - Static method in class org.apache.shiro.util.ClassUtils
- InstantiatedBeanEvent - Class in org.apache.shiro.config.event
-
Event triggered when a configured bean has been instantiated but before it is configured or initialized.
- InstantiatedBeanEvent(String, Object, Map<String, Object>) - Constructor for class org.apache.shiro.config.event.InstantiatedBeanEvent
- InstantiationException - Exception in org.apache.shiro.util
-
Runtime exception thrown by the framework when unable to instantiate a Class via reflection.
- InstantiationException() - Constructor for exception org.apache.shiro.util.InstantiationException
-
Creates a new InstantiationException.
- InstantiationException(String) - Constructor for exception org.apache.shiro.util.InstantiationException
-
Constructs a new InstantiationException.
- InstantiationException(String, Throwable) - Constructor for exception org.apache.shiro.util.InstantiationException
-
Constructs a new InstantiationException.
- InstantiationException(Throwable) - Constructor for exception org.apache.shiro.util.InstantiationException
-
Constructs a new InstantiationException.
- interpolate(String) - Method in class org.apache.shiro.config.CommonsInterpolator
- interpolate(String) - Method in class org.apache.shiro.config.DefaultInterpolator
-
Simply returns the original
value
. - interpolate(String) - Method in interface org.apache.shiro.config.Interpolator
-
Interpolates
value
and returns the result. - Interpolator - Interface in org.apache.shiro.config
-
Basic String interpolation interface.
- INVALID_REQUEST - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- invalidate() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- InvalidPermissionStringException - Exception in org.apache.shiro.authz.permission
-
Thrown by
PermissionResolver.resolvePermission(String)
when the String being parsed is not valid for that resolver. - InvalidPermissionStringException(String, String) - Constructor for exception org.apache.shiro.authz.permission.InvalidPermissionStringException
-
Constructs a new exception with the given message and permission string.
- invalidRequest - org.apache.shiro.web.filter.mgt.DefaultFilter
- InvalidRequestFilter - Class in org.apache.shiro.web.filter
-
A request filter that blocks malicious requests.
- InvalidRequestFilter() - Constructor for class org.apache.shiro.web.filter.InvalidRequestFilter
- InvalidResourceUsageException - Exception in org.apache.shiro.dao
-
Root exception indicating invalid or incorrect usage of a data access resource.
- InvalidResourceUsageException(String) - Constructor for exception org.apache.shiro.dao.InvalidResourceUsageException
-
Constructs an InvalidResourceUsageException with a message explaining the cause of the exception.
- InvalidResourceUsageException(String, Throwable) - Constructor for exception org.apache.shiro.dao.InvalidResourceUsageException
-
Constructs a InvalidResourceUsageException with a message explaining the cause of the exception.
- InvalidSessionException - Exception in org.apache.shiro.session
-
Exception thrown when attempting to interact with the system under an established session when that session is considered invalid.
- InvalidSessionException() - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Creates a new InvalidSessionException.
- InvalidSessionException(String) - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Constructs a new InvalidSessionException.
- InvalidSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Constructs a new InvalidSessionException.
- InvalidSessionException(Throwable) - Constructor for exception org.apache.shiro.session.InvalidSessionException
-
Constructs a new InvalidSessionException.
- invoke(MethodInvocation) - Method in class org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor
-
Creates a Shiro
MethodInvocation
instance and then immediately callssuper.invoke
. - invoke(MethodInvocation) - Method in interface org.apache.shiro.aop.MethodInterceptor
-
Invokes the specified
MethodInvocation
, allowing implementations to perform pre/post/finally surrounding the actual invocation. - invoke(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor
-
Ensures the
methodInvocation
is allowed to execute first before proceeding by calling theassertAuthorized
method first. - invoke(MethodInvocation) - Method in class org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
-
Invokes the specified method (
methodInvocation.
if authorization is allowed by first callingproceed
()assertAuthorized
. - invoke(RemoteInvocation, Object) - Method in class org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor
- invokeAll(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- invokeAll(Collection<? extends Callable<T>>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- invokeAny(Collection<? extends Callable<T>>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- invokeAny(Collection<? extends Callable<T>>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- IPV4_PATTERN - Static variable in class org.apache.shiro.web.filter.authz.HostFilter
- IPV4_QUAD_REGEX - Static variable in class org.apache.shiro.web.filter.authz.HostFilter
- IPV4_REGEX - Static variable in class org.apache.shiro.web.filter.authz.HostFilter
- isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.cas.CasFilter
-
Deprecated.Returns
false
to always force authentication (user is never considered authenticated by this filter). - isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Returns
true
if the request is allowed to proceed through the filter normally, orfalse
if the request should be handled by theonAccessDenied(request,response,mappedValue)
method instead. - isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
-
Determines whether the current subject should be allowed to make the current request.
- isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authc.AuthenticationFilter
-
Determines whether the current subject is authenticated.
- isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authc.UserFilter
-
Returns
true
if the request is aloginRequest
or if the currentsubject
is notnull
,false
otherwise. - isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authz.HostFilter
- isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
-
Resolves an 'application friendly' action verb based on the
HttpServletRequest
's method, appends that action to each configured permission (themappedValue
argument is aString[]
array), and delegates the permission check for the newly constructed permission(s) to the superclassisAccessAllowed
implementation to perform the actual permission check. - isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter
- isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authz.PortFilter
- isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authz.RolesAuthorizationFilter
- isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authz.SslFilter
-
Retains the parent method's port-matching behavior but additionally guarantees that the
ServletRequest.
isSecure()
. - isAccessAllowed(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- isAssignable(Class, Class) - Static method in class org.apache.shiro.util.Assert
-
Assert that
superType.isAssignableFrom(subType)
istrue
. - isAssignable(Class, Class, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that
superType.isAssignableFrom(subType)
istrue
. - isAtLeastVersion14() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Convenience method to determine if the current JVM is at least Java 1.4.
- isAtLeastVersion15() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Convenience method to determine if the current JVM is at least Java 1.5 (Java 5).
- isAtLeastVersion16() - Static method in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Convenience method to determine if the current JVM is at least Java 1.6 (Java 6).
- isAuthenticated() - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject/user proved their identity during their current session by providing valid credentials matching those known to the system,false
otherwise. - isAuthenticated() - Method in interface org.apache.shiro.subject.SubjectContext
-
Returns
true
if the constructedSubject
should be considered authenticated,false
otherwise. - isAuthenticated() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- isAuthenticated() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isAuthenticationCachingEnabled() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns
true
if authentication caching should be utilized if aCacheManager
has beenconfigured
,false
otherwise. - isAuthenticationCachingEnabled(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Returns
true
if authentication caching should be utilized based on the specifiedAuthenticationToken
and/orAuthenticationInfo
,false
otherwise. - isAuthorizationCachingEnabled() - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Returns
true
if authorization caching should be utilized if aCacheManager
has beenconfigured
,false
otherwise. - isAutoApplyRealms(SecurityManager) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- isAvailable(String) - Static method in class org.apache.shiro.util.ClassUtils
- isBase64(byte[]) - Static method in class org.apache.shiro.codec.Base64
-
Tests a given byte array to see if it contains only valid characters within the Base64 alphabet.
- isBlockBackslash() - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- isBlockNonAscii() - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- isBlockSemicolon() - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- isByteSource(Object) - Method in class org.apache.shiro.codec.CodecSupport
-
Returns
true
if the specified object can be easily converted to bytes by instances of this class,false
otherwise. - isCachingEnabled() - Method in class org.apache.shiro.realm.CachingRealm
- isCaseSensitive() - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Return true if this resolver produces case sensitive permissions.
- isCompatible(Object) - Static method in class org.apache.shiro.util.ByteSource.Util
-
Returns
true
if the specified object can be easily represented as aByteSource
using theByteSource.Util
's default heuristics,false
otherwise. - isCompatible(Object) - Static method in class org.apache.shiro.util.SimpleByteSource
-
Returns
true
if the specified object is a recognized data type that can be easily converted to bytes by instances of this class,false
otherwise. - isContinued(String) - Static method in class org.apache.shiro.config.Ini.Section
- isCredentialsExpired() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns whether or not the Account's credentials are expired.
- isDeleteInvalidSessions() - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Returns
true
if sessions should be automatically deleted after they are discovered to be invalid,false
if invalid sessions will be manually deleted by some process external to Shiro's control. - isEmpty() - Method in class org.apache.shiro.config.Ini
-
Returns
true
if no sections have been configured, or if there are sections, but the sections themselves are all empty,false
otherwise. - isEmpty() - Method in class org.apache.shiro.config.Ini.Section
- isEmpty() - Method in class org.apache.shiro.crypto.hash.SimpleHash
- isEmpty() - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns
true
if this collection is empty,false
otherwise. - isEmpty() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- isEmpty() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- isEmpty() - Method in interface org.apache.shiro.util.ByteSource
-
Returns
true
if the underlying wrapped byte array is null or empty (zero length),false
otherwise. - isEmpty() - Method in class org.apache.shiro.util.MapContext
- isEmpty() - Method in class org.apache.shiro.util.SimpleByteSource
- isEmpty() - Method in class org.apache.shiro.util.SoftHashMap
- isEmpty() - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- isEmpty(Collection) - Static method in class org.apache.shiro.util.CollectionUtils
- isEmpty(Map) - Static method in class org.apache.shiro.util.CollectionUtils
- isEmpty(PrincipalCollection) - Static method in class org.apache.shiro.util.CollectionUtils
-
Deprecated.Use PrincipalCollection.isEmpty() directly.
- isEnabled() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- isEnabled() - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
- isEnabled() - Method in interface org.apache.shiro.session.mgt.SessionValidationScheduler
-
Returns
true
if this Scheduler is enabled and ready to begin validation at the appropriate time,false
otherwise. - isEnabled() - Method in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- isEnabled() - Method in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
Returns
true
if this filter should generally* execute for any request,false
if it should let the request/response pass through immediately to the next element in theFilterChain
. - isEnabled(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
Returns
true
if this filter should filter the specified request,false
if it should let the request/response pass through immediately to the next element in theFilterChain
. - isEnabled(ServletRequest, ServletResponse, String, Object) - Method in class org.apache.shiro.web.filter.PathMatchingFilter
-
Path-matching version of the parent class's
OncePerRequestFilter.isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
method, but additionally allows for inspection of any path-specific configuration values corresponding to the specified request. - isEncodeable(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
-
Return
true
if the specified URL should be encoded with a session identifier. - isExpired() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Returns true if this session has expired, false otherwise.
- isGenerateInitializationVectors() - Method in class org.apache.shiro.crypto.JcaCipherService
- isGenerateInitializationVectors(boolean) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
-
Overrides the parent implementation to ensure initialization vectors are always generated if streaming is enabled (block ciphers must use initialization vectors if they are to be used as a stream cipher).
- isGenerateInitializationVectors(boolean) - Method in class org.apache.shiro.crypto.JcaCipherService
- isGeneratePublicSalt() - Method in class org.apache.shiro.crypto.hash.DefaultHashService
-
Returns
true
if a public salt should be randomly generated and used to compute a hash if aHashRequest
does not specify a salt,false
otherwise. - isHashSalted() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Deprecated.since Shiro 1.1. Hash salting is now expected to be based on if the
AuthenticationInfo
returned from theRealm
is aSaltedAuthenticationInfo
instance and itsgetCredentialsSalt()
method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if theRealm
does not returnSaltedAuthenticationInfo
instances, but it is highly recommended thatRealm
implementations that support hashed credentials start returningSaltedAuthenticationInfo
instances as soon as possible. This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0. - isHttp(Object) - Static method in class org.apache.shiro.web.util.WebUtils
- isHttpOnly() - Method in interface org.apache.shiro.web.servlet.Cookie
- isHttpOnly() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- isHttpSessionMode() - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- isHttpSessionMode() - Method in interface org.apache.shiro.web.mgt.WebSecurityManager
-
Security information needs to be retained from request to request, so Shiro makes use of a session for this.
- isHttpSessions() - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- isHttpSessions() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- isImplicitlyCreated() - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
NOT PART OF SHIRO'S ACCESSIBLE API.
- isIncludeSubDomains() - Method in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- isIndexedPropertyAssignment(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- isInstanceOf(Class, Object) - Static method in class org.apache.shiro.util.Assert
-
Assert that the provided object is an instance of the provided class.
- isInstanceOf(Class, Object, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that the provided object is an instance of the provided class.
- isIpv4Candidate(String) - Method in class org.apache.shiro.web.filter.authz.HostFilter
- isLocked() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns
true
if this Account is locked and thus cannot be used to login,false
otherwise. - isLoginRequest(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Returns
true
if the incoming request is a login request,false
otherwise. - isLoginSubmission(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
-
This default implementation merely returns
true
if the request is an HTTPPOST
,false
otherwise. - isNew() - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- isNull(Object) - Static method in class org.apache.shiro.util.Assert
-
Assert that an object is
null
. - isNull(Object, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that an object is
null
. - ISO10126 - org.apache.shiro.crypto.PaddingScheme
-
Padding scheme as defined in the W3C's "XML Encryption Syntax and Processing" document, Section 5.2 - Block Encryption Algorithms.
- isPattern(String) - Method in class org.apache.shiro.util.AntPathMatcher
- isPermissive(Object) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
-
Returns
true
if the mappedValue contains theAuthenticatingFilter.PERMISSIVE
qualifier. - isPermitted(String) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject is permitted to perform an action or access a resource summarized by the specified permission string. - isPermitted(String) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(String) - Method in class org.apache.shiro.web.tags.PermissionTag
- isPermitted(String...) - Method in interface org.apache.shiro.subject.Subject
-
Checks if this Subject implies the given permission strings and returns a boolean array indicating which permissions are implied.
- isPermitted(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(List<Permission>) - Method in interface org.apache.shiro.subject.Subject
-
Checks if this Subject implies the given Permissions and returns a boolean array indicating which permissions are implied.
- isPermitted(List<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(List<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(Permission) - Method in class org.apache.shiro.authz.SimpleRole
- isPermitted(Permission) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject is permitted to perform an action or access a resource summarized by the specified permission. - isPermitted(Permission) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermitted(Permission, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, String) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding subject/user is permitted to perform an action or access a resource summarized by the specified permission string.
- isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, String)
returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Checks if the corresponding Subject implies the given permission strings and returns a boolean array indicating which permissions are implied.
- isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermittedAll(org.apache.shiro.subject.PrincipalCollection, String...)
call returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, List<Permission>) - Method in interface org.apache.shiro.authz.Authorizer
-
Checks if the corresponding Subject/user implies the given Permissions and returns a boolean array indicating which permissions are implied.
- isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, List)
call returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, List<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermitted(PrincipalCollection, Permission) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding subject/user is permitted to perform an action or access a resource summarized by the specified permission.
- isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission)
call returnstrue
,false
otherwise. - isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermitted(PrincipalCollection, Permission) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermittedAll(String...) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject implies all of the specified permission strings,false
otherwise. - isPermittedAll(String...) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermittedAll(Collection<Permission>) - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if this Subject implies all of the specified permissions,false
otherwise. - isPermittedAll(Collection<Permission>) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isPermittedAll(Collection<Permission>, AuthorizationInfo) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermittedAll(PrincipalCollection, String...) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user implies all of the specified permission strings, false otherwise.
- isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, String)
call returnstrue
for all of the specified string permissions,false
otherwise. - isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermittedAll(PrincipalCollection, String...) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in interface org.apache.shiro.authz.Authorizer
-
Returns true if the corresponding Subject/user implies all of the specified permissions, false otherwise.
- isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Returns
true
if any of the configured realms'ModularRealmAuthorizer.isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission)
call returnstrue
for all of the specified Permissions,false
otherwise. - isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
- isPermittedAll(PrincipalCollection, Collection<Permission>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- isPoolingConnections(Object) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns
true
if LDAP connection pooling should be used when acquiring a connection based on the specified account principal,false
otherwise. - isPoolingEnabled() - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Returns whether or not connection pooling should be used when possible and appropriate.
- isPostOnlyLogout() - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
-
Due to browser pre-fetching, using a GET requests for logout my cause a user to be logged accidentally, for example: out while typing in an address bar.
- isReference(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- isRemembered() - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if thisSubject
has an identity (it is not anonymous) and the identity (akaprincipals
) is remembered from a successful authentication during a previous session. - isRemembered() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isRememberMe() - Method in interface org.apache.shiro.authc.RememberMeAuthenticationToken
-
Returns
true
if the submitting user wishes their identity (principal(s)) to be remembered across sessions,false
otherwise. - isRememberMe() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns true if the submitting user wishes their identity (principal(s)) to be remembered across sessions, false otherwise.
- isRememberMe() - Method in class org.apache.shiro.cas.CasToken
-
Deprecated.
- isRememberMe(ServletRequest) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
-
Returns
true
if "rememberMe" should be enabled for the login attempt associated with the currentrequest
,false
otherwise. - isRememberMe(ServletRequest) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- isRememberMe(AuthenticationToken) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Determines whether or not remember me services should be performed for the specified token.
- isRequestedSessionIdFromCookie() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- isRequestedSessionIdFromUrl() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- isRequestedSessionIdFromURL() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- isRequestedSessionIdValid() - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- isResourceRef() - Method in class org.apache.shiro.jndi.JndiLocator
-
Return whether the lookup occurs in a J2EE container.
- isRolename(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- isRunAs() - Method in interface org.apache.shiro.subject.Subject
-
Returns
true
if thisSubject
is 'running as' another identity other than its original one orfalse
otherwise (normalSubject
state). - isRunAs() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- isSchemeChar(char) - Static method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
-
Determine if the character is allowed in the scheme of a URI.
- isSectionHeader(String) - Static method in class org.apache.shiro.config.Ini
- isSecure() - Method in class org.apache.shiro.web.jaxrs.ShiroSecurityContext
- isSecure() - Method in interface org.apache.shiro.web.servlet.Cookie
- isSecure() - Method in class org.apache.shiro.web.servlet.SimpleCookie
- isServletContainerSessions() - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
-
This is a native session manager implementation, so this method returns
false
always. - isServletContainerSessions() - Method in class org.apache.shiro.web.session.mgt.ServletContainerSessionManager
-
This implementation always delegates to the servlet container for sessions, so this method returns
true
always. - isServletContainerSessions() - Method in interface org.apache.shiro.web.session.mgt.WebSessionManager
-
Returns
true
if session management and storage is managed by the underlying Servlet container orfalse
if managed by Shiro directly (called 'native' sessions). - isSessionCreationEnabled() - Method in interface org.apache.shiro.subject.SubjectContext
-
Returns
true
if the constructedSubject
should be allowed to create a session,false
otherwise. - isSessionCreationEnabled() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- isSessionCreationEnabled() - Method in class org.apache.shiro.subject.support.DelegatingSubject
-
Returns
true
if this Subject is allowed to create sessions,false
otherwise. - isSessionCreationEnabled() - Method in class org.apache.shiro.web.subject.support.WebDelegatingSubject
-
Returns
true
if session creation is allowed (as determined by the super class's {@link super#isSessionCreationEnabled()} value and no request-specific override has disabled sessions for this subject,false
otherwise. - isSessionIdCookieEnabled() - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- isSessionIdUrlRewritingEnabled() - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- isSessionStorageEnabled() - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
-
Returns
true
if any Subject'sSession
may be used to persist thatSubject
's state,false
otherwise. - isSessionStorageEnabled(Subject) - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
-
This implementation functions as follows: If the specified Subject already has an existing
Session
(typically because an application developer has calledsubject.getSession()
already), Shiro will use that existing session to store subject state. If a Subject does not yet have a Session, this implementation checks thesessionStorageEnabled
property: IfsessionStorageEnabled
is true (the default setting), a new session may be created to persist Subject state if necessary. IfsessionStorageEnabled
isfalse
, a new session will not be created to persist session state. Most applications use Sessions and are OK with the defaulttrue
setting forsessionStorageEnabled
. - isSessionStorageEnabled(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Determines if the subject's session will be used to persist subject state or not.
- isSessionStorageEnabled(Subject) - Method in interface org.apache.shiro.mgt.SessionStorageEvaluator
-
Returns
true
if the specifiedSubject
'ssession
may be used to persist that Subject's state,false
otherwise. - isSessionStorageEnabled(Subject) - Method in class org.apache.shiro.web.mgt.DefaultWebSessionStorageEvaluator
-
Returns
true
if session storage is generally available (as determined by the super class's global configuration propertyDefaultSessionStorageEvaluator.isSessionStorageEnabled()
and no request-specific override has turned off session storage,false
otherwise. - isSessionValidationSchedulerEnabled() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- isShutdown() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- isSingleton() - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Returns
true
always. - isSingleton() - Method in class org.apache.shiro.util.AbstractFactory
- isStaticSecurityManagerEnabled() - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Returns
true
if the constructedsecurityManager
reference should be bound to static memory (viaSecurityUtils.
setSecurityManager
),false
otherwise. - isStopped() - Method in class org.apache.shiro.session.mgt.SimpleSession
- isStoredCredentialsHexEncoded() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns
true
if the system's stored credential hash is Hex encoded,false
if it is Base64 encoded. - issueRedirect(ServletRequest, ServletResponse, String) - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
-
Issues an HTTP redirect to the specified URL after subject logout.
- issueRedirect(ServletRequest, ServletResponse, String) - Static method in class org.apache.shiro.web.util.WebUtils
-
Redirects the current request to a new URL based on the given parameters and default values for unspecified parameters.
- issueRedirect(ServletRequest, ServletResponse, String, Map) - Static method in class org.apache.shiro.web.util.WebUtils
-
Redirects the current request to a new URL based on the given parameters and default values for unspecified parameters.
- issueRedirect(ServletRequest, ServletResponse, String, Map, boolean) - Static method in class org.apache.shiro.web.util.WebUtils
-
Redirects the current request to a new URL based on the given parameters and default values for unspecified parameters.
- issueRedirect(ServletRequest, ServletResponse, String, Map, boolean, boolean) - Static method in class org.apache.shiro.web.util.WebUtils
-
Redirects the current request to a new URL based on the given parameters.
- issueSuccessRedirect(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.AuthenticationFilter
-
Redirects to user to the previously attempted URL after a successful login.
- isTerminated() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- isTimedOut() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Determines if this session is expired.
- isTrue(boolean) - Static method in class org.apache.shiro.util.Assert
-
Assert a boolean expression, throwing
IllegalArgumentException
if the test result isfalse
. - isTrue(boolean, String) - Static method in class org.apache.shiro.util.Assert
-
Assert a boolean expression, throwing
IllegalArgumentException
if the test result isfalse
. - isTrue(ServletRequest, String) - Static method in class org.apache.shiro.web.util.WebUtils
-
Checks to see if a request param is considered true using a loose matching strategy for general values that indicate that something is true or enabled, etc.
- isTypedProperty(Object, String, Class) - Method in class org.apache.shiro.config.ReflectionBuilder
- isUserInRole(String) - Method in class org.apache.shiro.web.jaxrs.ShiroSecurityContext
- isUserInRole(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- isUsername(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
- isValid() - Method in class org.apache.shiro.session.mgt.SimpleSession
- isValid() - Method in interface org.apache.shiro.session.mgt.ValidatingSession
- isValid(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- isValid(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Returns
true
if the associated session is valid (it exists and is not stopped nor expired),false
otherwise. - isWeb(Object) - Static method in class org.apache.shiro.web.util.WebUtils
- iterator() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- iterator() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- iterator() - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
J
- JAVA_13 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.3.x JVM (JDK 1.3).
- JAVA_14 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.4.x JVM (J2SE 1.4).
- JAVA_15 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.5 JVM (Java 5).
- JAVA_16 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.6 JVM (Java 6).
- JAVA_17 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.7 JVM.
- JAVA_18 - Static variable in class org.apache.shiro.util.JavaEnvironment
-
Deprecated.Constant identifying the 1.8 JVM.
- JavaEnvironment - Class in org.apache.shiro.util
-
Deprecated.This class is no longer used in Shiro and will be removed in the next major version.
- JavaEnvironment() - Constructor for class org.apache.shiro.util.JavaEnvironment
-
Deprecated.
- JavaUuidSessionIdGenerator - Class in org.apache.shiro.session.mgt.eis
-
SessionIdGenerator
that generates String values of JDKUUID
's as the session IDs. - JavaUuidSessionIdGenerator() - Constructor for class org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator
- JcaCipherService - Class in org.apache.shiro.crypto
-
Abstract
CipherService
implementation utilizing Java's JCA APIs. - JcaCipherService(String) - Constructor for class org.apache.shiro.crypto.JcaCipherService
-
Creates a new
JcaCipherService
instance which will use the specified cipheralgorithmName
for all encryption, decryption, and key operations. - JdbcRealm - Class in org.apache.shiro.realm.jdbc
-
Realm that allows authentication and authorization via JDBC calls.
- JdbcRealm() - Constructor for class org.apache.shiro.realm.jdbc.JdbcRealm
- JdbcRealm.SaltStyle - Enum in org.apache.shiro.realm.jdbc
-
Password hash salt configuration.
- JdbcUtils - Class in org.apache.shiro.util
-
A set of static helper methods for managing JDBC API objects.
- jetty - Static variable in class org.apache.shiro.testing.web.AbstractContainerIT
- JndiCallback - Interface in org.apache.shiro.jndi
-
Callback interface to be implemented by classes that need to perform an operation (such as a lookup) in a JNDI context.
- JndiLdapContextFactory - Class in org.apache.shiro.realm.ldap
-
LdapContextFactory
implementation using the default Sun/Oracle JNDI Ldap API, utilizing JNDI environment properties and anInitialContext
. - JndiLdapContextFactory() - Constructor for class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Default no-argument constructor that initializes the backing
environment template
with thecontextFactoryClassName
equal tocom.sun.jndi.ldap.LdapCtxFactory
(the Sun/Oracle default) and the defaultreferral
behavior tofollow
. - JndiLdapRealm - Class in org.apache.shiro.realm.ldap
-
Deprecated.Renamed to
DefaultLdapRealm
, this class will be removed prior to 2.0 - JndiLdapRealm() - Constructor for class org.apache.shiro.realm.ldap.JndiLdapRealm
-
Deprecated.
- JndiLocator - Class in org.apache.shiro.jndi
-
Convenient superclass for JNDI accessors, providing "jndiTemplate" and "jndiEnvironment" bean properties.
- JndiLocator() - Constructor for class org.apache.shiro.jndi.JndiLocator
- JndiObjectFactory<T> - Class in org.apache.shiro.jndi
-
A factory implementation intended to be used to look up objects in jndi.
- JndiObjectFactory() - Constructor for class org.apache.shiro.jndi.JndiObjectFactory
- JndiRealmFactory - Class in org.apache.shiro.realm.jndi
-
Looks up one or more Realm instances from JNDI using specified
jndiNames
. - JndiRealmFactory() - Constructor for class org.apache.shiro.realm.jndi.JndiRealmFactory
- JndiTemplate - Class in org.apache.shiro.jndi
-
Helper class that simplifies JNDI operations.
- JndiTemplate() - Constructor for class org.apache.shiro.jndi.JndiTemplate
-
Create a new JndiTemplate instance.
- JndiTemplate(Properties) - Constructor for class org.apache.shiro.jndi.JndiTemplate
-
Create a new JndiTemplate instance, using the given environment.
- join(Iterator<?>, String) - Static method in class org.apache.shiro.util.StringUtils
-
Joins the elements of the provided
Iterator
into a single String containing the provided elements.
K
- keys() - Method in interface org.apache.shiro.cache.Cache
-
Returns a view of all the keys for entries contained in this cache.
- keys() - Method in class org.apache.shiro.cache.ehcache.EhCache
- keys() - Method in class org.apache.shiro.cache.MapCache
- keySet() - Method in class org.apache.shiro.config.Ini
- keySet() - Method in class org.apache.shiro.config.Ini.Section
- keySet() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- keySet() - Method in class org.apache.shiro.util.MapContext
- keySet() - Method in class org.apache.shiro.util.SoftHashMap
L
- LacksPermissionTag - Class in org.apache.shiro.web.tags
- LacksPermissionTag() - Constructor for class org.apache.shiro.web.tags.LacksPermissionTag
- LacksRoleTag - Class in org.apache.shiro.web.tags
- LacksRoleTag() - Constructor for class org.apache.shiro.web.tags.LacksRoleTag
- lastIndexOf(Object) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- LAX - org.apache.shiro.web.servlet.Cookie.SameSiteOptions
-
Cookies are allowed to be sent with top-level navigations and will be sent along with GET requests initiated by third party website.
- LdapContextFactory - Interface in org.apache.shiro.realm.ldap
-
Interface that encapsulates the creation of
LdapContext
objects that are used byDefaultLdapRealm
s to perform authentication attempts and query for authorization data. - LdapUtils - Class in org.apache.shiro.realm.ldap
-
Utility class providing static methods to make working with LDAP easier.
- LdapUtils() - Constructor for class org.apache.shiro.realm.ldap.LdapUtils
- lifecycleBeanPostProcessor() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroBeanAutoConfiguration
- lifecycleBeanPostProcessor() - Method in class org.apache.shiro.spring.config.AbstractShiroBeanConfiguration
- lifecycleBeanPostProcessor() - Method in class org.apache.shiro.spring.config.ShiroBeanConfiguration
- LifecycleBeanPostProcessor - Class in org.apache.shiro.spring
-
Bean post processor for Spring that automatically calls the init() and/or destroy() methods on Shiro objects that implement the
Initializable
orDestroyable
interfaces, respectfully. - LifecycleBeanPostProcessor() - Constructor for class org.apache.shiro.spring.LifecycleBeanPostProcessor
-
Default Constructor.
- LifecycleBeanPostProcessor(int) - Constructor for class org.apache.shiro.spring.LifecycleBeanPostProcessor
-
Constructor with definable
order value
. - LifecycleUtils - Class in org.apache.shiro.util
-
Utility class to help call
Initializable.init()
andDestroyable.destroy()
methods cleanly on any object. - LifecycleUtils() - Constructor for class org.apache.shiro.util.LifecycleUtils
- listIterator() - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- listIterator(int) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- load(InputStream) - Method in class org.apache.shiro.config.Ini
-
Loads the INI-formatted text backed by the given InputStream into this instance.
- load(Reader) - Method in class org.apache.shiro.config.Ini
-
Loads the INI-formatted text backed by the given Reader into this instance.
- load(String) - Method in class org.apache.shiro.config.Ini
-
Loads the specified raw INI-formatted text into this instance.
- load(Scanner) - Method in class org.apache.shiro.config.Ini
-
Loads the INI-formatted text backed by the given Scanner.
- loadDefaultClassPathIni() - Static method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Returns a new Ini instance created from the default
classpath:shiro.ini
file, ornull
if the file does not exist. - loadFromPath(String) - Method in class org.apache.shiro.config.Ini
-
Loads data from the specified resource path into this current
Ini
instance. - loadIniFromConfig() - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- loadIniFromPath() - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.
- LockedAccountException - Exception in org.apache.shiro.authc
-
A special kind of DisabledAccountException, this exception is thrown when attempting to authenticate and the corresponding account has been disabled explicitly due to being locked.
- LockedAccountException() - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Creates a new LockedAccountException.
- LockedAccountException(String) - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Constructs a new LockedAccountException.
- LockedAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Constructs a new LockedAccountException.
- LockedAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.LockedAccountException
-
Constructs a new LockedAccountException.
- log - Static variable in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
- LoggingBeanEventListener - Class in org.apache.shiro.config.event
-
A stock bean listener implementation that logs all BeanEvents as TRACE log statements.
- LoggingBeanEventListener() - Constructor for class org.apache.shiro.config.event.LoggingBeanEventListener
- logical() - Method in annotation type org.apache.shiro.authz.annotation.RequiresPermissions
-
The logical operation for the permission checks in case multiple roles are specified.
- logical() - Method in annotation type org.apache.shiro.authz.annotation.RequiresRoles
-
The logical operation for the permission check in case multiple roles are specified.
- Logical - Enum in org.apache.shiro.authz.annotation
-
An enum for specifying a logical operation that can be used for interpreting authorization annotations
- login(AuthenticationToken) - Method in interface org.apache.shiro.subject.Subject
-
Performs a login attempt for this Subject/user.
- login(AuthenticationToken) - Method in class org.apache.shiro.subject.support.DelegatingSubject
- login(Subject, AuthenticationToken) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
First authenticates the
AuthenticationToken
argument, and if successful, constructs aSubject
instance representing the authenticated account's identity. - login(Subject, AuthenticationToken) - Method in interface org.apache.shiro.mgt.SecurityManager
-
Logs in the specified Subject using the given
authenticationToken
, returning an updated Subject instance reflecting the authenticated state if successful or throwingAuthenticationException
if it is not. - LoginController - Class in org.apache.shiro.samples
- LoginController() - Constructor for class org.apache.shiro.samples.LoginController
- loginTemplate() - Method in class org.apache.shiro.samples.LoginController
- loginUrl - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- logout - org.apache.shiro.web.filter.mgt.DefaultFilter
- logout() - Method in interface org.apache.shiro.subject.Subject
-
Logs out this Subject and invalidates and/or removes any associated entities, such as a
Session
and authorization data. - logout() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- logout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- logout(Subject) - Method in interface org.apache.shiro.mgt.SecurityManager
-
Logs out the specified Subject from the system.
- LOGOUT - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- LogoutAware - Interface in org.apache.shiro.authc
-
An SPI interface allowing cleanup logic to be executed during logout of a previously authenticated Subject/user.
- LogoutFilter - Class in org.apache.shiro.web.filter.authc
-
Simple Filter that, upon receiving a request, will immediately log-out the currently executing
subject
and then redirect them to a configuredredirectUrl
. - LogoutFilter() - Constructor for class org.apache.shiro.web.filter.authc.LogoutFilter
- lookup(String) - Method in class org.apache.shiro.jndi.JndiLocator
-
Perform an actual JNDI lookup for the given name via the JndiTemplate.
- lookup(String) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Look up the object with the given name in the current JNDI context.
- lookup(String, Class) - Method in class org.apache.shiro.jndi.JndiLocator
-
Perform an actual JNDI lookup for the given name via the JndiTemplate.
- lookup(String, Class) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Look up the object with the given name in the current JNDI context.
- lookupHashFormatClass(String) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
- lookupSecurityManager() - Method in class org.apache.shiro.env.DefaultEnvironment
-
Looks up the
SecurityManager
instance in the backing map without performing any non-null guarantees.
M
- main(String[]) - Static method in class org.apache.shiro.samples.CliApp
- main(String[]) - Static method in class org.apache.shiro.samples.WebApp
- main(String[]) - Static method in class org.apache.shiro.tools.hasher.Hasher
- main(String[]) - Static method in class Quickstart
- main(String[]) - Static method in class QuickstartGuice
- MAIN_SECTION_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- manager - Variable in class org.apache.shiro.cache.ehcache.EhCacheManager
-
The EhCache cache manager used by this implementation to create caches.
- MapCache<K,V> - Class in org.apache.shiro.cache
- MapCache(String, Map<K, V>) - Constructor for class org.apache.shiro.cache.MapCache
- MapContext - Class in org.apache.shiro.util
-
A
MapContext
provides a common base for context-based data storage in aMap
. - MapContext() - Constructor for class org.apache.shiro.util.MapContext
- MapContext(Map<String, Object>) - Constructor for class org.apache.shiro.util.MapContext
- match(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
- matches(Method, Class) - Method in class org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor
-
Returns true if the method or the class has any Shiro annotations, false otherwise.
- matches(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
- matches(String, String) - Method in interface org.apache.shiro.util.PatternMatcher
-
Returns
true
if the givensource
matches the specifiedpattern
,false
otherwise. - matches(String, String) - Method in class org.apache.shiro.util.RegExPatternMatcher
-
Simple implementation that merely uses the default pattern comparison logic provided by the JDK.
- matchStart(String, String) - Method in class org.apache.shiro.util.AntPathMatcher
- MAXAGE_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- MCF_PREFIX - Static variable in class org.apache.shiro.crypto.hash.format.Shiro1CryptFormat
- Md2CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Md2CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Md2CredentialsMatcher
-
Deprecated.
- Md2Hash - Class in org.apache.shiro.crypto.hash
-
Generates an MD2 Hash (RFC 1319) from a given input source with an optional salt and hash iterations.
- Md2Hash() - Constructor for class org.apache.shiro.crypto.hash.Md2Hash
- Md2Hash(Object) - Constructor for class org.apache.shiro.crypto.hash.Md2Hash
- Md2Hash(Object, Object) - Constructor for class org.apache.shiro.crypto.hash.Md2Hash
- Md2Hash(Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.Md2Hash
- Md5CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Md5CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Md5CredentialsMatcher
-
Deprecated.
- Md5Hash - Class in org.apache.shiro.crypto.hash
-
Generates an MD5 Hash (RFC 1321) from a given input source with an optional salt and hash iterations.
- Md5Hash() - Constructor for class org.apache.shiro.crypto.hash.Md5Hash
- Md5Hash(Object) - Constructor for class org.apache.shiro.crypto.hash.Md5Hash
- Md5Hash(Object, Object) - Constructor for class org.apache.shiro.crypto.hash.Md5Hash
- Md5Hash(Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.Md5Hash
- MemoryConstrainedCacheManager - Class in org.apache.shiro.cache
-
Simple memory-only based
CacheManager
implementation usable in production environments. - MemoryConstrainedCacheManager() - Constructor for class org.apache.shiro.cache.MemoryConstrainedCacheManager
- MemorySessionDAO - Class in org.apache.shiro.session.mgt.eis
-
Simple memory-based implementation of the SessionDAO that stores all of its sessions in an in-memory
ConcurrentMap
. - MemorySessionDAO() - Constructor for class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- MergableAuthenticationInfo - Interface in org.apache.shiro.authc
-
An extension of the
AuthenticationInfo
interface to be implemented by classes that support merging with otherAuthenticationInfo
instances. - merge(Map<String, Ini.Section>) - Method in class org.apache.shiro.config.Ini
-
Merges the contents of
m
'sIni.Section
objects into self. - merge(AuthenticationInfo) - Method in interface org.apache.shiro.authc.MergableAuthenticationInfo
-
Merges the given
AuthenticationInfo
into this instance. - merge(AuthenticationInfo) - Method in class org.apache.shiro.authc.SimpleAccount
-
Merges the specified
AuthenticationInfo
into thisAccount
. - merge(AuthenticationInfo) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Takes the specified
info
argument and adds its principals and credentials into this instance. - merge(AuthenticationInfo, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.AbstractAuthenticationStrategy
-
Merges the specified
info
argument into theaggregate
argument and then returns an aggregate for continued use throughout the login process. - merge(AuthenticationInfo, AuthenticationInfo) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
-
Returns the specified
aggregate
instance if is non null and valid (that is, has principals and they are not empty) immediately, or, if it is null or not valid, theinfo
argument is returned instead. - mergeAuthenticationState(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Merges the Subject's current authentication state with whatever may be in any available session.
- mergeIni(Ini, Ini) - Method in class org.apache.shiro.web.env.IniWebEnvironment
- mergePrincipals(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Merges the Subject's current
Subject.getPrincipals()
with whatever may be in any available session. - MethodInterceptor - Interface in org.apache.shiro.aop
-
A MethodInterceptor intercepts a MethodInvocation to perform before or after logic (aka 'advice').
- methodInterceptors - Variable in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
The method interceptors to execute for the annotated method.
- MethodInterceptorSupport - Class in org.apache.shiro.aop
-
This class is an abstraction of AOP method interceptor behavior specific to Shiro that leaves AOP implementation specifics to be handled by subclass implementations.
- MethodInterceptorSupport() - Constructor for class org.apache.shiro.aop.MethodInterceptorSupport
-
Default no-argument constructor for subclasses.
- MethodInvocation - Interface in org.apache.shiro.aop
-
3rd-party API independent representation of a method invocation.
- MILLIS_PER_HOUR - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
- MILLIS_PER_HOUR - Static variable in class org.apache.shiro.session.mgt.SimpleSession
- MILLIS_PER_MINUTE - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
- MILLIS_PER_MINUTE - Static variable in class org.apache.shiro.session.mgt.SimpleSession
- MILLIS_PER_SECOND - Static variable in class org.apache.shiro.session.mgt.AbstractSessionManager
- MILLIS_PER_SECOND - Static variable in class org.apache.shiro.session.mgt.SimpleSession
- missingRealm() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- ModularCryptFormat - Interface in org.apache.shiro.crypto.hash.format
-
A
HashFormat
that supports Modular Crypt Format token rules. - ModularRealmAuthenticator - Class in org.apache.shiro.authc.pam
-
A
ModularRealmAuthenticator
delegates account lookups to a pluggable (modular) collection ofRealm
s. - ModularRealmAuthenticator() - Constructor for class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Default no-argument constructor which
enables
anAtLeastOneSuccessfulStrategy
by default. - ModularRealmAuthorizer - Class in org.apache.shiro.authz
-
A ModularRealmAuthorizer is an Authorizer implementation that consults one or more configured
Realm
s during an authorization operation. - ModularRealmAuthorizer() - Constructor for class org.apache.shiro.authz.ModularRealmAuthorizer
-
Default no-argument constructor, does nothing.
- ModularRealmAuthorizer(Collection<Realm>) - Constructor for class org.apache.shiro.authz.ModularRealmAuthorizer
-
Constructor that accepts the
Realm
s to consult during an authorization check. - MutablePrincipalCollection - Interface in org.apache.shiro.subject
-
A
PrincipalCollection
that allows modification. - MutableWebEnvironment - Interface in org.apache.shiro.web.env
-
A
WebEnvironment
that supports 'write' operations operations.
N
- name - Variable in class org.apache.shiro.authz.SimpleRole
- NAME_VALUE_DELIMITER - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- Nameable - Interface in org.apache.shiro.util
-
Interface implemented by components that can be named, such as via configuration, and wish to have that name set once it has been configured.
- NameableFilter - Class in org.apache.shiro.web.servlet
-
Allows a filter to be named via JavaBeans-compatible
NameableFilter.getName()
/NameableFilter.setName(String)
methods. - NameableFilter() - Constructor for class org.apache.shiro.web.servlet.NameableFilter
- NamedFilterList - Interface in org.apache.shiro.web.filter.mgt
- NamedObjectEnvironment - Interface in org.apache.shiro.env
-
An environment that supports object lookup by name.
- NATIVE_SESSION_MODE - Static variable in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
-
Deprecated.
- nativeSessionManager() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- NativeSessionManager - Interface in org.apache.shiro.session.mgt
-
A
Native
session manager is one that manages sessions natively - that is, it is directly responsible for the creation, persistence and removal ofSession
instances and their lifecycles. - newHashFormatInstance(Class) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
- newHashInstance() - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Returns a new, uninitialized instance, without its byte array set.
- newInstance() - Method in enum org.apache.shiro.web.filter.mgt.DefaultFilter
- newInstance(Class) - Static method in class org.apache.shiro.util.ClassUtils
- newInstance(Class, Object...) - Static method in class org.apache.shiro.util.ClassUtils
- newInstance(String) - Static method in class org.apache.shiro.util.ClassUtils
- newInstance(String, Object...) - Static method in class org.apache.shiro.util.ClassUtils
- newSessionInstance(SessionContext) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- newSubjectContextInstance() - Method in class org.apache.shiro.subject.Subject.Builder
-
Creates a new
SubjectContext
instance to be used to populate with subject contextual data that will then be sent to theSecurityManager
to create a newSubject
instance. - newSubjectContextInstance() - Method in class org.apache.shiro.web.subject.WebSubject.Builder
-
Overrides the parent implementation to return a new instance of a
DefaultWebSubjectContext
to account for the additional request/response pair. - newSubjectInstance(PrincipalCollection, boolean, String, Session, ServletRequest, ServletResponse, SecurityManager) - Method in class org.apache.shiro.web.mgt.DefaultWebSubjectFactory
-
Deprecated.since 1.2 - override
DefaultWebSubjectFactory.createSubject(org.apache.shiro.subject.SubjectContext)
directly if you need to instantiate a customSubject
class. - newSubjectInstance(PrincipalCollection, boolean, String, Session, SecurityManager) - Method in class org.apache.shiro.mgt.DefaultSubjectFactory
-
Deprecated.since 1.2 - override
DefaultSubjectFactory.createSubject(org.apache.shiro.subject.SubjectContext)
directly if you need to instantiate a customSubject
class. - nextBytes() - Method in interface org.apache.shiro.crypto.RandomNumberGenerator
-
Generates a byte array of fixed length filled with random data, often useful for generating salts, initialization vectors or other seed data.
- nextBytes() - Method in class org.apache.shiro.crypto.SecureRandomNumberGenerator
- nextBytes(int) - Method in interface org.apache.shiro.crypto.RandomNumberGenerator
-
Generates a byte array of the specified length filled with random data.
- nextBytes(int) - Method in class org.apache.shiro.crypto.SecureRandomNumberGenerator
- NO_SALT - org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
- NO_SESSION_CREATION - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- NONE - org.apache.shiro.crypto.OperationMode
-
No mode.
- NONE - org.apache.shiro.crypto.PaddingScheme
-
No padding.
- NONE - org.apache.shiro.web.servlet.Cookie.SameSiteOptions
-
Cookies will be sent in all contexts, i.e sending cross-origin is allowed.
- noNullElements(Object[]) - Static method in class org.apache.shiro.util.Assert
-
Assert that an array has no null elements.
- noNullElements(Object[], String) - Static method in class org.apache.shiro.util.Assert
-
Assert that an array has no null elements.
- NoRealmBeanConfiguredException - Exception in org.apache.shiro.spring.boot.autoconfigure.exception
-
This exception should be thrown if not bean of type
Realm
found. - NoRealmBeanConfiguredException() - Constructor for exception org.apache.shiro.spring.boot.autoconfigure.exception.NoRealmBeanConfiguredException
- normalize(String) - Static method in class org.apache.shiro.web.util.WebUtils
-
Normalize a relative URI path that may have relative values ("/./", "/../", and so on ) it it.
- noSessionCreation - org.apache.shiro.web.filter.mgt.DefaultFilter
- NoSessionCreationFilter - Class in org.apache.shiro.web.filter.session
-
A
PathMatchingFilter
that will disable creating new Sessions during the request. - NoSessionCreationFilter() - Constructor for class org.apache.shiro.web.filter.session.NoSessionCreationFilter
- NotAuthenticatedTag - Class in org.apache.shiro.web.tags
-
JSP tag that renders the tag body only if the current user has not executed a successful authentication attempt during their current session.
- NotAuthenticatedTag() - Constructor for class org.apache.shiro.web.tags.NotAuthenticatedTag
- notEmpty(Object[]) - Static method in class org.apache.shiro.util.Assert
-
Assert that an array has elements; that is, it must not be
null
and must have at least one element. - notEmpty(Object[], String) - Static method in class org.apache.shiro.util.Assert
-
Assert that an array has elements; that is, it must not be
null
and must have at least one element. - notEmpty(Collection) - Static method in class org.apache.shiro.util.Assert
-
Assert that a collection has elements; that is, it must not be
null
and must have at least one element. - notEmpty(Collection, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that a collection has elements; that is, it must not be
null
and must have at least one element. - notEmpty(Map) - Static method in class org.apache.shiro.util.Assert
-
Assert that a Map has entries; that is, it must not be
null
and must have at least one entry. - notEmpty(Map, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that a Map has entries; that is, it must not be
null
and must have at least one entry. - notifyExpiration(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- notifyFailure(AuthenticationToken, AuthenticationException) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Notifies any registered
AuthenticationListener
s that authentication failed for the specifiedtoken
which resulted in the specifiedae
exception. - notifyLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Notifies any registered
AuthenticationListener
s that aSubject
has logged-out. - notifyStart(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Notifies any interested
SessionListener
s that a Session has started. - notifyStop(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- notifySuccess(AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Notifies any registered
AuthenticationListener
s that authentication was successful for the specifiedtoken
which resulted in the specifiedinfo
. - notNull(Object) - Static method in class org.apache.shiro.util.Assert
-
Assert that an object is not
null
. - notNull(Object, String) - Static method in class org.apache.shiro.util.Assert
-
Assert that an object is not
null
. - nullSafePut(String, Object) - Method in class org.apache.shiro.util.MapContext
-
Places a value in this context map under the given key only if the given
value
argument is not null.
O
- OAEP - org.apache.shiro.crypto.PaddingScheme
-
Optimal Asymmetric Encryption Padding defined in RSA's PKSC#1 standard (aka RFC 3447).
- OAEPWithMd5AndMgf1 - org.apache.shiro.crypto.PaddingScheme
-
Optimal Asymmetric Encryption Padding with
MD5
message digest andMGF1
mask generation function. - OAEPWithSha1AndMgf1 - org.apache.shiro.crypto.PaddingScheme
-
Optimal Asymmetric Encryption Padding with
SHA-1
message digest andMGF1
mask generation function. - OAEPWithSha256AndMgf1 - org.apache.shiro.crypto.PaddingScheme
-
Optimal Asymmetric Encryption Padding with
SHA-256
message digest andMGF1
mask generation function. - OAEPWithSha384AndMgf1 - org.apache.shiro.crypto.PaddingScheme
-
Optimal Asymmetric Encryption Padding with
SHA-384
message digest andMGF1
mask generation function. - OAEPWithSha512AndMgf1 - org.apache.shiro.crypto.PaddingScheme
-
Optimal Asymmetric Encryption Padding with
SHA-512
message digest andMGF1
mask generation function. - objectPermissions - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Collection of all object-based permissions associated with the account.
- objects - Variable in class org.apache.shiro.env.DefaultEnvironment
- objectToBytes(Object) - Method in class org.apache.shiro.codec.CodecSupport
-
Default implementation throws a CodecException immediately since it can't infer how to convert the Object to a byte array.
- objectToString(Object) - Method in class org.apache.shiro.codec.CodecSupport
-
Default implementation merely returns
objectArgument.toString()
. - OCB - org.apache.shiro.crypto.OperationMode
-
Offset Codebook mode*.
- OFB - org.apache.shiro.crypto.OperationMode
-
Output Feedback mode, defined in FIPS PUB 81.
- onAccessDenied(ServletRequest, ServletResponse) - Method in class org.apache.shiro.cas.CasFilter
-
Deprecated.Execute login by creating
token
and logging subject with this token. - onAccessDenied(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Processes requests where the subject was denied access as determined by the
isAccessAllowed
method. - onAccessDenied(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- onAccessDenied(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
- onAccessDenied(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.UserFilter
-
This default implementation simply calls
saveRequestAndRedirectToLogin
and then immediately returnsfalse
, thereby preventing the chain from continuing so the redirect may execute. - onAccessDenied(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authz.AuthorizationFilter
-
Handles the response when access has been denied.
- onAccessDenied(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- onAccessDenied(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Processes requests where the subject was denied access as determined by the
isAccessAllowed
method, retaining themappedValue
that was used during configuration. - onAccessDenied(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authz.PortFilter
-
Redirects the request to the same exact incoming URL, but with the port listed in the filter's configuration.
- OncePerRequestFilter - Class in org.apache.shiro.web.servlet
-
Filter base class that guarantees to be just executed once per request, on any servlet container.
- OncePerRequestFilter() - Constructor for class org.apache.shiro.web.servlet.OncePerRequestFilter
- onChange(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- onChange(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- onDoStartTag() - Method in class org.apache.shiro.web.tags.AuthenticatedTag
- onDoStartTag() - Method in class org.apache.shiro.web.tags.GuestTag
- onDoStartTag() - Method in class org.apache.shiro.web.tags.NotAuthenticatedTag
- onDoStartTag() - Method in class org.apache.shiro.web.tags.PermissionTag
- onDoStartTag() - Method in class org.apache.shiro.web.tags.PrincipalTag
- onDoStartTag() - Method in class org.apache.shiro.web.tags.RoleTag
- onDoStartTag() - Method in class org.apache.shiro.web.tags.SecureTag
- onDoStartTag() - Method in class org.apache.shiro.web.tags.UserTag
- ONE_YEAR - Static variable in interface org.apache.shiro.web.servlet.Cookie
-
The number of seconds in one year (= 60 * 60 * 24 * 365).
- oneByType(Class<T>) - Method in interface org.apache.shiro.subject.PrincipalCollection
-
Returns the first discovered principal assignable from the specified type, or
null
if there are none of the specified type. - oneByType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalCollection
- oneByType(Class<T>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- onEquals(SimpleSession) - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Provides an attribute-based comparison (no ID comparison) - incurred only when 'this' or the session object being compared for equality do not have a session id.
- onEvent(Object) - Method in interface org.apache.shiro.event.support.EventListener
-
Handles the specified event.
- onEvent(Object) - Method in class org.apache.shiro.event.support.SingleArgumentMethodEventListener
- onEvent(BeanEvent) - Method in class org.apache.shiro.config.event.LoggingBeanEventListener
- onExpiration(Session) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- onExpiration(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- onExpiration(Session) - Method in interface org.apache.shiro.session.SessionListener
-
Notification callback that occurs when the corresponding Session has expired.
- onExpiration(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter
-
Adapter no-op implementation - does nothing and returns immediately.
- onExpiration(Session, ExpiredSessionException, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- onExpiration(Session, ExpiredSessionException, SessionKey) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- onFailedLogin(AuthenticationToken, AuthenticationException, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- onFailedLogin(Subject, AuthenticationToken, AuthenticationException) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Reacts to a failed login by immediately
forgetting
any previously remembered identity. - onFailedLogin(Subject, AuthenticationToken, AuthenticationException) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Reacts to a failed authentication attempt, typically by forgetting any previously remembered principals for the Subject.
- onFailure(AuthenticationToken, AuthenticationException) - Method in interface org.apache.shiro.authc.AuthenticationListener
-
Callback triggered when an authentication attempt for a
Subject
has failed. - onFilterConfigSet() - Method in class org.apache.shiro.web.servlet.AbstractFilter
-
Template method to be overridden by subclasses to perform initialization logic at start-up.
- onFilterConfigSet() - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- onInit() - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- onInit() - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Template method for subclasses to implement any initialization logic.
- onInit() - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Initializes this realm and potentially enables a cache, depending on configuration.
- onInit() - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- onInit() - Method in class org.apache.shiro.realm.text.IniRealm
- onInit() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- onInit() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
-
Will call 'processDefinitions' on startup.
- onInvalidation(Session, InvalidSessionException, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- onInvalidation(Session, InvalidSessionException, SessionKey) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- onLoginFailure(AuthenticationToken, AuthenticationException, ServletRequest, ServletResponse) - Method in class org.apache.shiro.cas.CasFilter
-
Deprecated.If login has failed, redirect user to the CAS error page (no ticket or ticket validation failed) except if the user is already authenticated, in which case redirect to the default success url.
- onLoginFailure(AuthenticationToken, AuthenticationException, ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- onLoginFailure(AuthenticationToken, AuthenticationException, ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- onLoginSuccess(AuthenticationToken, Subject, ServletRequest, ServletResponse) - Method in class org.apache.shiro.cas.CasFilter
-
Deprecated.If login has been successful, redirect user to the original protected url.
- onLoginSuccess(AuthenticationToken, Subject, ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- onLoginSuccess(AuthenticationToken, Subject, ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- onLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
This implementation merely calls
notifyLogout
to allow any registered listeners to react to the logout. - onLogout(PrincipalCollection) - Method in interface org.apache.shiro.authc.AuthenticationListener
-
Callback triggered when a
Subject
logs-out of the system. - onLogout(PrincipalCollection) - Method in interface org.apache.shiro.authc.LogoutAware
-
Callback triggered when a
Subject
logs out of the system. - onLogout(PrincipalCollection) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
First calls
super.onLogout(principals)
to ensure a logout notification is issued, and for each wrappedRealm
that implements theLogoutAware
interface, calls((LogoutAware)realm).onLogout(principals)
to allow each realm the opportunity to perform logout/cleanup operations during an user-logout. - onLogout(PrincipalCollection) - Method in class org.apache.shiro.realm.CachingRealm
-
If caching is enabled, this will clear any cached data associated with the specified account identity.
- onLogout(Subject) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Reacts to a subject logging out of the application and immediately
forgets
any previously stored identity and returns. - onLogout(Subject) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Reacts to a Subject logging out of the application, typically by forgetting any previously remembered principals for the Subject.
- onLogoutRequestNotAPost(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
-
This method is called when
postOnlyLogout
istrue
, and the request was NOT aPOST
. - onPreHandle(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Returns
true
ifisAccessAllowed(Request,Response,Object)
, otherwise returns the result ofonAccessDenied(Request,Response,Object)
. - onPreHandle(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.authc.AnonymousFilter
-
Always returns
true
allowing unchecked access to the underlying path or resource. - onPreHandle(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.PathMatchingFilter
-
This default implementation always returns
true
and should be overridden by subclasses for custom logic if necessary. - onPreHandle(ServletRequest, ServletResponse, Object) - Method in class org.apache.shiro.web.filter.session.NoSessionCreationFilter
- onRememberedPrincipalFailure(RuntimeException, SubjectContext) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Called when an exception is thrown while trying to retrieve principals.
- onStart(Session) - Method in interface org.apache.shiro.session.SessionListener
-
Notification callback that occurs when the corresponding Session has started.
- onStart(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter
-
Adapter no-op implementation - does nothing and returns immediately.
- onStart(Session, SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Template method that allows subclasses to react to a new session being created.
- onStart(Session, SessionContext) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
-
Stores the Session's ID, usually as a Cookie, to associate with future requests.
- onStop(Session) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- onStop(Session) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- onStop(Session) - Method in interface org.apache.shiro.session.SessionListener
-
Notification callback that occurs when the corresponding Session has stopped, either programmatically via
Session.stop()
or automatically upon a subject logging out. - onStop(Session) - Method in class org.apache.shiro.session.SessionListenerAdapter
-
Adapter no-op implementation - does nothing and returns immediately.
- onStop(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- onStop(Session, SessionKey) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- onSuccess(AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.authc.AuthenticationListener
-
Callback triggered when an authentication attempt for a
Subject
has succeeded. - onSuccessfulLogin(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- onSuccessfulLogin(Subject, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Reacts to the successful login attempt by first always
forgetting
any previously stored identity. - onSuccessfulLogin(Subject, AuthenticationToken, AuthenticationInfo) - Method in interface org.apache.shiro.mgt.RememberMeManager
-
Reacts to a successful authentication attempt, typically saving the principals to be retrieved ('remembered') for future system access.
- OperationMode - Enum in org.apache.shiro.crypto
-
A cipher mode of operation directs a cipher algorithm how to convert data during the encryption or decryption process.
- OR - org.apache.shiro.authz.annotation.Logical
- org.apache.shiro - package org.apache.shiro
-
This package primarily exists as a root classpath distinction, but it does contain two core classes widely used by applications,
SecurityUtils
andShiroException
. - org.apache.shiro.aop - package org.apache.shiro.aop
-
Components used to support the framework's AOP/interception support classes.
- org.apache.shiro.aspectj - package org.apache.shiro.aspectj
-
AspectJ support for enabling dynamic authorization using Shiro's annotations.
- org.apache.shiro.authc - package org.apache.shiro.authc
-
Core interfaces and exceptions concerning Authentication (the act of logging-in).
- org.apache.shiro.authc.credential - package org.apache.shiro.authc.credential
-
Support for validating credentials (such as passwords or X509 certificates) during authentication via the
CredentialsMatcher
interface and its supporting implementations. - org.apache.shiro.authc.pam - package org.apache.shiro.authc.pam
-
Support for PAM, or Pluggable Authentication Modules, which is the capability to authenticate a user against multiple configurable (pluggable) modules (Shiro calls these
Realm
s). - org.apache.shiro.authz - package org.apache.shiro.authz
-
Core interfaces and exceptions supporting Authorization (access control).
- org.apache.shiro.authz.annotation - package org.apache.shiro.authz.annotation
-
Annotations used to restrict which classes, instances, or methods may be accessed or invoked depending on the caller's access abilities or authentication state.
- org.apache.shiro.authz.aop - package org.apache.shiro.authz.aop
-
Contains AOP implementation support classes specifically used for authorization operations, particularly supporting AOP Method Interceptors and JSR-175 metadata Annotations.
- org.apache.shiro.authz.permission - package org.apache.shiro.authz.permission
-
Support and default implementations for Shiro's
Permission
interface. - org.apache.shiro.cache - package org.apache.shiro.cache
-
Caching support used to enhance performance for security operations.
- org.apache.shiro.cache.ehcache - package org.apache.shiro.cache.ehcache
-
Ehcache-based implementations of Shiro's cache interfaces.
- org.apache.shiro.cas - package org.apache.shiro.cas
- org.apache.shiro.codec - package org.apache.shiro.codec
-
Components for encoding and decoding of data across multiple formats, especially useful in Shiro's cryptography and web functionality.
- org.apache.shiro.concurrent - package org.apache.shiro.concurrent
-
Executor
,ExecutorService
, andScheduledExecutorService
implementations for transparentSubject
association with threads in an asynchronous execution environment. - org.apache.shiro.config - package org.apache.shiro.config
-
Components that support configuring Shiro in any application.
- org.apache.shiro.config.event - package org.apache.shiro.config.event
- org.apache.shiro.crypto - package org.apache.shiro.crypto
-
Cryptography Cipher and Hashing components that greatly simplify the JDK's cryptography concepts and add additional convenient behavior.
- org.apache.shiro.crypto.hash - package org.apache.shiro.crypto.hash
-
Cryptographic Hashing components that greatly simplify one-way data hashing in an application.
- org.apache.shiro.crypto.hash.format - package org.apache.shiro.crypto.hash.format
- org.apache.shiro.dao - package org.apache.shiro.dao
-
Package containing various components useful when building Data Access Objects (DAOs), including a generic Data Access Exception hierarchy.
- org.apache.shiro.env - package org.apache.shiro.env
-
Concepts used to represent Shiro's aggregate state in an application.
- org.apache.shiro.event - package org.apache.shiro.event
- org.apache.shiro.event.support - package org.apache.shiro.event.support
- org.apache.shiro.guice - package org.apache.shiro.guice
- org.apache.shiro.guice.aop - package org.apache.shiro.guice.aop
- org.apache.shiro.guice.web - package org.apache.shiro.guice.web
- org.apache.shiro.hazelcast.cache - package org.apache.shiro.hazelcast.cache
- org.apache.shiro.io - package org.apache.shiro.io
-
Support for reading and writing (input/output) raw data from multiple resource locations.
- org.apache.shiro.jndi - package org.apache.shiro.jndi
-
Enables accessing objects located in JNDI that might be useful when configuring a Shiro-enabled application.
- org.apache.shiro.ldap - package org.apache.shiro.ldap
- org.apache.shiro.mgt - package org.apache.shiro.mgt
-
Provides the master
SecurityManager
interface and a default implementation hierarchy for managing all aspects of Shiro's functionality in an application. - org.apache.shiro.realm - package org.apache.shiro.realm
-
Components and sub-packages used in supporting the core
Realm
interface. - org.apache.shiro.realm.activedirectory - package org.apache.shiro.realm.activedirectory
-
Realms that acquire security data from a Microsoft Active Directory.
- org.apache.shiro.realm.jdbc - package org.apache.shiro.realm.jdbc
-
Realms that acquire security data from an RDBMS (Relational Database Management System) using the JDBC API.
- org.apache.shiro.realm.jndi - package org.apache.shiro.realm.jndi
-
Support for acquiring Realms from JNDI, particularly useful for configuring Shiro in JEE or EJB environments.
- org.apache.shiro.realm.ldap - package org.apache.shiro.realm.ldap
-
Realms that acquire security data from an LDAP (Lightweight Directory Access Protocol) server utilizing LDAP/Naming APIs.
- org.apache.shiro.realm.text - package org.apache.shiro.realm.text
-
Realms that acquire security data from text-based data sources such as
File
s or text streams. - org.apache.shiro.samples - package org.apache.shiro.samples
- org.apache.shiro.session - package org.apache.shiro.session
-
Components related to managing sessions, the time-based data contexts in which a Subject interacts with an application.
- org.apache.shiro.session.mgt - package org.apache.shiro.session.mgt
-
SessionManager
components supporting enterprise session management. - org.apache.shiro.session.mgt.eis - package org.apache.shiro.session.mgt.eis
-
EIS (Enterprise Information System)-tier components that can perform CRUD operations for sessions using any EIS API.
- org.apache.shiro.session.mgt.quartz - package org.apache.shiro.session.mgt.quartz
-
Quartz-based implementations of components that help SessionManager implementations maintain sessions (timed expiration, orphan cleanup, etc).
- org.apache.shiro.spring - package org.apache.shiro.spring
-
Spring Application Framework support for enabling Shiro in spring applications.
- org.apache.shiro.spring.aop - package org.apache.shiro.spring.aop
- org.apache.shiro.spring.boot.autoconfigure - package org.apache.shiro.spring.boot.autoconfigure
- org.apache.shiro.spring.boot.autoconfigure.exception - package org.apache.shiro.spring.boot.autoconfigure.exception
- org.apache.shiro.spring.config - package org.apache.shiro.spring.config
- org.apache.shiro.spring.config.web.autoconfigure - package org.apache.shiro.spring.config.web.autoconfigure
- org.apache.shiro.spring.remoting - package org.apache.shiro.spring.remoting
-
Support to enable Spring-based remote method invocations to carry a Shiro session ID as part of the invocation payload, allowing remote clients to perform security operations.
- org.apache.shiro.spring.security.interceptor - package org.apache.shiro.spring.security.interceptor
-
Spring AOP support for enabling Shiro annotations in Spring-configured applications.
- org.apache.shiro.spring.web - package org.apache.shiro.spring.web
-
Spring-specific components for use in Spring-based web applications.
- org.apache.shiro.spring.web.config - package org.apache.shiro.spring.web.config
- org.apache.shiro.subject - package org.apache.shiro.subject
-
Components supporting the
Subject
interface, the most important concept in Shiro's API. - org.apache.shiro.subject.support - package org.apache.shiro.subject.support
-
Concrete support implementations of most of the
org.apache.shiro.subject
interfaces. - org.apache.shiro.testing.web - package org.apache.shiro.testing.web
- org.apache.shiro.tools.hasher - package org.apache.shiro.tools.hasher
- org.apache.shiro.util - package org.apache.shiro.util
-
Your run-of-the-mill 'util' package for components and logic widely used across the framework that can't find their home into a proper OO hierarchy (or, most likely for things used across many hierarchies).
- org.apache.shiro.web - package org.apache.shiro.web
-
Shiro's web support module to support security in any web-enabled application.
- org.apache.shiro.web.config - package org.apache.shiro.web.config
-
Web-specific implementation extensions to the
org.apache.shiro.config
components. - org.apache.shiro.web.env - package org.apache.shiro.web.env
-
Web-specific
Environment
implementation and support. - org.apache.shiro.web.filter - package org.apache.shiro.web.filter
-
Base package supporting all Servlet
Filter
implementations used to control access to web pages and URL resources. - org.apache.shiro.web.filter.authc - package org.apache.shiro.web.filter.authc
-
Servlet
Filter
implementations specific to controlling access based on a subject's authentication status, or those that can execute authentications (log-ins) directly. - org.apache.shiro.web.filter.authz - package org.apache.shiro.web.filter.authz
-
Servlet
Filter
implementations that perform authorization (access control) checks based on the Subject's abilities (for example, role or permission checks). - org.apache.shiro.web.filter.mgt - package org.apache.shiro.web.filter.mgt
-
The filter 'mgt' (management) package contains components used in managing Filters that are available for filter chain construction, the filter chains themselves, as well as resolving filter chains based by name.
- org.apache.shiro.web.filter.session - package org.apache.shiro.web.filter.session
- org.apache.shiro.web.jaxrs - package org.apache.shiro.web.jaxrs
- org.apache.shiro.web.mgt - package org.apache.shiro.web.mgt
-
Components supporting web-specific
SecurityManager
implementations. - org.apache.shiro.web.servlet - package org.apache.shiro.web.servlet
-
Shiro-specific implementations of the Servlet API (Servlet Filters, et al).
- org.apache.shiro.web.session - package org.apache.shiro.web.session
-
Components supporting Session management in web-enabled applications.
- org.apache.shiro.web.session.mgt - package org.apache.shiro.web.session.mgt
- org.apache.shiro.web.subject - package org.apache.shiro.web.subject
-
Web-specific
Subject
interfaces to enableSubject
use in web environments. - org.apache.shiro.web.subject.support - package org.apache.shiro.web.subject.support
-
Supporting implementations of
org.apache.shiro.web.subject
package interfaces. - org.apache.shiro.web.tags - package org.apache.shiro.web.tags
-
Provides the Shiro JSP Tag Library implementations.
- org.apache.shiro.web.util - package org.apache.shiro.web.util
P
- PaddingScheme - Enum in org.apache.shiro.crypto
-
A
CipherPaddingScheme
represents well-known padding schemes supported by JPA providers in a type-safe manner. - ParsableHashFormat - Interface in org.apache.shiro.crypto.hash.format
-
A
ParsableHashFormat
is able to parse a formatted string and convert it into aHash
instance. - parse(String) - Method in interface org.apache.shiro.crypto.hash.format.ParsableHashFormat
-
Parses the specified formatted string and returns the corresponding Hash instance.
- parse(String) - Method in class org.apache.shiro.crypto.hash.format.Shiro1CryptFormat
- parseConfig() - Method in class org.apache.shiro.web.env.IniWebEnvironment
-
Loads configuration
Ini
fromResourceBasedWebEnvironment.getConfigLocations()
if set, otherwise falling back to theIniWebEnvironment.getDefaultConfigLocations()
. - PART_DIVIDER_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- PassThruAuthenticationFilter - Class in org.apache.shiro.web.filter.authc
-
An authentication filter that redirects the user to the login page when they are trying to access a protected resource.
- PassThruAuthenticationFilter() - Constructor for class org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
- PasswordMatcher - Class in org.apache.shiro.authc.credential
-
A
CredentialsMatcher
that employs best-practices comparisons for hashed text passwords. - PasswordMatcher() - Constructor for class org.apache.shiro.authc.credential.PasswordMatcher
- PasswordService - Interface in org.apache.shiro.authc.credential
-
A
PasswordService
supports common use cases when using passwords as a credentials mechanism. - passwordsMatch(Object, String) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- passwordsMatch(Object, String) - Method in interface org.apache.shiro.authc.credential.PasswordService
-
Returns
true
if thesubmittedPlaintext
password matches the existingsaved
password,false
otherwise. - passwordsMatch(Object, Hash) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- passwordsMatch(Object, Hash) - Method in interface org.apache.shiro.authc.credential.HashingPasswordService
-
Returns
true
if thesubmittedPlaintext
password matches the existingsavedPasswordHash
,false
otherwise. - PATH_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- PathConfigProcessor - Interface in org.apache.shiro.web.filter
-
A PathConfigProcessor processes configuration entries on a per path (url) basis.
- pathMatcher - Variable in class org.apache.shiro.web.filter.PathMatchingFilter
-
PatternMatcher used in determining which paths to react to for a given request.
- pathMatches(String, String) - Method in class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
-
Returns
true
if an incoming request path (thepath
argument) matches a configured filter chain path (thepattern
argument),false
otherwise. - PathMatchingFilter - Class in org.apache.shiro.web.filter
-
Base class for Filters that will process only specified paths and allow all others to pass through.
- PathMatchingFilter() - Constructor for class org.apache.shiro.web.filter.PathMatchingFilter
- PathMatchingFilterChainResolver - Class in org.apache.shiro.web.filter.mgt
-
A
FilterChainResolver
that resolvesFilterChain
s based on url path matching, as determined by a configurablePathMatcher
. - PathMatchingFilterChainResolver() - Constructor for class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
- PathMatchingFilterChainResolver(FilterConfig) - Constructor for class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
- pathsMatch(String, String) - Method in class org.apache.shiro.web.filter.PathMatchingFilter
-
Returns
true
if thepath
matches the specifiedpattern
string,false
otherwise. - pathsMatch(String, ServletRequest) - Method in class org.apache.shiro.web.filter.PathMatchingFilter
-
Returns
true
if the incomingrequest
matches the specifiedpath
pattern,false
otherwise. - PatternMatcher - Interface in org.apache.shiro.util
-
Interface for components that can match source strings against a specified pattern string.
- PCBC - org.apache.shiro.crypto.OperationMode
- performBeforeInterception(JoinPoint) - Method in class org.apache.shiro.aspectj.AspectjAnnotationsAuthorizingMethodInterceptor
-
Performs the method interception of the before advice at the specified joint point.
- Permission - Interface in org.apache.shiro.authz
-
A Permission represents the ability to perform an action or access a resource.
- PermissionAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresPermissions
annotation is declared, and if so, performs a permission check to see if the callingSubject
is allowed continued access. - PermissionAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationHandler
-
Default no-argument constructor that ensures this handler looks for
RequiresPermissions
annotations. - PermissionAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresPermissions
annotation is declared, and if so, performs a permission check to see if the callingSubject
is allowed to call the method. - PermissionAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresPermissions
annotations in a method declaration. - PermissionAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.PermissionAnnotationMethodInterceptor
- permissionResolver - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer
-
A PermissionResolver to be used by all configured realms.
- permissionResolver - Variable in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- PermissionResolver - Interface in org.apache.shiro.authz.permission
-
A
PermisisonResolver
resolves a String value and converts it into aPermission
instance. - PermissionResolverAware - Interface in org.apache.shiro.authz.permission
-
Interface implemented by a component that wishes to use any application-configured PermissionResolver that might already exist instead of potentially creating one itself.
- permissions - Variable in class org.apache.shiro.authz.SimpleRole
- PermissionsAuthorizationFilter - Class in org.apache.shiro.web.filter.authz
-
Filter that allows access if the current user has the permissions specified by the mapped value, or denies access if the user does not have all of the permissions specified.
- PermissionsAuthorizationFilter() - Constructor for class org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter
- permissionsLookupEnabled - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- permissionsQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- PermissionTag - Class in org.apache.shiro.web.tags
- PermissionTag() - Constructor for class org.apache.shiro.web.tags.PermissionTag
- PermissionUtils - Class in org.apache.shiro.util
-
Utility class to help with String-to-Permission object resolution.
- PermissionUtils() - Constructor for class org.apache.shiro.util.PermissionUtils
- PERMISSIVE - Static variable in class org.apache.shiro.web.filter.authc.AuthenticatingFilter
- perms - org.apache.shiro.web.filter.mgt.DefaultFilter
- PERMS - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- PKCS1 - org.apache.shiro.crypto.PaddingScheme
- PKCS5 - org.apache.shiro.crypto.PaddingScheme
-
Padding scheme defined in RSA's Password-Based Cryptography Standard.
- port - org.apache.shiro.web.filter.mgt.DefaultFilter
- PORT - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- PortFilter - Class in org.apache.shiro.web.filter.authz
-
A Filter that requires the request to be on a specific port, and if not, redirects to the same URL on that port.
- PortFilter() - Constructor for class org.apache.shiro.web.filter.authz.PortFilter
- POST_METHOD - Static variable in class org.apache.shiro.web.filter.AccessControlFilter
-
Constant representing the HTTP 'POST' request method, equal to
POST
. - postHandle(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authz.SslFilter
-
If HTTP Strict Transport Security (HSTS) is enabled the HTTP header will be written, otherwise this method does nothing.
- postHandle(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.servlet.AdviceFilter
-
Allows 'post' advice logic to be called, but only if no exception occurs during filter chain execution.
- postProcessAfterInitialization(Object, String) - Method in class org.apache.shiro.spring.LifecycleBeanPostProcessor
-
Does nothing - merely returns the object argument immediately.
- postProcessAfterInitialization(Object, String) - Method in class org.apache.shiro.spring.ShiroEventBusBeanPostProcessor
- postProcessAfterInitialization(Object, String) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Does nothing - only exists to satisfy the BeanPostProcessor interface and immediately returns the
bean
argument. - postProcessBeforeDestruction(Object, String) - Method in class org.apache.shiro.spring.LifecycleBeanPostProcessor
-
Calls the destroy() methods on the bean if it implements
Destroyable
- postProcessBeforeInitialization(Object, String) - Method in class org.apache.shiro.spring.LifecycleBeanPostProcessor
-
Calls the init() methods on the bean if it implements
Initializable
- postProcessBeforeInitialization(Object, String) - Method in class org.apache.shiro.spring.ShiroEventBusBeanPostProcessor
- postProcessBeforeInitialization(Object, String) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Inspects a bean, and if it implements the
Filter
interface, automatically adds that filter instance to the internalfilters map
that will be referenced later during filter chain construction. - PREFERRED_ENCODING - Static variable in class org.apache.shiro.codec.CodecSupport
-
Shiro's default preferred character encoding, equal to
UTF-8
. - preHandle(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
-
Acquires the currently executing
subject
, a potentially Subject or request-specificredirectUrl
, and redirects the end-user to that redirect url. - preHandle(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.PathMatchingFilter
-
Implementation that handles path-matching behavior before a request is evaluated.
- preHandle(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.servlet.AdviceFilter
-
Returns
true
if the filter chain should be allowed to continue,false
otherwise. - prepareServletRequest(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Prepares the
ServletRequest
instance that will be passed to theFilterChain
for request processing. - prepareServletResponse(ServletRequest, ServletResponse, FilterChain) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Prepares the
ServletResponse
instance that will be passed to theFilterChain
for request processing. - PrincipalCollection - Interface in org.apache.shiro.subject
-
A collection of all principals associated with a corresponding
Subject
. - PrincipalMap - Interface in org.apache.shiro.subject
-
EXPERIMENTAL - DO NOT USE YET
- principals - Variable in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
The principals identifying the account associated with this AuthenticationInfo instance.
- principals - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- principals(PrincipalCollection) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will reflect the specified principals (aka identity). - PRINCIPALS_SESSION_KEY - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext
-
The session key that is used to store subject principals.
- principalSuffix - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- principalSuffix - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- PrincipalTag - Class in org.apache.shiro.web.tags
-
Tag used to print out the String value of a user's default principal, or a specific principal as specified by the tag's attributes.
- PrincipalTag() - Constructor for class org.apache.shiro.web.tags.PrincipalTag
- PRIVATE_CLASS_A_REGEX - Static variable in class org.apache.shiro.web.filter.authz.HostFilter
- PRIVATE_CLASS_B_REGEX - Static variable in class org.apache.shiro.web.filter.authz.HostFilter
- PRIVATE_CLASS_B_SUBSET - Static variable in class org.apache.shiro.web.filter.authz.HostFilter
- PRIVATE_CLASS_C_REGEX - Static variable in class org.apache.shiro.web.filter.authz.HostFilter
- proceed() - Method in interface org.apache.shiro.aop.MethodInvocation
-
Continues the method invocation chain, or if the last in the chain, the method itself.
- proceed() - Method in class org.apache.shiro.aspectj.BeforeAdviceMethodInvocationAdapter
- processDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processPathConfig(String, String) - Method in interface org.apache.shiro.web.filter.PathConfigProcessor
-
Processes the specified
config
, unique to the givenpath
, and returns the Filter that should execute for that path/config combination. - processPathConfig(String, String) - Method in class org.apache.shiro.web.filter.PathMatchingFilter
-
Splits any comma-delmited values that might be found in the
config
argument and sets the resultingString[]
array on theappliedPaths
internal Map. - processRoleDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processRoleDefinitions(Map<String, String>) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processUserDefinitions() - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- processUserDefinitions(Map<String, String>) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
- PropertiesRealm - Class in org.apache.shiro.realm.text
-
A
TextConfigurationRealm
that defers all logic to the parent class, but just enablesProperties
based configuration in addition to the parent class's String configuration. - PropertiesRealm() - Constructor for class org.apache.shiro.realm.text.PropertiesRealm
- ProvidedHashFormat - Enum in org.apache.shiro.crypto.hash.format
-
An enum representing Shiro's default provided
HashFormat
implementations. - ProxiedFilterChain - Class in org.apache.shiro.web.servlet
-
A proxied filter chain is a
FilterChain
instance that proxies an originalFilterChain
as well as aList
of otherFilter
s that might need to execute prior to the final wrapped original chain. - ProxiedFilterChain(FilterChain, List<Filter>) - Constructor for class org.apache.shiro.web.servlet.ProxiedFilterChain
- ProxiedSession - Class in org.apache.shiro.session
-
Simple
Session
implementation that immediately delegates all corresponding calls to an underlying proxied session instance. - ProxiedSession(Session) - Constructor for class org.apache.shiro.session.ProxiedSession
-
Constructs an instance that proxies the specified
target
. - proxy(FilterChain) - Method in interface org.apache.shiro.web.filter.mgt.NamedFilterList
-
Returns a new
FilterChain
instance that will first execute this list'sFilter
s (in list order) and end with the execution of the givenfilterChain
instance. - proxy(FilterChain) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- proxy(FilterChain, String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- proxy(FilterChain, String) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Proxies the specified
original
FilterChain with the named chain. - publish(Object) - Method in interface org.apache.shiro.event.EventBus
-
Publishes the specified event to an event subsystem that will deliver events to relevant
Subscribe
rs. - publish(Object) - Method in class org.apache.shiro.event.support.DefaultEventBus
- publishEvent(Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Publishes events on the event bus if the event bus is non-null, otherwise does nothing.
- put(Object, Object) - Static method in class org.apache.shiro.util.ThreadContext
-
Binds value for the given
key
to the current thread. - put(String, Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- put(String, Object) - Method in class org.apache.shiro.util.MapContext
- put(String, String) - Method in class org.apache.shiro.config.Ini.Section
- put(String, Ini.Section) - Method in class org.apache.shiro.config.Ini
- put(K, V) - Method in interface org.apache.shiro.cache.Cache
-
Adds a Cache entry.
- put(K, V) - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Puts an object into the cache.
- put(K, V) - Method in class org.apache.shiro.cache.MapCache
- put(K, V) - Method in class org.apache.shiro.util.SoftHashMap
-
Creates a new entry, but wraps the value in a SoftValue instance to enable auto garbage collection.
- putAll(Map<? extends String, ?>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- putAll(Map<? extends String, ?>) - Method in class org.apache.shiro.util.MapContext
- putAll(Map<? extends String, ? extends String>) - Method in class org.apache.shiro.config.Ini.Section
- putAll(Map<? extends String, ? extends Ini.Section>) - Method in class org.apache.shiro.config.Ini
- putAll(Map<? extends K, ? extends V>) - Method in class org.apache.shiro.util.SoftHashMap
- putValue(String, Object) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
Q
- QuartzSessionValidationJob - Class in org.apache.shiro.session.mgt.quartz
-
A quartz job that basically just calls the
ValidatingSessionManager.validateSessions()
method on a configured session manager. - QuartzSessionValidationJob() - Constructor for class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationJob
- QuartzSessionValidationScheduler - Class in org.apache.shiro.session.mgt.quartz
-
An implementation of the
SessionValidationScheduler
that uses Quartz to schedule a job to callValidatingSessionManager.validateSessions()
on a regular basis. - QuartzSessionValidationScheduler() - Constructor for class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
-
Default constructor.
- QuartzSessionValidationScheduler(ValidatingSessionManager) - Constructor for class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
-
Constructor that specifies the session manager that should be used for validating sessions.
- queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
-
Builds an
AuthenticationInfo
object by querying the active directory LDAP context for the specified username. - queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Abstract method that should be implemented by subclasses to builds an
AuthenticationInfo
object by querying the LDAP context for the specified username. - queryForAuthenticationInfo(AuthenticationToken, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
This implementation opens an LDAP connection using the token's
discovered principal
and providedcredentials
. - queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
-
Builds an
AuthorizationInfo
object by querying the active directory LDAP context for the groups that a user is a member of. - queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Abstract method that should be implemented by subclasses to builds an
AuthorizationInfo
object by querying the LDAP context for the specified principal. - queryForAuthorizationInfo(PrincipalCollection, LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Method that should be implemented by subclasses to build an
AuthorizationInfo
object by querying the LDAP context for the specified principal. - queryProperties(Map) - Method in class org.apache.shiro.web.util.RedirectView
-
Determine name-value pairs for query strings, which will be stringified, URL-encoded and formatted by appendQueryProperties.
- Quickstart - Class in <Unnamed>
-
Simple Quickstart application showing how to use Shiro's API.
- Quickstart() - Constructor for class Quickstart
- QuickStart - Class in org.apache.shiro.samples
-
Simple Bean used to demonstrate subject usage.
- QuickStart() - Constructor for class org.apache.shiro.samples.QuickStart
- QuickstartGuice - Class in <Unnamed>
-
Simple Quickstart application showing how to use Shiro's API with Guice integration.
- QuickstartGuice() - Constructor for class QuickstartGuice
- QuickstartShiroModule - Class in <Unnamed>
- QuickstartShiroModule() - Constructor for class QuickstartShiroModule
R
- RandomNumberGenerator - Interface in org.apache.shiro.crypto
-
A component that can generate random number/byte values as needed.
- RandomSessionIdGenerator - Class in org.apache.shiro.session.mgt.eis
-
Generates session IDs by using a
Random
instance to generate random IDs. - RandomSessionIdGenerator() - Constructor for class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
- readRestrictedCall() - Method in class org.apache.shiro.samples.SimpleService
- readSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Retrieves the Session object from the underlying EIS identified by sessionId by delegating to the
AbstractSessionDAO.doReadSession(java.io.Serializable)
method. - readSession(Serializable) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Attempts to acquire the Session from the cache first using the session ID as the cache key.
- readSession(Serializable) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Retrieves the session from the EIS uniquely identified by the specified
sessionId
. - readValue(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.shiro.web.servlet.Cookie
- readValue(HttpServletRequest, HttpServletResponse) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- realm() - Method in class org.apache.shiro.samples.CliApp
-
Example hard coded Realm bean.
- realm() - Method in class org.apache.shiro.samples.WebApp
- Realm - Interface in org.apache.shiro.realm
-
A Realm is a security component that can access application-specific security entities such as users, roles, and permissions to determine authentication and authorization operations.
- RealmFactory - Interface in org.apache.shiro.realm
-
Enables Shiro end-users to configure and initialize one or more
Realm
instances in any manner desired. - realms - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer
-
The realms to consult during any authorization check.
- RealmSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy based around a collection ofRealm
s. - RealmSecurityManager() - Constructor for class org.apache.shiro.mgt.RealmSecurityManager
-
Default no-arg constructor.
- rebind(String, Object) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Rebind the given object to the current JNDI context, using the given name.
- redirectToLogin(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Convenience method for subclasses that merely acquires the
getLoginUrl
and redirects the request to that url. - redirectToSavedRequest(ServletRequest, ServletResponse, String) - Static method in class org.apache.shiro.web.util.WebUtils
-
Redirects the to the request url from a previously
saved
request, or if there is no saved request, redirects the end user to the specifiedfallbackUrl
. - RedirectView - Class in org.apache.shiro.web.util
-
View that redirects to an absolute, context relative, or current request relative URL, exposing all model attributes as HTTP query parameters.
- RedirectView() - Constructor for class org.apache.shiro.web.util.RedirectView
-
Constructor for use as a bean.
- RedirectView(String) - Constructor for class org.apache.shiro.web.util.RedirectView
-
Create a new RedirectView with the given URL.
- RedirectView(String, boolean) - Constructor for class org.apache.shiro.web.util.RedirectView
-
Create a new RedirectView with the given URL.
- RedirectView(String, boolean, boolean) - Constructor for class org.apache.shiro.web.util.RedirectView
-
Create a new RedirectView with the given URL.
- REFERENCED_SESSION_ID - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- REFERENCED_SESSION_ID_IS_VALID - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- REFERENCED_SESSION_ID_SOURCE - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- REFERENCED_SESSION_IS_NEW - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- referral - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- ReflectionBuilder - Class in org.apache.shiro.config
-
Object builder that uses reflection and Apache Commons BeanUtils to build objects given a map of "property values".
- ReflectionBuilder() - Constructor for class org.apache.shiro.config.ReflectionBuilder
- ReflectionBuilder(Map<String, ?>) - Constructor for class org.apache.shiro.config.ReflectionBuilder
- RegExPatternMatcher - Class in org.apache.shiro.util
-
PatternMatcher
implementation that uses standardjava.util.regex
objects. - RegExPatternMatcher() - Constructor for class org.apache.shiro.util.RegExPatternMatcher
- register(Object) - Method in interface org.apache.shiro.event.EventBus
-
Registers all event handler methods on the specified instance to receive relevant events.
- register(Object) - Method in class org.apache.shiro.event.support.DefaultEventBus
- registerFilters(Map<String, Filter>, FilterChainManager) - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- REGISTRATION_BEAN_NAME - Static variable in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebFilterConfiguration
- releaseRunAs() - Method in interface org.apache.shiro.subject.Subject
-
Releases the current 'run as' (assumed) identity and reverts back to the previous 'pre run as' identity that existed before
#runAs runAs
was called. - releaseRunAs() - Method in class org.apache.shiro.subject.support.DelegatingSubject
- reloadIntervalSeconds - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- rememberIdentity(Subject, AuthenticationToken, AuthenticationInfo) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Remembers a subject-unique identity for retrieval later.
- rememberIdentity(Subject, PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Remembers the specified account principals by first
converting
them to a byte array and thenremembers
that byte array. - RememberMeAuthenticationToken - Interface in org.apache.shiro.authc
-
An
AuthenticationToken
that indicates if the user wishes their identity to be remembered across sessions. - rememberMeCookieDomain - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeCookieMaxAge - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeCookieName - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeCookiePath - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeCookieSecure - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeCookieTemplate() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- rememberMeCookieTemplate() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeCookieTemplate() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- rememberMeFailedLogin(AuthenticationToken, AuthenticationException, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- rememberMeLogout(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- rememberMeManager - Variable in class org.apache.shiro.mgt.DefaultSecurityManager
- rememberMeManager() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- rememberMeManager() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- rememberMeManager() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- rememberMeManager() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeManager() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- RememberMeManager - Interface in org.apache.shiro.mgt
-
A RememberMeManager is responsible for remembering a Subject's identity across that Subject's sessions with the application.
- rememberMeSameSite - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- rememberMeSuccessfulLogin(AuthenticationToken, AuthenticationInfo, Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- rememberSerializedIdentity(Subject, byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Persists the identity bytes to a persistent store for retrieval later via the
AbstractRememberMeManager.getRememberedSerializedIdentity(SubjectContext)
method. - rememberSerializedIdentity(Subject, byte[]) - Method in class org.apache.shiro.web.mgt.CookieRememberMeManager
-
Base64-encodes the specified serialized byte array and sets that base64-encoded String as the cookie value.
- remove() - Static method in class org.apache.shiro.util.ThreadContext
-
Remove
s the underlyingThreadLocal
from the thread. - remove(int) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- remove(Object) - Method in class org.apache.shiro.config.Ini
- remove(Object) - Method in class org.apache.shiro.config.Ini.Section
- remove(Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- remove(Object) - Method in class org.apache.shiro.util.MapContext
- remove(Object) - Method in class org.apache.shiro.util.SoftHashMap
- remove(Object) - Static method in class org.apache.shiro.util.ThreadContext
-
Unbinds the value for the given
key
from the current thread. - remove(Object) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- remove(K) - Method in interface org.apache.shiro.cache.Cache
-
Remove the cache entry corresponding to the specified key.
- remove(K) - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Removes the element which matches the key.
- remove(K) - Method in class org.apache.shiro.cache.MapCache
- removeAll(Collection<?>) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - removeAttribute(Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- removeAttribute(Object) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- removeAttribute(Object) - Method in interface org.apache.shiro.session.Session
-
Removes (unbinds) the object bound to this session under the specified
key
name. - removeAttribute(Object) - Method in class org.apache.shiro.web.session.HttpServletSession
- removeAttribute(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- removeAttribute(SessionKey, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- removeAttribute(SessionKey, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Removes (unbinds) the object bound to associated
Session
under the givenattributeKey
. - removeContextAttribute(String) - Method in class org.apache.shiro.web.servlet.ServletContextSupport
- removeFrom(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.shiro.web.servlet.Cookie
- removeFrom(HttpServletRequest, HttpServletResponse) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- removeFromSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Removes any existing subject state from the Subject's session (if the session exists).
- removeRealmPrincipal(String, String) - Method in interface org.apache.shiro.subject.PrincipalMap
- removeRealmPrincipal(String, String) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- removeRequestIdentity(Subject) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- removeSection(String) - Method in class org.apache.shiro.config.Ini
-
Removes the section with the specified name and returns it, or
null
if the section did not exist. - removeValue(String) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- renderMergedOutputModel(Map, HttpServletRequest, HttpServletResponse) - Method in class org.apache.shiro.web.util.RedirectView
-
Convert model to request parameters and redirect to the given URL.
- RequestPairSource - Interface in org.apache.shiro.web.util
-
A
RequestPairSource
is a component that can supply aServletRequest
andServletResponse
pair associated with a currently executing request. - RequiredTypeException - Exception in org.apache.shiro.env
-
Exception thrown when attempting to acquire an object of a required type and that object does not equal, extend, or implement a specified
Class
. - RequiredTypeException(String) - Constructor for exception org.apache.shiro.env.RequiredTypeException
- RequiredTypeException(String, Throwable) - Constructor for exception org.apache.shiro.env.RequiredTypeException
- RequiresAuthentication - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current Subject to have been authenticated during their current session for the annotated class/instance/method to be accessed or invoked.
- requiresDestruction(Object) - Method in class org.apache.shiro.spring.LifecycleBeanPostProcessor
-
Return true only if
bean
implements Destroyable. - RequiresGuest - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current Subject to be a "guest", that is, they are not authenticated or remembered from a previous session for the annotated class/instance/method to be accessed or invoked.
- RequiresPermissions - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current executor's Subject to imply a particular permission in order to execute the annotated method.
- RequiresRoles - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the currently executing
Subject
to have all of the specified roles. - RequiresUser - Annotation Type in org.apache.shiro.authz.annotation
-
Requires the current Subject to be an application user for the annotated class/instance/method to be accessed or invoked.
- resolveAuthenticated() - Method in interface org.apache.shiro.subject.SubjectContext
- resolveAuthenticated() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveClass(ObjectStreamClass) - Method in class org.apache.shiro.io.ClassResolvingObjectInputStream
-
Resolves an
ObjectStreamClass
by delegating to Shiro'sClassUtils.forName(String)
utility method, which is known to work in all ClassLoader environments. - resolveContextSession(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- resolveDelimitedPermissions(String, PermissionResolver) - Static method in class org.apache.shiro.util.PermissionUtils
- resolveHost() - Method in interface org.apache.shiro.subject.SubjectContext
- resolveHost() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveHost() - Method in class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- resolveIni() - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Tries to resolve the Ini instance to use for configuration.
- resolvePermission(String) - Method in interface org.apache.shiro.authz.permission.PermissionResolver
-
Resolves a Permission based on the given String representation.
- resolvePermission(String) - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Returns a new
WildcardPermission
instance constructed based on the specified permissionString. - resolvePermissions(Collection<String>, PermissionResolver) - Static method in class org.apache.shiro.util.PermissionUtils
- resolvePermissionsInRole(String) - Method in interface org.apache.shiro.authz.permission.RolePermissionResolver
-
Resolves a Collection of Permissions based on the given String representation.
- resolvePrincipals() - Method in interface org.apache.shiro.subject.SubjectContext
- resolvePrincipals() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolvePrincipals(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Attempts to resolve an identity (a
PrincipalCollection
) for the context using heuristics. - resolveReference(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- resolveSecurityManager() - Method in interface org.apache.shiro.subject.SubjectContext
-
Resolves the
SecurityManager
instance that should be used to back the constructedSubject
instance (typically used to supportDelegatingSubject
implementations). - resolveSecurityManager() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveServletRequest() - Method in class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- resolveServletRequest() - Method in interface org.apache.shiro.web.subject.WebSubjectContext
- resolveServletResponse() - Method in class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- resolveServletResponse() - Method in interface org.apache.shiro.web.subject.WebSubjectContext
- resolveSession() - Method in interface org.apache.shiro.subject.SubjectContext
- resolveSession() - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- resolveSession(SubjectContext) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Attempts to resolve any associated session based on the context and returns a context that represents this resolved
Session
to ensure it may be referenced if necessary by the invokedSubjectFactory
that performs actualSubject
construction. - resolveValue(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- ResourceBasedWebEnvironment - Class in org.apache.shiro.web.env
-
Abstract implementation for
WebEnvironment
s that can be initialized via resource paths (config files). - ResourceBasedWebEnvironment() - Constructor for class org.apache.shiro.web.env.ResourceBasedWebEnvironment
- ResourceConfigurable - Interface in org.apache.shiro.config
-
Interface implemented by components that can be configured by resource locations (paths).
- resourceExists(String) - Static method in class org.apache.shiro.io.ResourceUtils
-
Returns
true
if the resource at the specified path exists,false
otherwise. - resourcePath - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- ResourceUtils - Class in org.apache.shiro.io
-
Static helper methods for loading
Stream
-backed resources. - rest - org.apache.shiro.web.filter.mgt.DefaultFilter
- REST - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- restore() - Method in class org.apache.shiro.subject.support.SubjectThreadState
-
Remove
s all thread-state that was bound by this instance. - restore() - Method in interface org.apache.shiro.util.ThreadState
-
Restores a thread to its state before bind
bind
was invoked. - RestrictedErrorController - Class in org.apache.shiro.samples
- RestrictedErrorController() - Constructor for class org.apache.shiro.samples.RestrictedErrorController
- retainAll(Collection<?>) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- retrieveSession(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
Looks up a session from the underlying data store based on the specified session key.
- retrieveSession(SessionKey) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- retrieveSessionFromDataSource(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- RoleAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresRoles
annotation is declared, and if so, performs a role check to see if the callingSubject
is allowed to proceed. - RoleAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationHandler
-
Default no-argument constructor that ensures this handler looks for
RequiresRoles
annotations. - RoleAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresRoles
annotation is declared, and if so, performs a role check to see if the callingSubject
is allowed to invoke the method. - RoleAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresRoles
annotations in a method declaration. - RoleAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.RoleAnnotationMethodInterceptor
- roleExists(String) - Method in class org.apache.shiro.realm.SimpleAccountRealm
- rolePermissionResolver - Variable in class org.apache.shiro.authz.ModularRealmAuthorizer
-
A RolePermissionResolver to be used by all configured realms.
- rolePermissionResolver - Variable in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- RolePermissionResolver - Interface in org.apache.shiro.authz.permission
-
A RolePermissionResolver resolves a String value and converts it into a Collection of
Permission
instances. - RolePermissionResolverAware - Interface in org.apache.shiro.authz.permission
-
Interface implemented by a component that wishes to use any application-configured RolePermissionResolver that might already exist instead of potentially creating one itself.
- roles - org.apache.shiro.web.filter.mgt.DefaultFilter
- roles - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
The internal roles collection.
- roles - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- ROLES - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- ROLES_LOCK - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- ROLES_SECTION_NAME - Static variable in class org.apache.shiro.realm.text.IniRealm
- RolesAuthorizationFilter - Class in org.apache.shiro.web.filter.authz
-
Filter that allows access if the current user has the roles specified by the mapped value, or denies access if the user does not have all of the roles specified.
- RolesAuthorizationFilter() - Constructor for class org.apache.shiro.web.filter.authz.RolesAuthorizationFilter
- RoleTag - Class in org.apache.shiro.web.tags
- RoleTag() - Constructor for class org.apache.shiro.web.tags.RoleTag
- ROOT_PATH - Static variable in interface org.apache.shiro.web.servlet.Cookie
-
Root path to use when the path hasn't been set and request context root is empty or null.
- run() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- run() - Method in class org.apache.shiro.samples.QuickStart
- run() - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- run() - Method in class org.apache.shiro.subject.support.SubjectRunnable
-
Bind
s the Subject thread state, executes the targetRunnable
and then guarantees the previous thread state'srestoration
: - runAs(PrincipalCollection) - Method in interface org.apache.shiro.subject.Subject
-
Allows this subject to 'run as' or 'assume' another identity indefinitely.
- runAs(PrincipalCollection) - Method in class org.apache.shiro.subject.support.DelegatingSubject
S
- SaltedAuthenticationInfo - Interface in org.apache.shiro.authc
-
Interface representing account information that may use a salt when hashing credentials.
- saltIsBase64Encoded - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- saltStyle - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- SAME_SITE_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- save(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Saves the subject's state to a persistent location for future reference if necessary.
- save(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Saves the subject's state to the subject's
session
only ifsessionStorageEnabled(subject)
. - save(Subject) - Method in interface org.apache.shiro.mgt.SubjectDAO
-
Persists the specified Subject's state for later access.
- SAVED_REQUEST_KEY - Static variable in class org.apache.shiro.web.util.WebUtils
-
Session
key used to save a request and later restore it, for example when redirecting to a requested page after login, equal toshiroSavedRequest
. - SavedRequest - Class in org.apache.shiro.web.util
-
Maintains request data for a request that was redirected, so that after authentication the user can be redirected to the originally requested page.
- SavedRequest(HttpServletRequest) - Constructor for class org.apache.shiro.web.util.SavedRequest
-
Constructs a new instance from the given HTTP request.
- saveRequest(ServletRequest) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Convenience method merely delegates to
WebUtils.saveRequest(request)
to save the request state for reuse later. - saveRequest(ServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
- saveRequestAndRedirectToLogin(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Convenience method for subclasses to use when a login redirect is required.
- saveTo(HttpServletRequest, HttpServletResponse) - Method in interface org.apache.shiro.web.servlet.Cookie
- saveTo(HttpServletRequest, HttpServletResponse) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- saveToSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Saves the subject's state (it's principals and authentication state) to its
session
. - schedule(Runnable, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- schedule(Callable<V>, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- scheduleAtFixedRate(Runnable, long, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- scheduler - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- scheduleWithFixedDelay(Runnable, long, long, TimeUnit) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- scope(Key<T>, Provider<T>) - Method in class org.apache.shiro.guice.ShiroSessionScope
- searchBase - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- searchBase - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- searchFilter - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- SECTION_PREFIX - Static variable in class org.apache.shiro.config.Ini
- SECTION_SUFFIX - Static variable in class org.apache.shiro.config.Ini
- SECURE_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
- SecureRandomNumberGenerator - Class in org.apache.shiro.crypto
-
Default implementation of the
RandomNumberGenerator
interface, backed by aSecureRandom
instance. - SecureRandomNumberGenerator() - Constructor for class org.apache.shiro.crypto.SecureRandomNumberGenerator
-
Creates a new instance with a default backing
SecureRandom
and adefaultNextBytesSize
of16
, which equals 128 bits, a size commonly used in cryptographic algorithms. - SecureRemoteInvocationExecutor - Class in org.apache.shiro.spring.remoting
-
An implementation of the Spring
RemoteInvocationExecutor
that binds asessionId
to the incoming thread to make it available to theSecurityManager
implementation during the thread execution. - SecureRemoteInvocationExecutor() - Constructor for class org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor
- SecureRemoteInvocationFactory - Class in org.apache.shiro.spring.remoting
-
A
RemoteInvocationFactory
that passes the session ID to the server via aRemoteInvocation
attribute
. - SecureRemoteInvocationFactory() - Constructor for class org.apache.shiro.spring.remoting.SecureRemoteInvocationFactory
- SecureRemoteInvocationFactory(String) - Constructor for class org.apache.shiro.spring.remoting.SecureRemoteInvocationFactory
- SecureTag - Class in org.apache.shiro.web.tags
- SecureTag() - Constructor for class org.apache.shiro.web.tags.SecureTag
- SECURITY_MANAGER_KEY - Static variable in class org.apache.shiro.util.ThreadContext
- SECURITY_MANAGER_NAME - Static variable in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.
- securityManager - Variable in class org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor
- securityManager - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- securityManager - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- securityManager(List<Realm>) - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- securityManager(List<Realm>) - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- securityManager(List<Realm>) - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- securityManager(List<Realm>) - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- securityManager(List<Realm>) - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- SecurityManager - Interface in org.apache.shiro.mgt
-
A
SecurityManager
executes all security operations for all Subjects (aka users) across a single application. - SecurityUtils - Class in org.apache.shiro
-
Accesses the currently accessible
Subject
for the calling code depending on runtime environment. - SecurityUtils() - Constructor for class org.apache.shiro.SecurityUtils
- sendRedirect(HttpServletRequest, HttpServletResponse, String, boolean) - Method in class org.apache.shiro.web.util.RedirectView
-
Send a redirect back to the HTTP client
- SerializationException - Exception in org.apache.shiro.io
-
Root exception for problems either serializing or de-serializing data.
- SerializationException() - Constructor for exception org.apache.shiro.io.SerializationException
-
Creates a new SerializationException.
- SerializationException(String) - Constructor for exception org.apache.shiro.io.SerializationException
-
Constructs a new SerializationException.
- SerializationException(String, Throwable) - Constructor for exception org.apache.shiro.io.SerializationException
-
Constructs a new SerializationException.
- SerializationException(Throwable) - Constructor for exception org.apache.shiro.io.SerializationException
-
Constructs a new SerializationException.
- serialize(Object) - Method in class org.apache.shiro.io.XmlSerializer
-
Deprecated.Serializes the specified
source
into a byte[] array by using theXMLEncoder
to encode the object out to aByteArrayOutputStream
, where the resulting byte[] array is returned. - serialize(PrincipalCollection) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Serializes the given
principals
by serializing them to a byte array by using theserializer
'sserialize
method. - serialize(T) - Method in class org.apache.shiro.io.DefaultSerializer
-
This implementation serializes the Object by using an
ObjectOutputStream
backed by aByteArrayOutputStream
. - serialize(T) - Method in interface org.apache.shiro.io.Serializer
-
Converts the specified Object into a byte[] array.
- Serializer<T> - Interface in org.apache.shiro.io
-
A
Serializer
converts objects to raw binary data and vice versa, enabling persistent storage of objects to files, HTTP cookies, or other mechanism. - SERVLET_REQUEST_KEY - Static variable in class org.apache.shiro.web.util.WebUtils
- SERVLET_RESPONSE_KEY - Static variable in class org.apache.shiro.web.util.WebUtils
- ServletContainerSessionManager - Class in org.apache.shiro.web.session.mgt
-
SessionManager implementation providing
Session
implementations that are merely wrappers for the Servlet container'sHttpSession
. - ServletContainerSessionManager() - Constructor for class org.apache.shiro.web.session.mgt.ServletContainerSessionManager
- servletContext - Variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- servletContext - Variable in class org.apache.shiro.web.servlet.ShiroHttpSession
- ServletContextSupport - Class in org.apache.shiro.web.servlet
-
Base implementation for any components that need to access the web application's
ServletContext
. - ServletContextSupport() - Constructor for class org.apache.shiro.web.servlet.ServletContextSupport
- session - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- session - Variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- session - Variable in class org.apache.shiro.web.servlet.ShiroHttpSession
- session(Session) - Method in class org.apache.shiro.subject.Subject.Builder
-
Ensures the
Subject
being built will use the specifiedSession
instance. - Session - Interface in org.apache.shiro.session
-
A
Session
is a stateful data context associated with a single Subject (user, daemon process, etc) who interacts with a software system over a period of time. - SESSION_CREATION_ENABLED - Static variable in class org.apache.shiro.subject.support.DefaultSubjectContext
- SESSION_ID_KEY - Static variable in class org.apache.shiro.spring.remoting.SecureRemoteInvocationFactory
- SESSION_ID_URL_REWRITING_ENABLED - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- SessionContext - Interface in org.apache.shiro.session.mgt
-
A
SessionContext
is a 'bucket' of data presented to aSessionFactory
which interprets this data to constructSession
instances. - sessionCookieTemplate() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- sessionCookieTemplate() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionCookieTemplate() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- sessionCreationEnabled - Variable in class org.apache.shiro.subject.support.DelegatingSubject
- sessionCreationEnabled(boolean) - Method in class org.apache.shiro.subject.Subject.Builder
-
Configures whether or not the created Subject instance can create a new
Session
if one does not already exist. - sessionDAO - Variable in class org.apache.shiro.session.mgt.DefaultSessionManager
- sessionDAO() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- sessionDAO() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- sessionDAO() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- sessionDAO() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- sessionDAO() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- SessionDAO - Interface in org.apache.shiro.session.mgt.eis
-
Data Access Object design pattern specification to enable
Session
access to an EIS (Enterprise Information System). - SessionException - Exception in org.apache.shiro.session
-
General security exception attributed to problems during interaction with the system during a session.
- SessionException() - Constructor for exception org.apache.shiro.session.SessionException
-
Creates a new SessionException.
- SessionException(String) - Constructor for exception org.apache.shiro.session.SessionException
-
Constructs a new SessionException.
- SessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.SessionException
-
Constructs a new SessionException.
- SessionException(Throwable) - Constructor for exception org.apache.shiro.session.SessionException
-
Constructs a new SessionException.
- sessionFactory() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- sessionFactory() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- sessionFactory() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- sessionFactory() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- sessionFactory() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- SessionFactory - Interface in org.apache.shiro.session.mgt
-
A simple factory class that instantiates concrete
Session
instances. - sessionId(Serializable) - Method in class org.apache.shiro.subject.Subject.Builder
- sessionIdCookieDomain - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionIdCookieEnabled - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionIdCookieMaxAge - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionIdCookieName - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionIdCookiePath - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionIdCookieSameSite - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionIdCookieSecure - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- SessionIdGenerator - Interface in org.apache.shiro.session.mgt.eis
-
Interface allowing pluggable session ID generation strategies to be used with various
SessionDAO
implementations. - sessionIdUrlRewritingEnabled - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- SessionKey - Interface in org.apache.shiro.session.mgt
-
A
SessionKey
is a key that allows look-up of any particularSession
instance. - SessionListener - Interface in org.apache.shiro.session
-
Interface to be implemented by components that wish to be notified of events that occur during a
Session
's life cycle. - SessionListenerAdapter - Class in org.apache.shiro.session
-
Simple adapter implementation of the
SessionListener
interface, effectively providing no-op implementations of all methods. - SessionListenerAdapter() - Constructor for class org.apache.shiro.session.SessionListenerAdapter
- sessionManager() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- sessionManager() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- sessionManager() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- sessionManager() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- sessionManager() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionManager() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- SessionManager - Interface in org.apache.shiro.session.mgt
-
A SessionManager manages the creation, maintenance, and clean-up of all application
Session
s. - sessionManagerDeleteInvalidSessions - Variable in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- SessionsSecurityManager - Class in org.apache.shiro.mgt
-
Shiro support of a
SecurityManager
class hierarchy that delegates allsession
operations to a wrappedSessionManager
instance. - SessionsSecurityManager() - Constructor for class org.apache.shiro.mgt.SessionsSecurityManager
-
Default no-arg constructor, internally creates a suitable default
SessionManager
delegate instance. - sessionStorageEvaluator() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- sessionStorageEvaluator() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- sessionStorageEvaluator() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- sessionStorageEvaluator() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- sessionStorageEvaluator() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- sessionStorageEvaluator() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- SessionStorageEvaluator - Interface in org.apache.shiro.mgt
-
Evaluates whether or not Shiro may use a
Subject
'sSession
to persist thatSubject
's internal state. - sessionValidationInterval - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- sessionValidationScheduler - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
Scheduler used to validate sessions on a regular basis.
- SessionValidationScheduler - Interface in org.apache.shiro.session.mgt
-
Interface that should be implemented by classes that can control validating sessions on a regular basis.
- sessionValidationSchedulerEnabled - Variable in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- set(int, Filter) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- setActions(Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setActiveSessionsCache(Cache<Serializable, Session>) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Sets the cache instance to use for storing active sessions.
- setActiveSessionsCacheName(String) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Sets the name of the active sessions cache to be returned by the
CacheManager
. - setAdditionalEnvironment(Map<String, String>) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.These entries are added to the environment map before initializing the LDAP context.
- setAlgorithmName(String) - Method in class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Sets the name of the hash algorithm the
HashService
should use when computing theHash
. - setAnnotationClass(Class<? extends Annotation>) - Method in class org.apache.shiro.aop.AnnotationHandler
-
Sets the type of annotation this handler will inspect and process.
- setAnnotationClass(Class<? extends Annotation>) - Method in class org.apache.shiro.event.support.AnnotationEventListenerResolver
-
Sets the type of annotation that indicates a method that should be represented as an
EventListener
. - setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - setAttribute(Object, Object) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setAttribute(Object, Object) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- setAttribute(Object, Object) - Method in interface org.apache.shiro.session.Session
-
Binds the specified
value
to this session, uniquely identified by the specifiedkey
name. - setAttribute(Object, Object) - Method in class org.apache.shiro.web.session.HttpServletSession
- setAttribute(String, Object) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- setAttribute(SessionKey, Object, Object) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- setAttribute(SessionKey, Object, Object) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Binds the specified
value
to the associated session uniquely identified by theattributeKey
. - setAttributes(Map<Object, Object>) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setAuthenticated(boolean) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets whether or not the constructed
Subject
instance should be considered as authenticated. - setAuthenticated(boolean) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setAuthentication(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Sets the type of LDAP authentication to perform when connecting to the LDAP server.
- setAuthenticationCache(Cache<Object, AuthenticationInfo>) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets an explicit
Cache
instance to use for authentication caching. - setAuthenticationCacheName(String) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets the name of a
Cache
to lookup from any availablecacheManager
if a cache is not explicitly configured viaAuthenticatingRealm.setAuthenticationCache(org.apache.shiro.cache.Cache)
. - setAuthenticationCachingEnabled(boolean) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets whether or not authentication caching should be utilized if a
CacheManager
has beenconfigured
,false
otherwise. - setAuthenticationInfo(AuthenticationInfo) - Method in interface org.apache.shiro.subject.SubjectContext
- setAuthenticationInfo(AuthenticationInfo) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setAuthenticationListeners(Collection<AuthenticationListener>) - Method in class org.apache.shiro.authc.AbstractAuthenticator
-
Sets the
AuthenticationListener
s that should be notified during authentication attempts. - setAuthenticationMechanism(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the type of LDAP authentication mechanism to use when connecting to the LDAP server.
- setAuthenticationQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Overrides the default query used to retrieve a user's password during authentication.
- setAuthenticationStrategy(AuthenticationStrategy) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Allows overriding the default
AuthenticationStrategy
utilized during multi-realm log-in attempts. - setAuthenticationToken(AuthenticationToken) - Method in interface org.apache.shiro.subject.SubjectContext
- setAuthenticationToken(AuthenticationToken) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setAuthenticationTokenClass(Class<? extends AuthenticationToken>) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets the authenticationToken class supported by this realm.
- setAuthenticator(Authenticator) - Method in class org.apache.shiro.mgt.AuthenticatingSecurityManager
-
Sets the delegate
Authenticator
instance that this SecurityManager uses to perform all authentication operations. - setAuthorizationCache(Cache<Object, AuthorizationInfo>) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setAuthorizationCacheName(String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setAuthorizationCachingEnabled(boolean) - Method in class org.apache.shiro.realm.AuthorizingRealm
-
Sets whether or not authorization caching should be utilized if a
CacheManager
has beenconfigured
,false
otherwise. - setAuthorizedHosts(String) - Method in class org.apache.shiro.web.filter.authz.HostFilter
- setAuthorizer(Authorizer) - Method in class org.apache.shiro.mgt.AuthorizingSecurityManager
-
Sets the underlying Authorizer instance to which this SecurityManager implementation will delegate all of its authorization calls.
- setBlockBackslash(boolean) - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- setBlockNonAscii(boolean) - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- setBlockSemicolon(boolean) - Method in class org.apache.shiro.web.filter.InvalidRequestFilter
- setBlockSize(int) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
-
Sets the block cipher's block size to be used when constructing
Cipher
transformation string. - setBytes(byte[]) - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Sets the raw bytes stored by this hash instance.
- setBytes(byte[]) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Sets the raw bytes stored by this hash instance.
- setCacheManager(CacheManager) - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Sets the wrapped Ehcache
CacheManager
instance. - setCacheManager(CacheManager) - Method in interface org.apache.shiro.cache.CacheManagerAware
-
Sets the available CacheManager instance on this component.
- setCacheManager(CacheManager) - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Sets the CacheManager used by this
SecurityManager
and potentially any of its children components. - setCacheManager(CacheManager) - Method in class org.apache.shiro.realm.CachingRealm
-
Sets the CacheManager to be used for data caching to reduce EIS round trips.
- setCacheManager(CacheManager) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- setCacheManager(CacheManager) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Sets the cacheManager to use for acquiring the
activeSessionsCache
if one is not configured. - setCacheManagerConfigFile(String) - Method in class org.apache.shiro.cache.ehcache.EhCacheManager
-
Sets the resource location of the config file used to initialize the wrapped EhCache CacheManager instance.
- setCachingEnabled(boolean) - Method in class org.apache.shiro.realm.CachingRealm
-
Sets whether or not caching should be used if a
CacheManager
has beenconfigured
. - setCaseSensitive(boolean) - Method in class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Set the case sensitivity of the resolved Wildcard permissions.
- setCasServerUrlPrefix(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setCasService(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Convenience method that sets the cipher key to use for both encryption and decryption.
- setCipherService(CipherService) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the
CipherService
to use for encrypting and decrypting serialized identity data to prevent easy inspection of Subject identity data. - setComment(String) - Method in interface org.apache.shiro.web.servlet.Cookie
- setComment(String) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setConfig(Config) - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Sets the Hazelcast
Config
object to use to create a backingHazelcastInstance
if one is notsupplied
. - setConfig(String) - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.Sets the actual INI configuration text to use to build the
SecurityManager
andFilterChainResolver
used by the web application. - setConfigLocations(String) - Method in interface org.apache.shiro.config.ResourceConfigurable
-
Convenience method that accepts a comma-delimited string of config locations (resource paths).
- setConfigLocations(String) - Method in class org.apache.shiro.web.env.ResourceBasedWebEnvironment
- setConfigLocations(String[]) - Method in interface org.apache.shiro.config.ResourceConfigurable
-
Sets the configuration locations (resource paths) that will be used to configure the instance.
- setConfigLocations(String[]) - Method in class org.apache.shiro.web.env.ResourceBasedWebEnvironment
- setConfigPath(String) - Method in class org.apache.shiro.web.servlet.IniShiroFilter
-
Deprecated.Sets the config path to be used to load a .ini file for configuration if a configuration is not specified via the
config
attribute. - setContext(ServletContext) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
- setContextAttribute(String, Object) - Method in class org.apache.shiro.web.servlet.ServletContextSupport
- setContextFactory(LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Sets the LdapContextFactory instance used to acquire connections to the LDAP directory during authentication attempts and authorization queries.
- setContextFactoryClassName(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The context factory to use.
- setContextFactoryClassName(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
The name of the ContextFactory class to use.
- setContextRelative(boolean) - Method in class org.apache.shiro.web.util.RedirectView
-
Set whether to interpret a given URL that starts with a slash ("/") as relative to the current ServletContext, i.e. as relative to the web application root.
- setCookie(Cookie) - Method in class org.apache.shiro.web.mgt.CookieRememberMeManager
-
Sets the cookie 'template' that will be used to set all attributes of outgoing rememberMe cookies created by this
RememberMeManager
. - setCredentials(Object) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets this Account's credentials that verify one or more of the Account's
principals
, such as a password or private key. - setCredentials(Object) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Sets the credentials that verify the principals/identity of the associated Realm account.
- setCredentialsExpired(boolean) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets whether or not the Account's credentials are expired.
- setCredentialsMatcher(CredentialsMatcher) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Sets the CrendialsMatcher used during an authentication attempt to verify submitted credentials with those stored in the system.
- setCredentialsSalt(ByteSource) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the salt to use to hash this Account's credentials (eg for password hashing), or
null
if no salt is used or credentials are not hashed at all. - setCredentialsSalt(ByteSource) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Sets the salt used to hash the credentials, or
null
if no salt was used or credentials were not hashed at all. - setDataSource(DataSource) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Sets the datasource that should be used to retrieve connections used by this realm.
- setDecryptionCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the decryption key to use for decryption operations.
- setDefaultNextBytesSize(int) - Method in class org.apache.shiro.crypto.SecureRandomNumberGenerator
-
Sets the size of the generated byte array for calls to
nextBytes()
. - setDefaultPermissions(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setDefaultRoles(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setDefaults(Map<String, ?>) - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.Sets the default objects used by this factory.
- setDefaultValue(String) - Method in class org.apache.shiro.web.tags.PrincipalTag
- setDeleteInvalidSessions(boolean) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Sets whether or not sessions should be automatically deleted after they are discovered to be invalid.
- setDeniedHosts(String) - Method in class org.apache.shiro.web.filter.authz.HostFilter
- setDomain(String) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setDomain(String) - Method in interface org.apache.shiro.web.servlet.Cookie
- setDomain(String) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setEnabled(boolean) - Method in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- setEnabled(boolean) - Method in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
Sets whether or not this filter generally executes for any request.
- setEncodingScheme(String) - Method in class org.apache.shiro.web.util.RedirectView
-
Set the encoding scheme for this view.
- setEncryptionCipherKey(byte[]) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the encryption key to use for encryption operations.
- setEnvironment(Map) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the base JNDI environment template to use when acquiring LDAP connections.
- setEnvironment(Properties) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Set the environment for the JNDI InitialContext.
- setEventBus(EventBus) - Method in interface org.apache.shiro.event.EventBusAware
-
Sets the available
EventBus
that may be used for publishing and subscribing to/from events. - setEventBus(EventBus) - Method in class org.apache.shiro.mgt.CachingSecurityManager
-
Sets the EventBus used by this
SecurityManager
and potentially any of its children components. - setEventBus(EventBus) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
-
Sets the EventBus to use to publish SessionEvents.
- setEventListenerResolver(EventListenerResolver) - Method in class org.apache.shiro.event.support.DefaultEventBus
- setExpired(boolean) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setFailureAttribute(ServletRequest, AuthenticationException) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- setFailureKeyAttribute(String) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- setFailureUrl(String) - Method in class org.apache.shiro.cas.CasFilter
-
Deprecated.
- setFilterChainDefinitionMap(Map<String, String>) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Sets the chainName-to-chainDefinition map of chain definitions to use for creating filter chains intercepted by the Shiro Filter.
- setFilterChainDefinitions(String) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
A convenience method that sets the
filterChainDefinitionMap
property by accepting aProperties
-compatible string (multi-line key/value pairs). - setFilterChainManager(FilterChainManager) - Method in class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
- setFilterChainResolver(FilterChainResolver) - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- setFilterChainResolver(FilterChainResolver) - Method in interface org.apache.shiro.web.env.MutableWebEnvironment
-
Sets the
WebEnvironment
'sFilterChainResolver
. - setFilterChainResolver(FilterChainResolver) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- setFilterChains(Map<String, NamedFilterList>) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- setFilterConfig(FilterConfig) - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- setFilterConfig(FilterConfig) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
-
Sets the
FilterConfig
provided by the Servlet container at webapp startup. - setFilterConfig(FilterConfig) - Method in class org.apache.shiro.web.servlet.AbstractFilter
-
Sets the FilterConfig and the
ServletContext
as attributes of this class for use by subclasses. - setFilters(Map<String, Filter>) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Sets the filterName-to-Filter map of filters available for reference when creating
filter chain definitions
. - setFilters(Map<String, Filter>) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- setFormatClassNames(Map<String, String>) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
-
Sets the
hash-format-alias
-to-fullyQualifiedHashFormatClassNameImplementation
map to be used in theDefaultHashFormatFactory.getInstance(String)
implementation. - setGenerateInitializationVectors(boolean) - Method in class org.apache.shiro.crypto.JcaCipherService
- setGeneratePublicSalt(boolean) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
-
Sets whether or not a public salt should be randomly generated and used to compute a hash if a
HashRequest
does not specify a salt. - setGlobalFilters(List<String>) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Sets the list of filters that will be executed against every request.
- setGlobalFilters(List<String>) - Method in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- setGlobalFilters(List<String>) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
- setGlobalFilters(List<String>) - Method in interface org.apache.shiro.web.filter.mgt.FilterChainManager
-
Configures the set of named filters that will match all paths.
- setGlobalSessionTimeout(long) - Method in class org.apache.shiro.session.mgt.AbstractSessionManager
-
Sets the system-wide default time in milliseconds that any session may remain idle before expiring.
- setGroupRolesMap(Map<String, String>) - Method in class org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
- setHandler(AnnotationHandler) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Sets the
AnnotationHandler
used to perform authorization behavior based on an annotation discovered at runtime. - setHashAlgorithmName(String) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Sets the
Hash
algorithmName
to use when performing hashes for credentials matching. - setHashAlgorithmName(String) - Method in interface org.apache.shiro.crypto.hash.ConfigurableHashService
-
Sets the name of the
MessageDigest
algorithm that will be used to compute hashes. - setHashAlgorithmName(String) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- setHashFormat(HashFormat) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- setHashFormatFactory(HashFormatFactory) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- setHashIterations(int) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Sets the number of times a submitted
AuthenticationToken
's credentials will be hashed before comparing to the credentials stored in the system. - setHashIterations(int) - Method in interface org.apache.shiro.crypto.hash.ConfigurableHashService
-
Sets the number of hash iterations that will be performed during hash computation.
- setHashIterations(int) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- setHashSalted(boolean) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Deprecated.since Shiro 1.1. Hash salting is now expected to be based on if the
AuthenticationInfo
returned from theRealm
is aSaltedAuthenticationInfo
instance and itsgetCredentialsSalt()
method returns a non-null value. This method and the 1.0 behavior still exists for backwards compatibility if theRealm
does not returnSaltedAuthenticationInfo
instances, but it is highly recommended thatRealm
implementations that support hashed credentials start returningSaltedAuthenticationInfo
instances as soon as possible. This is because salts should always be obtained from the stored account information and never be interpreted based on user/Subject-entered data. User-entered data is easier to compromise for attackers, whereas account-unique (and secure randomly-generated) salts never disseminated to the end-user are almost impossible to break. This method will be removed in Shiro 2.0. - setHashService(HashService) - Method in class org.apache.shiro.authc.credential.DefaultPasswordService
- setHazelcastInstance(HazelcastInstance) - Method in class org.apache.shiro.hazelcast.cache.HazelcastCacheManager
-
Sets the
HazelcastInstance
from which namedConcurrentMap
instances will be acquired to createMapCache
instances. - setHost(String) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets the host name or IP string from where the authentication attempt occurs.
- setHost(String) - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- setHost(String) - Method in interface org.apache.shiro.session.mgt.SessionContext
-
Sets the originating host name or IP address (as a String) from where the
Subject
is initiating theSession
. - setHost(String) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setHost(String) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the host name or IP that should reflect the constructed
Subject
's originating location. - setHost(String) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setHost(String) - Method in class org.apache.shiro.web.session.HttpServletSession
- setHostAddress(String) - Method in exception org.apache.shiro.authz.HostUnauthorizedException
-
Sets the host associated with this exception.
- setHsts(SslFilter.HSTS) - Method in class org.apache.shiro.web.filter.authz.SslFilter
- setHttp10Compatible(boolean) - Method in class org.apache.shiro.web.util.RedirectView
-
Set whether to stay compatible with HTTP 1.0 clients.
- setHttpOnly(boolean) - Method in interface org.apache.shiro.web.servlet.Cookie
- setHttpOnly(boolean) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setId(Serializable) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setIncludeSubDomains(boolean) - Method in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- setIni(Ini) - Method in class org.apache.shiro.config.IniFactorySupport
-
Deprecated.
- setIni(Ini) - Method in class org.apache.shiro.realm.text.IniRealm
-
Sets the Ini instance used to configure this realm.
- setIni(Ini) - Method in class org.apache.shiro.web.env.IniWebEnvironment
-
Allows for configuration via a direct
Ini
instance instead of viaconfig locations
. - setInitializationVectorSize(int) - Method in class org.apache.shiro.crypto.JcaCipherService
-
Sets the algorithm-specific initialization vector size in bits (not bytes!)
- setInterpolator(Interpolator) - Method in class org.apache.shiro.config.ReflectionBuilder
-
Sets the
Interpolator
used when evaluating the right side of the expressions. - setInterval(long) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- setIterations(int) - Method in class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Sets the number of requested hash iterations to be performed when computing the final
Hash
result. - setIterations(int) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Sets the iterations used to previously compute AN ALREADY GENERATED HASH.
- setJndiEnvironment(Properties) - Method in class org.apache.shiro.jndi.JndiLocator
-
Set the JNDI environment to use for JNDI lookups.
- setJndiNames(String) - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
-
Specifies a comma-delimited list of JNDI names to lookup, each one corresponding to a jndi-bound
Realm
. - setJndiNames(Collection<String>) - Method in class org.apache.shiro.realm.jndi.JndiRealmFactory
-
Sets the JNDI names that will be used to look up Realm(s) from JNDI.
- setJndiTemplate(JndiTemplate) - Method in class org.apache.shiro.jndi.JndiLocator
-
Set the JNDI template to use for JNDI lookups.
- setKeySize(int) - Method in class org.apache.shiro.crypto.JcaCipherService
-
Sets the size in bits (not bytes) of generated cipher keys.
- setLastAccessTime(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setLdapContextFactory(LdapContextFactory) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Configures the
LdapContextFactory
implementation that is used to create LDAP connections for authentication and authorization. - setLocked(boolean) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets whether or not the account is locked and can be used to login.
- setLoginUrl(String) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Sets the application's login URL to be assigned to all acquired Filters that subclass
AccessControlFilter
. - setLoginUrl(String) - Method in class org.apache.shiro.web.filter.AccessControlFilter
-
Sets the login URL used to authenticate a user.
- setLoginUrl(String) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
- setMaxAge(int) - Method in class org.apache.shiro.web.filter.authz.SslFilter.HSTS
- setMaxAge(int) - Method in interface org.apache.shiro.web.servlet.Cookie
- setMaxAge(int) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setMaxInactiveInterval(int) - Method in class org.apache.shiro.web.servlet.ShiroHttpSession
- setMethodInterceptors(Collection<AuthorizingAnnotationMethodInterceptor>) - Method in class org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor
-
Sets the method interceptors to execute for the annotated method.
- setMode(OperationMode) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
-
Sets the cipher operation mode of operation to be used when constructing the
Cipher
transformation string. - setModeName(String) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
-
Sets the cipher operation mode name to be used when constructing the
Cipher
transformation string. - setName(String) - Method in class org.apache.shiro.authz.SimpleRole
- setName(String) - Method in class org.apache.shiro.realm.AuthenticatingRealm
- setName(String) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setName(String) - Method in class org.apache.shiro.realm.CachingRealm
- setName(String) - Method in interface org.apache.shiro.util.Nameable
-
Sets the (preferably application unique) name for this component.
- setName(String) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- setName(String) - Method in interface org.apache.shiro.web.servlet.Cookie
- setName(String) - Method in class org.apache.shiro.web.servlet.NameableFilter
-
Sets the filter's name.
- setName(String) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setName(String) - Method in class org.apache.shiro.web.tags.PermissionTag
- setName(String) - Method in class org.apache.shiro.web.tags.RoleTag
- setObject(String, Object) - Method in class org.apache.shiro.env.DefaultEnvironment
- setObjectPermissions(Set<Permission>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets all object-based permissions assigned directly to this Account (not any of its realms).
- setObjectPermissions(Set<Permission>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Sets the object-based permissions assigned directly to the account.
- setObjects(Map<String, ?>) - Method in class org.apache.shiro.config.ReflectionBuilder
- setPaddingScheme(PaddingScheme) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
-
Sets the padding scheme to be used when constructing the
Cipher
transformation string. - setPaddingSchemeName(String) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- setParts(String) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- setParts(String, boolean) - Method in class org.apache.shiro.authz.permission.WildcardPermission
- setParts(String, Set<String>, Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setParts(List<Set<String>>) - Method in class org.apache.shiro.authz.permission.WildcardPermission
-
Sets the pre-split String parts of this
WildcardPermission
. - setPassword(char[]) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets the password for submission during an authentication attempt.
- setPasswordParam(String) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
-
Sets the request parameter name to look for when acquiring the password.
- setPasswordService(PasswordService) - Method in class org.apache.shiro.authc.credential.PasswordMatcher
- setPath(String) - Method in interface org.apache.shiro.web.servlet.Cookie
- setPath(String) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setPathMatcher(PatternMatcher) - Method in class org.apache.shiro.web.filter.mgt.PathMatchingFilterChainResolver
-
Sets the
PatternMatcher
used when determining if an incoming request's path matches a configured filter chain. - setPathSeparator(String) - Method in class org.apache.shiro.util.AntPathMatcher
-
Set the path separator to use for pattern parsing.
- setPermissionAttributeNames(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setPermissionResolver(PermissionResolver) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the specified
PermissionResolver
on all of the wrapped realms that implement thePermissionResolverAware
interface. - setPermissionResolver(PermissionResolver) - Method in interface org.apache.shiro.authz.permission.PermissionResolverAware
-
Sets the specified PermissionResolver on this instance.
- setPermissionResolver(PermissionResolver) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setPermissions(Set<Permission>) - Method in class org.apache.shiro.authz.SimpleRole
- setPermissionsLookupEnabled(boolean) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Enables lookup of permissions during authorization.
- setPermissionsQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Overrides the default query used to retrieve a user's permissions during authorization.
- setPoolingEnabled(boolean) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets whether or not connection pooling should be used when possible and appropriate.
- setPort(int) - Method in class org.apache.shiro.web.filter.authz.PortFilter
- setPostOnlyLogout(boolean) - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
-
Due to browser pre-fetching, using a GET requests for logout my cause a user to be logged accidentally, for example: out while typing in an address bar.
- setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the principals, aka the identifying attributes (username, user id, first name, last name, etc) of this Account.
- setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Sets the identifying principal(s) represented by this instance.
- setPrincipals(PrincipalCollection) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the principals (aka identity) that the constructed
Subject
should reflect. - setPrincipals(PrincipalCollection) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setPrincipalSuffix(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setPrincipalSuffix(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.A suffix appended to the username.
- setPrivateSalt(ByteSource) - Method in interface org.apache.shiro.crypto.hash.ConfigurableHashService
-
Sets the 'private' (internal) salt to be paired with a 'public' (random or supplied) salt during hash computation.
- setPrivateSalt(ByteSource) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- setProperty(String) - Method in class org.apache.shiro.web.tags.PrincipalTag
- setRandom(Random) - Method in class org.apache.shiro.session.mgt.eis.RandomSessionIdGenerator
- setRandomNumberGenerator(RandomNumberGenerator) - Method in interface org.apache.shiro.crypto.hash.ConfigurableHashService
-
Sets a source of randomness used to generate public salts that will in turn be used during hash computation.
- setRandomNumberGenerator(RandomNumberGenerator) - Method in class org.apache.shiro.crypto.hash.DefaultHashService
- setRealm(Realm) - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Convenience method for applications using a single realm that merely wraps the realm in a list and then invokes the
RealmSecurityManager.setRealms(java.util.Collection<org.apache.shiro.realm.Realm>)
method. - setRealmPrincipal(String, String, Object) - Method in interface org.apache.shiro.subject.PrincipalMap
- setRealmPrincipal(String, String, Object) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- setRealmPrincipals(String, Map<String, Object>) - Method in interface org.apache.shiro.subject.PrincipalMap
- setRealmPrincipals(String, Map<String, Object>) - Method in class org.apache.shiro.subject.SimplePrincipalMap
- setRealms(Collection<Realm>) - Method in class org.apache.shiro.authc.pam.ModularRealmAuthenticator
-
Sets all realms used by this Authenticator, providing PAM (Pluggable Authentication Module) configuration.
- setRealms(Collection<Realm>) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the realms wrapped by this
Authorizer
which are consulted during an authorization check. - setRealms(Collection<Realm>) - Method in class org.apache.shiro.mgt.RealmSecurityManager
-
Sets the realms managed by this SecurityManager instance.
- setRedirectUrl(String) - Method in class org.apache.shiro.web.filter.authc.LogoutFilter
-
Sets the URL to where the user will be redirected after logout.
- setReferral(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Sets the LDAP referral property.
- setReferral(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the LDAP referral behavior when creating a connection.
- setReflectionBuilder(ReflectionBuilder) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Sets the ReflectionBuilder that will be used to create the SecurityManager based on the contents of the Ini configuration.
- setReloadIntervalSeconds(int) - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Sets the interval in seconds at which the property file will be checked for changes and reloaded.
- setRememberMe(boolean) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets if the submitting user wishes their identity (principal(s)) to be remembered across sessions.
- setRememberMe(boolean) - Method in class org.apache.shiro.cas.CasToken
-
Deprecated.
- setRememberMeAttributeName(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setRememberMeManager(RememberMeManager) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- setRememberMeParam(String) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
-
Sets the request parameter name to look for when acquiring the rememberMe boolean value.
- setRequest(ServletRequest) - Method in class org.apache.shiro.web.subject.WebSubject.Builder
-
Called by the
WebSubject.Builder
constructor, this method places the request object in the context map for later retrieval. - setRequest(ShiroHttpServletRequest) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
- setRequiredType(Class<? extends T>) - Method in class org.apache.shiro.jndi.JndiObjectFactory
- setResolver(AnnotationResolver) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns the
AnnotationResolver
to use to acquire annotations from intercepted methods at runtime. - setResourceName(String) - Method in class org.apache.shiro.jndi.JndiObjectFactory
- setResourcePath(String) - Method in class org.apache.shiro.realm.text.IniRealm
- setResourcePath(String) - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Sets the path of the properties file to load user, role, and permission information from.
- setResourceRef(boolean) - Method in class org.apache.shiro.jndi.JndiLocator
-
Set whether the lookup occurs in a J2EE container, i.e. if the prefix "java:comp/env/" needs to be added if the JNDI name doesn't already contain it.
- setResources(Map<Object, Object>) - Static method in class org.apache.shiro.util.ThreadContext
-
Allows a caller to explicitly set the entire resource map.
- setResponse(ServletResponse) - Method in class org.apache.shiro.web.subject.WebSubject.Builder
-
Called by the
WebSubject.Builder
constructor, this method places the response object in the context map for later retrieval. - setRoleAttributeNames(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setRoleDefinitions(String) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
-
Sets a newline (\n) delimited String that defines role-to-permission definitions.
- setRolePermissionResolver(RolePermissionResolver) - Method in class org.apache.shiro.authz.ModularRealmAuthorizer
-
Sets the specified
RolePermissionResolver
on all of the wrapped realms that implement thePermissionResolverAware
interface. - setRolePermissionResolver(RolePermissionResolver) - Method in interface org.apache.shiro.authz.permission.RolePermissionResolverAware
-
Sets the specified RolePermissionResolver on this instance.
- setRolePermissionResolver(RolePermissionResolver) - Method in class org.apache.shiro.realm.AuthorizingRealm
- setRoles(Set<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the Account's assigned roles.
- setRoles(Set<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Sets the roles assigned to the account.
- setSalt(Object) - Method in class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Sets a salt to be used by the
HashService
during hash computation. - setSalt(ByteSource) - Method in class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Sets a salt to be used by the
HashService
during hash computation. - setSalt(ByteSource) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Sets the salt used to previously compute AN ALREADY GENERATED HASH.
- setSaltIsBase64Encoded(boolean) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Makes it possible to switch off base64 encoding of password salt.
- setSaltStyle(JdbcRealm.SaltStyle) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Sets the salt style.
- setSameSite(Cookie.SameSiteOptions) - Method in interface org.apache.shiro.web.servlet.Cookie
- setSameSite(Cookie.SameSiteOptions) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setScheduler(Scheduler) - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
- setSearchBase(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setSearchBase(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.this attribute existed, but was never used in Shiro 1.x. It will be removed prior to Shiro 2.0.
- setSearchFilter(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- setSearchPackages(Set<String>) - Method in class org.apache.shiro.crypto.hash.format.DefaultHashFormatFactory
-
Sets a set of package names that can be searched for
HashFormat
implementations according to heuristics defined in thegetHashFormat(packageName, token)
JavaDoc. - setSectionProperty(String, String, String) - Method in class org.apache.shiro.config.Ini
-
Sets a name/value pair for the section with the given
sectionName
. - setSecure(boolean) - Method in interface org.apache.shiro.web.servlet.Cookie
- setSecure(boolean) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setSecureRandom(SecureRandom) - Method in class org.apache.shiro.crypto.JcaCipherService
-
Sets a source of randomness for encryption operations.
- setSecureRandom(SecureRandom) - Method in class org.apache.shiro.crypto.SecureRandomNumberGenerator
-
Sets the
SecureRandom
to back this instance. - setSecurityManager(SecurityManager) - Method in class org.apache.shiro.env.DefaultEnvironment
- setSecurityManager(SecurityManager) - Static method in class org.apache.shiro.SecurityUtils
-
Sets a VM (static) singleton SecurityManager, specifically for transparent use in the
getSubject()
implementation. - setSecurityManager(SecurityManager) - Method in class org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor
- setSecurityManager(SecurityManager) - Method in class org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor
- setSecurityManager(SecurityManager) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Sets the application
SecurityManager
instance to be used by the constructed Shiro Filter. - setSecurityManager(SecurityManager) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the SecurityManager instance that should be used to back the constructed
Subject
instance (typically used to supportDelegatingSubject
implementations). - setSecurityManager(SecurityManager) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSecurityManager(SecurityManager) - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- setSecurityManager(WebSecurityManager) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
- setSecurityManagerFactory(WebIniSecurityManagerFactory) - Method in class org.apache.shiro.web.env.IniWebEnvironment
-
Allows for setting the SecurityManager factory which will be used to create the SecurityManager.
- setSecurityManagerName(String) - Method in class org.apache.shiro.env.DefaultEnvironment
-
Sets the name of the
SecurityManager
instance in the backing map. - setSeed(byte[]) - Method in class org.apache.shiro.crypto.SecureRandomNumberGenerator
-
Seeds the backing
SecureRandom
instance with additional seed data. - setSerializer(Serializer<PrincipalCollection>) - Method in class org.apache.shiro.mgt.AbstractRememberMeManager
-
Sets the
Serializer
used to serialize and deserializePrincipalCollection
instances for persistent remember me storage. - setServletContext(ServletContext) - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- setServletContext(ServletContext) - Method in interface org.apache.shiro.web.env.MutableWebEnvironment
-
Sets the
WebEnvironment
's associatedServletContext
instance. - setServletContext(ServletContext) - Method in class org.apache.shiro.web.servlet.ServletContextSupport
- setServletRequest(ServletRequest) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionContext
- setServletRequest(ServletRequest) - Method in interface org.apache.shiro.web.session.mgt.WebSessionContext
-
Sets the
ServletRequest
received by the servlet container triggering the creation of theSession
instance. - setServletRequest(ServletRequest) - Method in class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- setServletRequest(ServletRequest) - Method in interface org.apache.shiro.web.subject.WebSubjectContext
-
Sets the
ServletRequest
received by the servlet container triggering the creation of theSubject
instance. - setServletResponse(ServletResponse) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionContext
- setServletResponse(ServletResponse) - Method in interface org.apache.shiro.web.session.mgt.WebSessionContext
-
Sets the paired
ServletResponse
corresponding to the associatedservletRequest
. - setServletResponse(ServletResponse) - Method in class org.apache.shiro.web.subject.support.DefaultWebSubjectContext
- setServletResponse(ServletResponse) - Method in interface org.apache.shiro.web.subject.WebSubjectContext
-
Sets the paired
ServletResponse
corresponding to the associatedservletRequest
. - setSession(Session) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the
Session
to use when building theSubject
instance. - setSession(Session) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSessionCreationEnabled(boolean) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets whether or not the constructed
Subject
instance should be allowed to create a session,false
otherwise. - setSessionCreationEnabled(boolean) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSessionDAO(SessionDAO) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
- setSessionFactory(SessionFactory) - Method in class org.apache.shiro.session.mgt.DefaultSessionManager
-
Sets the
SessionFactory
used to generate newSession
instances. - setSessionId(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionContext
- setSessionId(Serializable) - Method in class org.apache.shiro.session.mgt.DefaultSessionKey
- setSessionId(Serializable) - Method in interface org.apache.shiro.session.mgt.SessionContext
- setSessionId(Serializable) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the session id of the session that should be associated with the constructed
Subject
instance. - setSessionId(Serializable) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSessionIdCookie(Cookie) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- setSessionIdCookieEnabled(boolean) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- setSessionIdGenerator(SessionIdGenerator) - Method in class org.apache.shiro.session.mgt.eis.AbstractSessionDAO
-
Sets the
SessionIdGenerator
used by theAbstractSessionDAO.generateSessionId(org.apache.shiro.session.Session)
method. - setSessionIdUrlRewritingEnabled(boolean) - Method in class org.apache.shiro.web.session.mgt.DefaultWebSessionManager
- setSessionListeners(Collection<SessionListener>) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- setSessionManager(SessionManager) - Method in class org.apache.shiro.mgt.SessionsSecurityManager
-
Sets the underlying delegate
SessionManager
instance that will be used to support this implementation's SessionManager method calls. - setSessionManager(SessionManager) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- setSessionManager(ValidatingSessionManager) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- setSessionManager(ValidatingSessionManager) - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
- setSessionMode(String) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
-
Deprecated.since 1.2
- setSessionStorageEnabled(boolean) - Method in class org.apache.shiro.mgt.DefaultSessionStorageEvaluator
-
Sets if any Subject's
Session
may be used to persist thatSubject
's state. - setSessionStorageEvaluator(SessionStorageEvaluator) - Method in class org.apache.shiro.mgt.DefaultSubjectDAO
-
Sets the
SessionStorageEvaluator
that will determine if aSubject
's state may be persisted in the Subject's session. - setSessionValidationInterval(long) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
-
If using the underlying default SessionValidationScheduler (that is, the
setSessionValidationScheduler
method is never called) , this method allows one to specify how frequently session should be validated (to check for orphans). - setSessionValidationInterval(long) - Method in class org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler
-
Specifies how frequently (in milliseconds) this Scheduler will call the
ValidatingSessionManager#validateSessions()
method. - setSessionValidationScheduler(SessionValidationScheduler) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- setSessionValidationSchedulerEnabled(boolean) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- setSingleton(boolean) - Method in class org.apache.shiro.util.AbstractFactory
- setSource(Object) - Method in class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Sets the source data that will be hashed by a
HashService
. - setSource(ByteSource) - Method in class org.apache.shiro.crypto.hash.HashRequest.Builder
-
Sets the source data that will be hashed by a
HashService
. - setStartTimestamp(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setStaticSecurityManagerEnabled(boolean) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Sets if the constructed
securityManager
reference should be bound to static memory (viaSecurityUtils.
setSecurityManager
). - setStopAfterFirstSuccess(boolean) - Method in class org.apache.shiro.authc.pam.FirstSuccessfulStrategy
- setStopTimestamp(Date) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setStoredCredentialsHexEncoded(boolean) - Method in class org.apache.shiro.authc.credential.HashedCredentialsMatcher
-
Sets the indicator if this system's stored credential hash is Hex encoded or not.
- setStreamingBlockSize(int) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- setStreamingBufferSize(int) - Method in class org.apache.shiro.crypto.JcaCipherService
-
Sets the size in bytes of the internal buffer used to transfer data from one stream to another during stream operations (
JcaCipherService.encrypt(java.io.InputStream, java.io.OutputStream, byte[])
andJcaCipherService.decrypt(java.io.InputStream, java.io.OutputStream, byte[])
). - setStreamingMode(OperationMode) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
-
Sets the transformation string mode to be used for streaming operations only.
- setStreamingModeName(String) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
-
Sets the transformation string mode name to be used for streaming operations only.
- setStreamingPaddingScheme(PaddingScheme) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- setStreamingPaddingSchemeName(String) - Method in class org.apache.shiro.crypto.DefaultBlockCipherService
- setStringPermissions(Set<String>) - Method in class org.apache.shiro.authc.SimpleAccount
-
Sets the String-based permissions assigned to this Account.
- setStringPermissions(Set<String>) - Method in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Sets the string-based permissions assigned directly to the account.
- setSubject(Subject) - Method in interface org.apache.shiro.subject.SubjectContext
-
Sets the existing
Subject
that may be in use at the time the newSubject
instance is being created. - setSubject(Subject) - Method in class org.apache.shiro.subject.support.DefaultSubjectContext
- setSubjectDAO(SubjectDAO) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Sets the
SubjectDAO
responsible for persisting Subject state, typically used after login or when an Subject identity is discovered (eg after RememberMe services). - setSubjectDAO(SubjectDAO) - Method in class org.apache.shiro.web.mgt.DefaultWebSecurityManager
- setSubjectFactory(SubjectFactory) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Sets the
SubjectFactory
responsible for creatingSubject
instances exposed to the application. - setSuccessUrl(String) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Sets the application's after-login success URL to be assigned to all acquired Filters that subclass
AuthenticationFilter
. - setSuccessUrl(String) - Method in class org.apache.shiro.web.filter.authc.AuthenticationFilter
-
Sets the default/fallback success url to use as the default location a user is sent after logging in.
- setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The system password that will be used when connecting to the LDAP server to retrieve authorization information about a user.
- setSystemPassword(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the password of the
systemUsername
that will be used when creating an LDAP connection used for authorization queries. - setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The system username that will be used when connecting to the LDAP server to retrieve authorization information about a user.
- setSystemUsername(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Sets the system username that will be used when creating an LDAP connection used for authorization queries.
- setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutor
-
Sets target Executor instance that will actually execute the subject-associated Runnable instances.
- setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- setTargetExecutor(Executor) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- setTargetExecutorService(ExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- setTargetExecutorService(ExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- setTargets(Set<String>) - Method in class org.apache.shiro.authz.permission.DomainPermission
- setTargetScheduledExecutorService(ScheduledExecutorService) - Method in class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- setThreadNamePrefix(String) - Method in class org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler
- setTimeout(long) - Method in class org.apache.shiro.session.mgt.DelegatingSession
- setTimeout(long) - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - setTimeout(long) - Method in class org.apache.shiro.session.mgt.SimpleSession
- setTimeout(long) - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- setTimeout(long) - Method in interface org.apache.shiro.session.Session
-
Sets the time in milliseconds that the session may remain idle before expiring.
- setTimeout(long) - Method in class org.apache.shiro.web.session.HttpServletSession
- setTimeout(SessionKey, long) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- setTimeout(SessionKey, long) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Sets the time in milliseconds that the associated session may remain idle before expiring.
- setType(String) - Method in class org.apache.shiro.web.tags.PrincipalTag
- setUnauthorizedUrl(String) - Method in class org.apache.shiro.spring.web.ShiroFilterFactoryBean
-
Sets the application's 'unauthorized' URL to be assigned to all acquired Filters that subclass
AuthorizationFilter
. - setUnauthorizedUrl(String) - Method in class org.apache.shiro.web.filter.authz.AuthorizationFilter
-
Sets the URL to which users should be redirected if they are denied access to an underlying path or resource.
- setUrl(String) - Method in class org.apache.shiro.realm.ldap.AbstractLdapRealm
-
Used when initializing the default
LdapContextFactory
. - setUrl(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The LDAP url to connect to.
- setUrl(String) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
The LDAP url to connect to.
- setUrl(String) - Method in class org.apache.shiro.web.util.RedirectView
- setUsePooling(boolean) - Method in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.Determines whether or not LdapContext pooling is enabled for connections made using the system user account.
- setUserDefinitions(String) - Method in class org.apache.shiro.realm.text.TextConfigurationRealm
-
Sets a newline (\n) delimited String that defines user-to-password-and-role(s) key/value pairs according to the following format:
- setUserDnTemplate(String) - Method in class org.apache.shiro.realm.ldap.DefaultLdapRealm
-
Sets the User Distinguished Name (DN) template to use when creating User DNs at runtime.
- setUserId(String) - Method in class org.apache.shiro.cas.CasToken
-
Deprecated.
- setUsername(String) - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Sets the username for submission during an authentication attempt.
- setUsernameParam(String) - Method in class org.apache.shiro.web.filter.authc.FormAuthenticationFilter
-
Sets the request parameter name to look for when acquiring the username.
- setUserRolesQuery(String) - Method in class org.apache.shiro.realm.jdbc.JdbcRealm
-
Overrides the default query used to retrieve a user's roles during authorization.
- setUseXmlFormat(boolean) - Method in class org.apache.shiro.realm.text.PropertiesRealm
-
Determines whether or not the properties XML format should be used.
- setValidationProtocol(String) - Method in class org.apache.shiro.cas.CasRealm
-
Deprecated.
- setValue(String) - Method in interface org.apache.shiro.web.servlet.Cookie
- setValue(String) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setVersion(int) - Method in interface org.apache.shiro.web.servlet.Cookie
- setVersion(int) - Method in class org.apache.shiro.web.servlet.SimpleCookie
- setWebSecurityManager(WebSecurityManager) - Method in class org.apache.shiro.web.env.DefaultWebEnvironment
- setWebSecurityManager(WebSecurityManager) - Method in interface org.apache.shiro.web.env.MutableWebEnvironment
-
Sets the
WebEnvironment
'sWebSecurityManager
. - Sha1CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha1CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha1CredentialsMatcher
-
Deprecated.
- Sha1Hash - Class in org.apache.shiro.crypto.hash
-
Generates an SHA-1 Hash (Secure Hash Standard, NIST FIPS 180-1) from a given input source with an optional salt and hash iterations.
- Sha1Hash() - Constructor for class org.apache.shiro.crypto.hash.Sha1Hash
- Sha1Hash(Object) - Constructor for class org.apache.shiro.crypto.hash.Sha1Hash
- Sha1Hash(Object, Object) - Constructor for class org.apache.shiro.crypto.hash.Sha1Hash
- Sha1Hash(Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.Sha1Hash
- Sha256CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha256CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha256CredentialsMatcher
-
Deprecated.
- Sha256Hash - Class in org.apache.shiro.crypto.hash
-
Generates an SHA-256 Hash from a given input source with an optional salt and hash iterations.
- Sha256Hash() - Constructor for class org.apache.shiro.crypto.hash.Sha256Hash
- Sha256Hash(Object) - Constructor for class org.apache.shiro.crypto.hash.Sha256Hash
- Sha256Hash(Object, Object) - Constructor for class org.apache.shiro.crypto.hash.Sha256Hash
- Sha256Hash(Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.Sha256Hash
- Sha384CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha384CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha384CredentialsMatcher
-
Deprecated.
- Sha384Hash - Class in org.apache.shiro.crypto.hash
-
Generates an SHA-384 Hash from a given input source with an optional salt and hash iterations.
- Sha384Hash() - Constructor for class org.apache.shiro.crypto.hash.Sha384Hash
- Sha384Hash(Object) - Constructor for class org.apache.shiro.crypto.hash.Sha384Hash
- Sha384Hash(Object, Object) - Constructor for class org.apache.shiro.crypto.hash.Sha384Hash
- Sha384Hash(Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.Sha384Hash
- Sha512CredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Deprecated.since 1.1 - use the HashedCredentialsMatcher directly and set its
hashAlgorithmName
property. - Sha512CredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.Sha512CredentialsMatcher
-
Deprecated.
- Sha512Hash - Class in org.apache.shiro.crypto.hash
-
Generates an SHA-512 Hash from a given input source with an optional salt and hash iterations.
- Sha512Hash() - Constructor for class org.apache.shiro.crypto.hash.Sha512Hash
- Sha512Hash(Object) - Constructor for class org.apache.shiro.crypto.hash.Sha512Hash
- Sha512Hash(Object, Object) - Constructor for class org.apache.shiro.crypto.hash.Sha512Hash
- Sha512Hash(Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.Sha512Hash
- SHIRO1 - org.apache.shiro.crypto.hash.format.ProvidedHashFormat
-
Value representing the
Shiro1CryptFormat
implementation. - Shiro1CryptFormat - Class in org.apache.shiro.crypto.hash.format
-
The
Shiro1CryptFormat
is a fully reversible Modular Crypt Format (MCF). - Shiro1CryptFormat() - Constructor for class org.apache.shiro.crypto.hash.format.Shiro1CryptFormat
- ShiroAnnotationAuthorizingAspect - Class in org.apache.shiro.aspectj
-
Aspect that adds a before advice for each invocation of an annotated method.
- ShiroAnnotationAuthorizingAspect() - Constructor for class org.apache.shiro.aspectj.ShiroAnnotationAuthorizingAspect
- ShiroAnnotationFilterFeature - Class in org.apache.shiro.web.jaxrs
-
Wraps
filters
around JAX-RS resources that are annotated with Shiro annotations. - ShiroAnnotationFilterFeature() - Constructor for class org.apache.shiro.web.jaxrs.ShiroAnnotationFilterFeature
- ShiroAnnotationProcessorAutoConfiguration - Class in org.apache.shiro.spring.boot.autoconfigure
- ShiroAnnotationProcessorAutoConfiguration() - Constructor for class org.apache.shiro.spring.boot.autoconfigure.ShiroAnnotationProcessorAutoConfiguration
- ShiroAnnotationProcessorConfiguration - Class in org.apache.shiro.spring.config
- ShiroAnnotationProcessorConfiguration() - Constructor for class org.apache.shiro.spring.config.ShiroAnnotationProcessorConfiguration
- ShiroAopModule - Class in org.apache.shiro.guice.aop
-
Install this module to enable Shiro AOP functionality in Guice.
- ShiroAopModule() - Constructor for class org.apache.shiro.guice.aop.ShiroAopModule
- ShiroAutoConfiguration - Class in org.apache.shiro.spring.boot.autoconfigure
- ShiroAutoConfiguration() - Constructor for class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- ShiroBeanAutoConfiguration - Class in org.apache.shiro.spring.boot.autoconfigure
- ShiroBeanAutoConfiguration() - Constructor for class org.apache.shiro.spring.boot.autoconfigure.ShiroBeanAutoConfiguration
- ShiroBeanConfiguration - Class in org.apache.shiro.spring.config
- ShiroBeanConfiguration() - Constructor for class org.apache.shiro.spring.config.ShiroBeanConfiguration
- ShiroConfiguration - Class in org.apache.shiro.spring.config
- ShiroConfiguration() - Constructor for class org.apache.shiro.spring.config.ShiroConfiguration
- shiroEventBusAwareBeanPostProcessor() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroBeanAutoConfiguration
- shiroEventBusAwareBeanPostProcessor() - Method in class org.apache.shiro.spring.config.AbstractShiroBeanConfiguration
- shiroEventBusAwareBeanPostProcessor() - Method in class org.apache.shiro.spring.config.ShiroBeanConfiguration
- ShiroEventBusBeanPostProcessor - Class in org.apache.shiro.spring
- ShiroEventBusBeanPostProcessor(EventBus) - Constructor for class org.apache.shiro.spring.ShiroEventBusBeanPostProcessor
- ShiroException - Exception in org.apache.shiro
-
Root exception for all Shiro runtime exceptions.
- ShiroException() - Constructor for exception org.apache.shiro.ShiroException
-
Creates a new ShiroException.
- ShiroException(String) - Constructor for exception org.apache.shiro.ShiroException
-
Constructs a new ShiroException.
- ShiroException(String, Throwable) - Constructor for exception org.apache.shiro.ShiroException
-
Constructs a new ShiroException.
- ShiroException(Throwable) - Constructor for exception org.apache.shiro.ShiroException
-
Constructs a new ShiroException.
- ShiroFeature - Class in org.apache.shiro.web.jaxrs
-
Shiro JAX-RS feature which includes
ExceptionMapper
,SubjectPrincipalRequestFilter
, andShiroAnnotationFilterFeature
. - ShiroFeature() - Constructor for class org.apache.shiro.web.jaxrs.ShiroFeature
- ShiroFilter - Class in org.apache.shiro.web.servlet
-
Primary Shiro Filter for web applications configuring Shiro via Servlet <listener> in web.xml.
- ShiroFilter() - Constructor for class org.apache.shiro.web.servlet.ShiroFilter
- shiroFilterChainDefinition - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- shiroFilterChainDefinition() - Method in class org.apache.shiro.samples.WebApp
- shiroFilterChainDefinition() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- shiroFilterChainDefinition() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- shiroFilterChainDefinition() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- ShiroFilterChainDefinition - Interface in org.apache.shiro.spring.web.config
- shiroFilterFactoryBean() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebFilterConfiguration
- shiroFilterFactoryBean() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- shiroFilterFactoryBean() - Method in class org.apache.shiro.spring.web.config.ShiroWebFilterConfiguration
- ShiroFilterFactoryBean - Class in org.apache.shiro.spring.web
-
FactoryBean
to be used in Spring-based web applications for defining the master Shiro Filter. - ShiroFilterFactoryBean() - Constructor for class org.apache.shiro.spring.web.ShiroFilterFactoryBean
- ShiroHttpServletRequest - Class in org.apache.shiro.web.servlet
-
A
ShiroHttpServletRequest
wraps the Servlet container's originalServletRequest
instance, but ensures that allHttpServletRequest
invocations that require Shiro's support (getRemoteUser
,getSession
, etc) can be executed first by Shiro as necessary before allowing the underlying Servlet container instance's method to be invoked. - ShiroHttpServletRequest(HttpServletRequest, ServletContext, boolean) - Constructor for class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- ShiroHttpServletResponse - Class in org.apache.shiro.web.servlet
-
HttpServletResponse implementation to support URL Encoding of Shiro Session IDs.
- ShiroHttpServletResponse(HttpServletResponse, ServletContext, ShiroHttpServletRequest) - Constructor for class org.apache.shiro.web.servlet.ShiroHttpServletResponse
- ShiroHttpSession - Class in org.apache.shiro.web.servlet
-
Wrapper class that uses a Shiro
Session
under the hood for all session operations instead of the Servlet Container's session mechanism. - ShiroHttpSession(Session, HttpServletRequest, ServletContext) - Constructor for class org.apache.shiro.web.servlet.ShiroHttpSession
- ShiroModule - Class in org.apache.shiro.guice
-
Sets up Shiro lifecycles within Guice, enables the injecting of Shiro objects, and binds a default
SecurityManager
andSessionManager
. - ShiroModule() - Constructor for class org.apache.shiro.guice.ShiroModule
- ShiroNoRealmConfiguredFailureAnalyzer - Class in org.apache.shiro.spring.boot.autoconfigure
- ShiroNoRealmConfiguredFailureAnalyzer() - Constructor for class org.apache.shiro.spring.boot.autoconfigure.ShiroNoRealmConfiguredFailureAnalyzer
- ShiroRequestMappingConfig - Class in org.apache.shiro.spring.web.config
- ShiroRequestMappingConfig(RequestMappingHandlerMapping) - Constructor for class org.apache.shiro.spring.web.config.ShiroRequestMappingConfig
- ShiroSecurityContext - Class in org.apache.shiro.web.jaxrs
- ShiroSecurityContext(ContainerRequestContext) - Constructor for class org.apache.shiro.web.jaxrs.ShiroSecurityContext
- ShiroSessionScope - Class in org.apache.shiro.guice
-
Guice scope for Shiro sessions.
- ShiroSessionScope() - Constructor for class org.apache.shiro.guice.ShiroSessionScope
- shiroUrlPathHelper() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- shiroUrlPathHelper() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- shiroUrlPathHelper() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- ShiroUrlPathHelper - Class in org.apache.shiro.spring.web
-
A Spring UrlPathHelper that uses Shiro's path resolution logic.
- ShiroUrlPathHelper() - Constructor for class org.apache.shiro.spring.web.ShiroUrlPathHelper
- ShiroWebAutoConfiguration - Class in org.apache.shiro.spring.config.web.autoconfigure
- ShiroWebAutoConfiguration() - Constructor for class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- ShiroWebConfiguration - Class in org.apache.shiro.spring.web.config
- ShiroWebConfiguration() - Constructor for class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- ShiroWebFilterConfiguration - Class in org.apache.shiro.spring.config.web.autoconfigure
- ShiroWebFilterConfiguration - Class in org.apache.shiro.spring.web.config
- ShiroWebFilterConfiguration() - Constructor for class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebFilterConfiguration
- ShiroWebFilterConfiguration() - Constructor for class org.apache.shiro.spring.web.config.ShiroWebFilterConfiguration
- ShiroWebModule - Class in org.apache.shiro.guice.web
-
Sets up Shiro lifecycles within Guice, enables the injecting of Shiro objects, and binds a default
WebSecurityManager
,SecurityManager
andSessionManager
. - ShiroWebModule(ServletContext) - Constructor for class org.apache.shiro.guice.web.ShiroWebModule
- ShiroWebModule.FilterConfig<T extends Filter> - Class in org.apache.shiro.guice.web
-
Filter configuration which pairs a Filter class with its configuration used on a path.
- ShiroWebMvcAutoConfiguration - Class in org.apache.shiro.spring.config.web.autoconfigure
- ShiroWebMvcAutoConfiguration() - Constructor for class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebMvcAutoConfiguration
- ShortCircuitIterationException - Exception in org.apache.shiro.authc.pam
-
Exception thrown during the authentication process using
FirstSuccessfulStrategy
, withstopAfterFirstSuccess
set. - ShortCircuitIterationException() - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Creates a new ShortCircuitIterationException.
- ShortCircuitIterationException(String) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Constructs a new ShortCircuitIterationException.
- ShortCircuitIterationException(String, Throwable) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Constructs a new ShortCircuitIterationException.
- ShortCircuitIterationException(Throwable) - Constructor for exception org.apache.shiro.authc.pam.ShortCircuitIterationException
-
Constructs a new ShortCircuitIterationException.
- shouldImplicitlyCreateRealm(Ini) - Method in class org.apache.shiro.config.IniSecurityManagerFactory
-
Deprecated.Returns
true
if the Ini contains account data and aRealm
should be implicitlycreated
to reflect the account data,false
if no realm should be implicitly created. - shouldNotFilter(ServletRequest) - Method in class org.apache.shiro.web.servlet.OncePerRequestFilter
-
Deprecated.in favor of overriding
OncePerRequestFilter.isEnabled(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
for custom behavior. This method will be removed in Shiro 2.0. - showTagBody(String) - Method in class org.apache.shiro.web.tags.HasAnyRolesTag
- showTagBody(String) - Method in class org.apache.shiro.web.tags.HasPermissionTag
- showTagBody(String) - Method in class org.apache.shiro.web.tags.HasRoleTag
- showTagBody(String) - Method in class org.apache.shiro.web.tags.LacksPermissionTag
- showTagBody(String) - Method in class org.apache.shiro.web.tags.LacksRoleTag
- showTagBody(String) - Method in class org.apache.shiro.web.tags.PermissionTag
- showTagBody(String) - Method in class org.apache.shiro.web.tags.RoleTag
- shutdown() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- shutdownNow() - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SIMPLE_AUTHENTICATION_MECHANISM_NAME - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
- SimpleAccount - Class in org.apache.shiro.authc
-
Simple implementation of the
Account
interface that contains principal and credential and authorization information (roles and permissions) as instance variables and exposes them via getters and setters using standard JavaBean notation. - SimpleAccount() - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Default no-argument constructor.
- SimpleAccount(Object, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
- SimpleAccount(Object, Object, String, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principal and credentials, with the the assigned roles and permissions.
- SimpleAccount(Object, Object, ByteSource, String) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals, hashedCredentials and credentials salt used when hashing the credentials.
- SimpleAccount(Collection, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials.
- SimpleAccount(Collection, Object, String, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified realm with the given principals and credentials, with the the assigned roles and permissions.
- SimpleAccount(PrincipalCollection, Object) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified principals and credentials.
- SimpleAccount(PrincipalCollection, Object, Set<String>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified principals and credentials, with the assigned roles.
- SimpleAccount(PrincipalCollection, Object, Set<String>, Set<Permission>) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance from the given principals and credentials, with the the assigned roles and permissions.
- SimpleAccount(PrincipalCollection, Object, ByteSource) - Constructor for class org.apache.shiro.authc.SimpleAccount
-
Constructs a SimpleAccount instance for the specified principals and credentials.
- SimpleAccountRealm - Class in org.apache.shiro.realm
-
A simple implementation of the
Realm
interface that uses a set of configured user accounts and roles to support authentication and authorization. - SimpleAccountRealm() - Constructor for class org.apache.shiro.realm.SimpleAccountRealm
- SimpleAccountRealm(String) - Constructor for class org.apache.shiro.realm.SimpleAccountRealm
- SimpleAuthenticationInfo - Class in org.apache.shiro.authc
-
Simple implementation of the
MergableAuthenticationInfo
interface that holds the principals and credentials. - SimpleAuthenticationInfo() - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Default no-argument constructor.
- SimpleAuthenticationInfo(Object, Object, String) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in a single 'primary' principal of the account and its corresponding credentials, associated with the specified realm.
- SimpleAuthenticationInfo(Object, Object, ByteSource, String) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in a single 'primary' principal of the account, its corresponding hashed credentials, the salt used to hash the credentials, and the name of the realm to associate with the principals.
- SimpleAuthenticationInfo(PrincipalCollection, Object) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in an account's identifying principal(s) and its corresponding credentials that verify the principals.
- SimpleAuthenticationInfo(PrincipalCollection, Object, ByteSource) - Constructor for class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Constructor that takes in an account's identifying principal(s), hashed credentials used to verify the principals, and the salt used when hashing the credentials.
- SimpleAuthorizationInfo - Class in org.apache.shiro.authz
-
Simple POJO implementation of the
AuthorizationInfo
interface that stores roles and permissions as internal attributes. - SimpleAuthorizationInfo() - Constructor for class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Default no-argument constructor.
- SimpleAuthorizationInfo(Set<String>) - Constructor for class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Creates a new instance with the specified roles and no permissions.
- SimpleByteSource - Class in org.apache.shiro.util
-
Very simple
ByteSource
implementation that maintains an internalbyte[]
array and uses theHex
andBase64
codec classes to support thetoHex()
andtoBase64()
implementations. - SimpleByteSource(byte[]) - Constructor for class org.apache.shiro.util.SimpleByteSource
- SimpleByteSource(char[]) - Constructor for class org.apache.shiro.util.SimpleByteSource
-
Creates an instance by converting the characters to a byte array (assumes UTF-8 encoding).
- SimpleByteSource(File) - Constructor for class org.apache.shiro.util.SimpleByteSource
-
Creates an instance by converting the file to a byte array.
- SimpleByteSource(InputStream) - Constructor for class org.apache.shiro.util.SimpleByteSource
-
Creates an instance by converting the stream to a byte array.
- SimpleByteSource(String) - Constructor for class org.apache.shiro.util.SimpleByteSource
-
Creates an instance by converting the String to a byte array (assumes UTF-8 encoding).
- SimpleByteSource(ByteSource) - Constructor for class org.apache.shiro.util.SimpleByteSource
-
Creates an instance using the sources bytes directly - it does not create a copy of the argument's byte array.
- SimpleCookie - Class in org.apache.shiro.web.servlet
-
Default
Cookie
implementation. - SimpleCookie() - Constructor for class org.apache.shiro.web.servlet.SimpleCookie
- SimpleCookie(String) - Constructor for class org.apache.shiro.web.servlet.SimpleCookie
- SimpleCookie(Cookie) - Constructor for class org.apache.shiro.web.servlet.SimpleCookie
- SimpleCredentialsMatcher - Class in org.apache.shiro.authc.credential
-
Simple CredentialsMatcher implementation.
- SimpleCredentialsMatcher() - Constructor for class org.apache.shiro.authc.credential.SimpleCredentialsMatcher
- SimpleHash - Class in org.apache.shiro.crypto.hash
-
A
Hash
implementation that allows anyMessageDigest
algorithm name to be used. - SimpleHash(String) - Constructor for class org.apache.shiro.crypto.hash.SimpleHash
-
Creates an new instance with only its
algorithmName
set - no hashing is performed. - SimpleHash(String, Object) - Constructor for class org.apache.shiro.crypto.hash.SimpleHash
-
Creates an
algorithmName
-specific hash of the specifiedsource
with nosalt
using a single hash iteration. - SimpleHash(String, Object, Object) - Constructor for class org.apache.shiro.crypto.hash.SimpleHash
-
Creates an
algorithmName
-specific hash of the specifiedsource
using the givensalt
using a single hash iteration. - SimpleHash(String, Object, Object, int) - Constructor for class org.apache.shiro.crypto.hash.SimpleHash
-
Creates an
algorithmName
-specific hash of the specifiedsource
using the givensalt
a total ofhashIterations
times. - SimpleHashRequest - Class in org.apache.shiro.crypto.hash
-
Simple implementation of
HashRequest
that can be used when interacting with aHashService
. - SimpleHashRequest(String, ByteSource, ByteSource, int) - Constructor for class org.apache.shiro.crypto.hash.SimpleHashRequest
-
Creates a new SimpleHashRequest instance.
- SimpleNamedFilterList - Class in org.apache.shiro.web.filter.mgt
- SimpleNamedFilterList(String) - Constructor for class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
-
Creates a new
SimpleNamedFilterList
instance with the specifiedname
, defaulting to a newArrayList
instance as the backing list. - SimpleNamedFilterList(String, List<Filter>) - Constructor for class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
-
Creates a new
SimpleNamedFilterList
instance with the specifiedname
andbackingList
. - SimplePrincipalCollection - Class in org.apache.shiro.subject
-
A simple implementation of the
MutablePrincipalCollection
interface that tracks principals internally by storing them in aLinkedHashMap
. - SimplePrincipalCollection() - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalCollection(Object, String) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalCollection(Collection, String) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalCollection(PrincipalCollection) - Constructor for class org.apache.shiro.subject.SimplePrincipalCollection
- SimplePrincipalMap - Class in org.apache.shiro.subject
-
Default implementation of the
PrincipalMap
interface. - SimplePrincipalMap() - Constructor for class org.apache.shiro.subject.SimplePrincipalMap
- SimplePrincipalMap(Map<String, Map<String, Object>>) - Constructor for class org.apache.shiro.subject.SimplePrincipalMap
- SimpleRole - Class in org.apache.shiro.authz
-
A simple representation of a security role that has a name and a collection of permissions.
- SimpleRole() - Constructor for class org.apache.shiro.authz.SimpleRole
- SimpleRole(String) - Constructor for class org.apache.shiro.authz.SimpleRole
- SimpleRole(String, Set<Permission>) - Constructor for class org.apache.shiro.authz.SimpleRole
- SimpleService - Class in org.apache.shiro.samples
-
Simple Service with methods protected with annotations.
- SimpleService() - Constructor for class org.apache.shiro.samples.SimpleService
- SimpleSession - Class in org.apache.shiro.session.mgt
-
Simple
Session
JavaBeans-compatible POJO implementation, intended to be used on the business/server tier. - SimpleSession() - Constructor for class org.apache.shiro.session.mgt.SimpleSession
- SimpleSession(String) - Constructor for class org.apache.shiro.session.mgt.SimpleSession
- SimpleSessionFactory - Class in org.apache.shiro.session.mgt
-
SessionFactory
implementation that generatesSimpleSession
instances. - SimpleSessionFactory() - Constructor for class org.apache.shiro.session.mgt.SimpleSessionFactory
- SingleArgumentMethodEventListener - Class in org.apache.shiro.event.support
-
A event listener that invokes a target object's method that accepts a single event argument.
- SingleArgumentMethodEventListener(Object, Method) - Constructor for class org.apache.shiro.event.support.SingleArgumentMethodEventListener
- size() - Method in interface org.apache.shiro.cache.Cache
-
Returns the number of entries in the cache.
- size() - Method in class org.apache.shiro.cache.ehcache.EhCache
- size() - Method in class org.apache.shiro.cache.MapCache
- size() - Method in class org.apache.shiro.config.Ini.Section
- size() - Method in class org.apache.shiro.config.Ini
- size() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- size() - Method in class org.apache.shiro.util.MapContext
- size() - Method in class org.apache.shiro.util.SoftHashMap
- size() - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- size(Collection) - Static method in class org.apache.shiro.util.CollectionUtils
-
Returns the size of the specified collection or
0
if the collection isnull
. - size(Map) - Static method in class org.apache.shiro.util.CollectionUtils
-
Returns the size of the specified map or
0
if the map isnull
. - SoftHashMap<K,V> - Class in org.apache.shiro.util
-
A
SoftHashMap
is a memory-constrained map that stores its values inSoftReference
s. - SoftHashMap() - Constructor for class org.apache.shiro.util.SoftHashMap
-
Creates a new SoftHashMap with a default retention size size of
DEFAULT_RETENTION_SIZE
(100 entries). - SoftHashMap(int) - Constructor for class org.apache.shiro.util.SoftHashMap
-
Creates a new SoftHashMap with the specified retention size.
- SoftHashMap(Map<K, V>) - Constructor for class org.apache.shiro.util.SoftHashMap
-
Creates a
SoftHashMap
backed by the specifiedsource
, with a default retention size ofDEFAULT_RETENTION_SIZE
(100 entries). - SoftHashMap(Map<K, V>, int) - Constructor for class org.apache.shiro.util.SoftHashMap
-
Creates a
SoftHashMap
backed by the specifiedsource
, with the specified retention size. - split(String) - Static method in class org.apache.shiro.util.StringUtils
- split(String, char) - Static method in class org.apache.shiro.util.StringUtils
- split(String, char, char) - Static method in class org.apache.shiro.util.StringUtils
- split(String, char, char, char) - Static method in class org.apache.shiro.util.StringUtils
- split(String, char, char, char, boolean, boolean) - Static method in class org.apache.shiro.util.StringUtils
-
Splits the specified delimited String into tokens, supporting quoted tokens so that quoted strings themselves won't be tokenized.
- splitChainDefinition(String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
-
Splits the comma-delimited filter chain definition line into individual filter definition tokens.
- splitKeyValue(String) - Static method in class org.apache.shiro.config.Ini.Section
- splitKeyValue(String) - Static method in class org.apache.shiro.util.StringUtils
- splitToSet(String, String) - Static method in class org.apache.shiro.util.StringUtils
-
Splits the
delimited
string (delimited by the specifiedseparator
character) and returns the delimited values as aSet
. - SpringAnnotationResolver - Class in org.apache.shiro.spring.aop
-
AnnotationResolver
implementation that uses Spring's more robustAnnotationUtils
to find method annotations instead of the JDKs simpler (and rather lacking)Method
.getAnnotation(class)
implementation. - SpringAnnotationResolver() - Constructor for class org.apache.shiro.spring.aop.SpringAnnotationResolver
- ssl - org.apache.shiro.web.filter.mgt.DefaultFilter
- SSL - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- SSL3 - org.apache.shiro.crypto.PaddingScheme
-
Padding scheme defined in the SSL 3.0 specification, section
5.2.3.2 (CBC block cipher)
. - SslFilter - Class in org.apache.shiro.web.filter.authz
-
Filter which requires a request to be over SSL.
- SslFilter() - Constructor for class org.apache.shiro.web.filter.authz.SslFilter
- SslFilter.HSTS - Class in org.apache.shiro.web.filter.authz
-
Helper class for HTTP Strict Transport Security (HSTS)
- start(SessionContext) - Method in class org.apache.shiro.mgt.SessionsSecurityManager
- start(SessionContext) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- start(SessionContext) - Method in interface org.apache.shiro.session.mgt.SessionManager
-
Starts a new session based on the specified contextual initialization data, which can be used by the underlying implementation to determine how exactly to create the internal Session instance.
- start(SessionContext) - Method in class org.apache.shiro.web.session.mgt.ServletContainerSessionManager
- startContainer() - Static method in class org.apache.shiro.testing.web.AbstractContainerIT
- startReloadThread() - Method in class org.apache.shiro.realm.text.PropertiesRealm
- startsWithIgnoreCase(String, String) - Static method in class org.apache.shiro.util.StringUtils
-
Test if the given String starts with the specified prefix, ignoring upper/lower case.
- state(boolean) - Static method in class org.apache.shiro.util.Assert
-
Assert a boolean expression, throwing
IllegalStateException
if the test result isfalse
. - state(boolean, String) - Static method in class org.apache.shiro.util.Assert
-
Assert a boolean expression, throwing
IllegalStateException
if the test result isfalse
. - stop() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- stop() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - stop() - Method in class org.apache.shiro.session.mgt.SimpleSession
- stop() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- stop() - Method in interface org.apache.shiro.session.Session
-
Explicitly stops (invalidates) this session and releases all associated resources.
- stop() - Method in class org.apache.shiro.web.session.HttpServletSession
- stop(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- stop(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Explicitly stops the associated session, thereby releasing all of its resources.
- stopContainer() - Static method in class org.apache.shiro.testing.web.AbstractContainerIT
- StoppedSessionException - Exception in org.apache.shiro.session
-
Exception thrown when attempting to interact with the system under a session that has been stopped.
- StoppedSessionException() - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Creates a new StoppedSessionException.
- StoppedSessionException(String) - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Constructs a new StoppedSessionException.
- StoppedSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Constructs a new StoppedSessionException.
- StoppedSessionException(Throwable) - Constructor for exception org.apache.shiro.session.StoppedSessionException
-
Constructs a new StoppedSessionException.
- stopSession(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
- storeSession(Serializable, Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- STRICT - org.apache.shiro.web.servlet.Cookie.SameSiteOptions
-
Cookies will only be sent in a first-party context and not be sent along with requests initiated by third party websites.
- stringPermissions - Variable in class org.apache.shiro.authz.SimpleAuthorizationInfo
-
Collection of all string-based permissions associated with the account.
- StringUtils - Class in org.apache.shiro.util
-
Simple utility class for String operations useful across the framework.
- StringUtils() - Constructor for class org.apache.shiro.util.StringUtils
- subject() - Method in class org.apache.shiro.samples.WebApp
- Subject - Interface in org.apache.shiro.subject
-
A
Subject
represents state and security operations for a single application user. - SUBJECT_KEY - Static variable in class org.apache.shiro.util.ThreadContext
- Subject.Builder - Class in org.apache.shiro.subject
-
Builder design pattern implementation for creating
Subject
instances in a simplified way without requiring knowledge of Shiro's construction techniques. - SubjectAwareExecutor - Class in org.apache.shiro.concurrent
- SubjectAwareExecutor() - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutor
- SubjectAwareExecutor(Executor) - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutor
- SubjectAwareExecutorService - Class in org.apache.shiro.concurrent
-
ExecutorService
implementation that will automatically first associate any argumentRunnable
orCallable
instances with thecurrently available subject
and then dispatch the Subject-enabled runnable or callable to an underlying delegateExecutorService
instance. - SubjectAwareExecutorService() - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SubjectAwareExecutorService(ExecutorService) - Constructor for class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SubjectAwareScheduledExecutorService - Class in org.apache.shiro.concurrent
-
Same concept as the
SubjectAwareExecutorService
but additionally supports theScheduledExecutorService
interface. - SubjectAwareScheduledExecutorService() - Constructor for class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- SubjectAwareScheduledExecutorService(ScheduledExecutorService) - Constructor for class org.apache.shiro.concurrent.SubjectAwareScheduledExecutorService
- SubjectCallable<V> - Class in org.apache.shiro.subject.support
- SubjectCallable(Subject, Callable<V>) - Constructor for class org.apache.shiro.subject.support.SubjectCallable
- SubjectCallable(ThreadState, Callable<V>) - Constructor for class org.apache.shiro.subject.support.SubjectCallable
- SubjectContext - Interface in org.apache.shiro.subject
-
A
SubjectContext
is a 'bucket' of data presented to aSecurityManager
which interprets this data to constructSubject
instances. - subjectDAO - Variable in class org.apache.shiro.mgt.DefaultSecurityManager
- subjectDAO() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- subjectDAO() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- subjectDAO() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- subjectDAO() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- subjectDAO() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- SubjectDAO - Interface in org.apache.shiro.mgt
-
A
SubjectDAO
is responsible for persisting a Subject instance's internal state such that the Subject instance can be recreated at a later time if necessary. - subjectFactory - Variable in class org.apache.shiro.mgt.DefaultSecurityManager
- subjectFactory() - Method in class org.apache.shiro.spring.boot.autoconfigure.ShiroAutoConfiguration
- subjectFactory() - Method in class org.apache.shiro.spring.config.AbstractShiroConfiguration
- subjectFactory() - Method in class org.apache.shiro.spring.config.ShiroConfiguration
- subjectFactory() - Method in class org.apache.shiro.spring.config.web.autoconfigure.ShiroWebAutoConfiguration
- subjectFactory() - Method in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- subjectFactory() - Method in class org.apache.shiro.spring.web.config.ShiroWebConfiguration
- SubjectFactory - Interface in org.apache.shiro.mgt
-
A
SubjectFactory
is responsible for constructingSubject
instances as needed. - SubjectPrincipalRequestFilter - Class in org.apache.shiro.web.jaxrs
- SubjectPrincipalRequestFilter() - Constructor for class org.apache.shiro.web.jaxrs.SubjectPrincipalRequestFilter
- SubjectRunnable - Class in org.apache.shiro.subject.support
-
A
SubjectRunnable
ensures that a target/delegateRunnable
will execute such that any call toSecurityUtils.
getSubject()
during theRunnable
's execution will return the associatedSubject
instance. - SubjectRunnable(Subject, Runnable) - Constructor for class org.apache.shiro.subject.support.SubjectRunnable
-
Creates a new
SubjectRunnable
that, when executed, will execute the targetdelegate
, but guarantees that it will run associated with the specifiedSubject
. - SubjectRunnable(ThreadState, Runnable) - Constructor for class org.apache.shiro.subject.support.SubjectRunnable
-
Creates a new
SubjectRunnable
that, when executed, will perform thread statebinding
and guaranteedrestoration
before and after theRunnable
's execution, respectively. - SubjectThreadState - Class in org.apache.shiro.subject.support
-
Manages thread-state for
Subject
access (supportingSecurityUtils.
getSubject()
calls) during a thread's execution. - SubjectThreadState(Subject) - Constructor for class org.apache.shiro.subject.support.SubjectThreadState
-
Creates a new
SubjectThreadState
that will bind and unbind the specifiedSubject
to the thread - subList(int, int) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- submit(Runnable) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- submit(Runnable, T) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- submit(Callable<T>) - Method in class org.apache.shiro.concurrent.SubjectAwareExecutorService
- SUBPART_DIVIDER_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- Subscribe - Annotation Type in org.apache.shiro.event
-
Indicates a method is an event consumer.
- successUrl - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- SUN_CONNECTION_POOLING_PROPERTY - Static variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.The Sun LDAP property used to enable connection pooling.
- SUN_CONNECTION_POOLING_PROPERTY - Static variable in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
The Sun LDAP property used to enable connection pooling.
- supports(MethodInvocation) - Method in class org.apache.shiro.aop.AnnotationMethodInterceptor
-
Returns
true
if this interceptor supports, that is, should inspect, the specifiedMethodInvocation
,false
otherwise. - supports(AuthenticationToken) - Method in class org.apache.shiro.realm.AuthenticatingRealm
-
Convenience implementation that returns getAuthenticationTokenClass().isAssignableFrom( token.getClass() );.
- supports(AuthenticationToken) - Method in interface org.apache.shiro.realm.Realm
-
Returns true if this realm wishes to authenticate the Subject represented by the given
AuthenticationToken
instance, false otherwise. - systemPassword - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- systemPassword - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- systemUsername - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- systemUsername - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
T
- TEST_KEYSTORE_PASSWORD - Static variable in class org.apache.shiro.testing.web.AbstractContainerIT
- TEST_KEYSTORE_PATH - Static variable in class org.apache.shiro.testing.web.AbstractContainerIT
- TextConfigurationRealm - Class in org.apache.shiro.realm.text
-
A SimpleAccountRealm that enables text-based configuration of the initial User, Role, and Permission objects created at startup.
- TextConfigurationRealm() - Constructor for class org.apache.shiro.realm.text.TextConfigurationRealm
- ThreadContext - Class in org.apache.shiro.util
-
A ThreadContext provides a means of binding and unbinding objects to the current thread based on key/value pairs.
- ThreadContext() - Constructor for class org.apache.shiro.util.ThreadContext
-
Default no-argument constructor.
- threadState - Variable in class org.apache.shiro.subject.support.SubjectCallable
- threadState - Variable in class org.apache.shiro.subject.support.SubjectRunnable
- ThreadState - Interface in org.apache.shiro.util
-
A
ThreadState
instance manages any state that might need to be bound and/or restored during a thread's execution. - throwImmutableException() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Simply throws an
InvalidSessionException
indicating that this proxy is immutable. - tlsPort - Static variable in class org.apache.shiro.testing.web.AbstractContainerIT
- toArray() - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- toArray(T[]) - Method in class org.apache.shiro.web.filter.mgt.SimpleNamedFilterList
- toBase64() - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Returns a Base64-encoded string of the underlying
byte array
. - toBase64() - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Returns a Base64-encoded string of the underlying
byte array
. - toBase64() - Method in interface org.apache.shiro.util.ByteSource
-
Returns the Base 64-formatted String representation of the underlying wrapped byte array.
- toBase64() - Method in class org.apache.shiro.util.SimpleByteSource
- toBytes(char[]) - Static method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified character array to a byte array using the Shiro's preferred encoding (UTF-8).
- toBytes(char[], String) - Static method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified character array into a byte array using the specified character encoding.
- toBytes(File) - Method in class org.apache.shiro.codec.CodecSupport
- toBytes(InputStream) - Method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified
InputStream
into a byte array. - toBytes(Object) - Method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified Object into a byte array.
- toBytes(String) - Static method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified source argument to a byte array with Shiro's
PREFERRED_ENCODING
. - toBytes(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- toBytes(String, String) - Static method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified source to a byte array via the specified encoding, throwing a
CodecException
if the encoding fails. - toByteSource(Object) - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Converts a given object into a
ByteSource
instance. - toChars(byte[]) - Static method in class org.apache.shiro.codec.CodecSupport
-
Returns the specified byte array as a character array using the
PREFERRED_ENCODING
. - toChars(byte[], String) - Static method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified byte array to a character array using the specified character encoding.
- toCollection(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- toDelimitedString(Object[], String) - Static method in class org.apache.shiro.util.StringUtils
-
Returns the array's contents as a string, with each element delimited by the specified
delimiter
argument. - toDelimitedString(Collection, String) - Static method in class org.apache.shiro.util.StringUtils
-
Returns the collection's contents as a string, with each element delimited by the specified
delimiter
argument. - toDigit(char, int) - Static method in class org.apache.shiro.codec.Hex
-
Converts a hexadecimal character to an integer.
- toEncoded(String, String) - Method in class org.apache.shiro.web.servlet.ShiroHttpServletResponse
-
Return the specified URL with the specified session identifier suitably encoded.
- toHex() - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Returns a hex-encoded string of the underlying
byte array
. - toHex() - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Returns a hex-encoded string of the underlying
byte array
. - toHex() - Method in interface org.apache.shiro.util.ByteSource
-
Returns the Hex-formatted String representation of the underlying wrapped byte array.
- toHex() - Method in class org.apache.shiro.util.SimpleByteSource
- toHttp(ServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
-
A convenience method that merely casts the incoming
ServletRequest
to anHttpServletRequest
: - toHttp(ServletResponse) - Static method in class org.apache.shiro.web.util.WebUtils
-
A convenience method that merely casts the incoming
ServletResponse
to anHttpServletResponse
: - TOKEN_DELIMITER - Static variable in interface org.apache.shiro.crypto.hash.format.ModularCryptFormat
- tokenizeToStringArray(String, String) - Static method in class org.apache.shiro.util.StringUtils
-
Tokenize the given String into a String array via a StringTokenizer.
- tokenizeToStringArray(String, String, boolean, boolean) - Static method in class org.apache.shiro.util.StringUtils
-
Tokenize the given String into a String array via a StringTokenizer.
- toLines(String) - Static method in class org.apache.shiro.realm.text.TextConfigurationRealm
- toList(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- toMap(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- toMap(Collection<String>) - Static method in class org.apache.shiro.realm.text.TextConfigurationRealm
- toNameConfigPair(String) - Method in class org.apache.shiro.web.filter.mgt.DefaultFilterChainManager
-
Based on the given filter chain definition token (e.g.
- toPermissionStrings(String) - Static method in class org.apache.shiro.util.PermissionUtils
- toPort(Object) - Method in class org.apache.shiro.web.filter.authz.PortFilter
- toResponse(AuthorizationException) - Method in class org.apache.shiro.web.jaxrs.ExceptionMapper
- toSet(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- toSet(String, String) - Static method in class org.apache.shiro.realm.SimpleAccountRealm
- toString() - Method in class org.apache.shiro.authc.SimpleAccount
-
Returns
principals
.toString() if they are not null, otherwise prints out the string "empty" - toString() - Method in class org.apache.shiro.authc.SimpleAuthenticationInfo
-
Simple implementation that merely returns
principals
.toString() - toString() - Method in class org.apache.shiro.authc.UsernamePasswordToken
-
Returns the String representation.
- toString() - Method in class org.apache.shiro.authz.permission.WildcardPermission
- toString() - Method in class org.apache.shiro.authz.SimpleRole
- toString() - Method in class org.apache.shiro.cache.AbstractCacheManager
- toString() - Method in class org.apache.shiro.cache.ehcache.EhCache
-
Returns "EhCache [" + cache.getName() + "]"
- toString() - Method in class org.apache.shiro.cache.MapCache
- toString() - Method in class org.apache.shiro.config.Ini.Section
- toString() - Method in class org.apache.shiro.config.Ini
- toString() - Method in class org.apache.shiro.crypto.hash.AbstractHash
-
Deprecated.Simple implementation that merely returns
toHex()
. - toString() - Method in class org.apache.shiro.crypto.hash.SimpleHash
-
Simple implementation that merely returns
toHex()
. - toString() - Method in class org.apache.shiro.guice.ShiroSessionScope
- toString() - Method in class org.apache.shiro.session.mgt.SimpleSession
-
Returns the string representation of this SimpleSession, equal to
getClass().getName() + ",id=" + getId()
. - toString() - Method in class org.apache.shiro.subject.SimplePrincipalCollection
-
Returns a simple string representation suitable for printing.
- toString() - Method in class org.apache.shiro.util.SimpleByteSource
- toString() - Method in class org.apache.shiro.web.servlet.ServletContextSupport
-
It is highly recommended not to override this method directly, and instead override the
toStringBuilder()
method, a better-performing alternative. - toString(byte[]) - Static method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified byte array to a String using the
PREFERRED_ENCODING
. - toString(byte[], String) - Static method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified byte array to a String using the specified character encoding.
- toString(Object) - Method in class org.apache.shiro.codec.CodecSupport
-
Converts the specified Object into a String.
- toString(Object[]) - Static method in class org.apache.shiro.util.StringUtils
-
Returns the specified array as a comma-delimited (',') string.
- toStringArray(Collection) - Static method in class org.apache.shiro.util.StringUtils
-
Copy the given Collection into a String array.
- toStringBuilder() - Method in class org.apache.shiro.web.servlet.NameableFilter
-
Returns a StringBuilder instance with the
name
, or if the name isnull
, just thesuper.toStringBuilder()
instance. - toStringBuilder() - Method in class org.apache.shiro.web.servlet.ServletContextSupport
-
Same concept as
toString()
, but returns aStringBuilder
instance instead. - touch() - Method in class org.apache.shiro.session.mgt.DelegatingSession
- touch() - Method in class org.apache.shiro.session.mgt.ImmutableProxiedSession
-
Immediately
throws
anInvalidSessionException
in all cases because this proxy is immutable. - touch() - Method in class org.apache.shiro.session.mgt.SimpleSession
- touch() - Method in class org.apache.shiro.session.ProxiedSession
-
Immediately delegates to the underlying proxied session.
- touch() - Method in interface org.apache.shiro.session.Session
-
Explicitly updates the
lastAccessTime
of this session to the current time when this method is invoked. - touch() - Method in class org.apache.shiro.web.session.HttpServletSession
- touch(SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractNativeSessionManager
- touch(SessionKey) - Method in interface org.apache.shiro.session.mgt.NativeSessionManager
-
Updates the last accessed time of the session identified by
sessionId
. - TypedEventListener - Interface in org.apache.shiro.event.support
U
- UnauthenticatedException - Exception in org.apache.shiro.authz
-
Exception thrown when attempting to execute an authorization action when a successful authentication hasn't yet occurred.
- UnauthenticatedException() - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Creates a new UnauthenticatedException.
- UnauthenticatedException(String) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Constructs a new UnauthenticatedException.
- UnauthenticatedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Constructs a new UnauthenticatedException.
- UnauthenticatedException(Throwable) - Constructor for exception org.apache.shiro.authz.UnauthenticatedException
-
Constructs a new UnauthenticatedException.
- UnauthorizedException - Exception in org.apache.shiro.authz
-
Thrown to indicate a requested operation or access to a requested resource is not allowed.
- UnauthorizedException() - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Creates a new UnauthorizedException.
- UnauthorizedException(String) - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Constructs a new UnauthorizedException.
- UnauthorizedException(String, Throwable) - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Constructs a new UnauthorizedException.
- UnauthorizedException(Throwable) - Constructor for exception org.apache.shiro.authz.UnauthorizedException
-
Constructs a new UnauthorizedException.
- unauthorizedUrl - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration
- UnavailableSecurityManagerException - Exception in org.apache.shiro
-
Exception thrown when attempting to acquire the application's
SecurityManager
instance, but Shiro's lookup heuristics cannot find one. - UnavailableSecurityManagerException(String) - Constructor for exception org.apache.shiro.UnavailableSecurityManagerException
- UnavailableSecurityManagerException(String, Throwable) - Constructor for exception org.apache.shiro.UnavailableSecurityManagerException
-
Deprecated.This constructor is NOT used by Shiro directly, and will be removed in the future.
- unbind(String) - Method in class org.apache.shiro.jndi.JndiTemplate
-
Remove the binding for the given name from the current JNDI context.
- unbind(Subject) - Method in class org.apache.shiro.mgt.DefaultSecurityManager
-
Deprecated.in Shiro 1.2 in favor of
DefaultSecurityManager.delete(org.apache.shiro.subject.Subject)
- unbindSecurityManager() - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies removal of the application's SecurityManager instance from the thread.
- unbindSubject() - Static method in class org.apache.shiro.util.ThreadContext
-
Convenience method that simplifies removal of a thread-local Subject from the thread.
- uncache(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Removes the specified Session from the cache.
- unescapeIfNecessary(String) - Method in class org.apache.shiro.config.ReflectionBuilder
- UnknownAccountException - Exception in org.apache.shiro.authc
-
Thrown when attempting to authenticate with a principal that doesn't exist in the system (e.g.
- UnknownAccountException() - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Creates a new UnknownAccountException.
- UnknownAccountException(String) - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Constructs a new UnknownAccountException.
- UnknownAccountException(String, Throwable) - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Constructs a new UnknownAccountException.
- UnknownAccountException(Throwable) - Constructor for exception org.apache.shiro.authc.UnknownAccountException
-
Constructs a new UnknownAccountException.
- UnknownAlgorithmException - Exception in org.apache.shiro.crypto
-
Exception thrown when attempting to lookup or use a cryptographic algorithm that does not exist in the current JVM environment.
- UnknownAlgorithmException(String) - Constructor for exception org.apache.shiro.crypto.UnknownAlgorithmException
- UnknownAlgorithmException(String, Throwable) - Constructor for exception org.apache.shiro.crypto.UnknownAlgorithmException
- UnknownAlgorithmException(Throwable) - Constructor for exception org.apache.shiro.crypto.UnknownAlgorithmException
- UnknownClassException - Exception in org.apache.shiro.util
-
The Shiro framework's
RuntimeException
equivalent of the JDK'sClassNotFoundException
, to maintain a RuntimeException paradigm. - UnknownClassException() - Constructor for exception org.apache.shiro.util.UnknownClassException
-
Creates a new UnknownClassException.
- UnknownClassException(String) - Constructor for exception org.apache.shiro.util.UnknownClassException
-
Constructs a new UnknownClassException.
- UnknownClassException(String, Throwable) - Constructor for exception org.apache.shiro.util.UnknownClassException
-
Constructs a new UnknownClassException.
- UnknownClassException(Throwable) - Constructor for exception org.apache.shiro.util.UnknownClassException
-
Constructs a new UnknownClassException.
- UnknownSessionException - Exception in org.apache.shiro.session
-
Exception thrown when attempting to interact with the system under the pretense of a particular session (e.g. under a specific session id), and that session does not exist in the system.
- UnknownSessionException() - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Creates a new UnknownSessionException.
- UnknownSessionException(String) - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Constructs a new UnknownSessionException.
- UnknownSessionException(String, Throwable) - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Constructs a new UnknownSessionException.
- UnknownSessionException(Throwable) - Constructor for exception org.apache.shiro.session.UnknownSessionException
-
Constructs a new UnknownSessionException.
- unregister(Object) - Method in interface org.apache.shiro.event.EventBus
-
Unregisters all previously-registered event handler methods on the specified instance.
- unregister(Object) - Method in class org.apache.shiro.event.support.DefaultEventBus
- UnresolveableReferenceException - Exception in org.apache.shiro.config
-
Exception thrown when a reference to an object is made, but that object cannot be found.
- UnresolveableReferenceException() - Constructor for exception org.apache.shiro.config.UnresolveableReferenceException
-
Creates a new UnresolveableReferenceException.
- UnresolveableReferenceException(String) - Constructor for exception org.apache.shiro.config.UnresolveableReferenceException
-
Constructs a new UnresolveableReferenceException.
- UnresolveableReferenceException(String, Throwable) - Constructor for exception org.apache.shiro.config.UnresolveableReferenceException
-
Constructs a new UnresolveableReferenceException.
- UnresolveableReferenceException(Throwable) - Constructor for exception org.apache.shiro.config.UnresolveableReferenceException
-
Constructs a new UnresolveableReferenceException.
- UnsupportedAuthenticationMechanismException - Exception in org.apache.shiro.ldap
-
Exception thrown when a configured LDAP Authentication Mechanism is unsupported by the target LDAP server.
- UnsupportedAuthenticationMechanismException(String) - Constructor for exception org.apache.shiro.ldap.UnsupportedAuthenticationMechanismException
- UnsupportedAuthenticationMechanismException(String, Throwable) - Constructor for exception org.apache.shiro.ldap.UnsupportedAuthenticationMechanismException
- UnsupportedTokenException - Exception in org.apache.shiro.authc.pam
-
Exception thrown during the authentication process when an
AuthenticationToken
implementation is encountered that is not supported by one or more configuredRealm
s. - UnsupportedTokenException() - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Creates a new UnsupportedTokenException.
- UnsupportedTokenException(String) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Constructs a new UnsupportedTokenException.
- UnsupportedTokenException(String, Throwable) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Constructs a new UnsupportedTokenException.
- UnsupportedTokenException(Throwable) - Constructor for exception org.apache.shiro.authc.pam.UnsupportedTokenException
-
Constructs a new UnsupportedTokenException.
- update(Session) - Method in class org.apache.shiro.session.mgt.eis.CachingSessionDAO
-
Updates the state of the given session to the EIS by first delegating to
CachingSessionDAO.doUpdate(org.apache.shiro.session.Session)
. - update(Session) - Method in class org.apache.shiro.session.mgt.eis.MemorySessionDAO
- update(Session) - Method in interface org.apache.shiro.session.mgt.eis.SessionDAO
-
Updates (persists) data from a previously created Session instance in the EIS identified by
{@link Session#getId() session.getId()}
. - updateSessionLastAccessTime(ServletRequest, ServletResponse) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Updates any 'native' Session's last access time that might exist to the timestamp when this method is called.
- uppercaseFirstChar(String) - Static method in class org.apache.shiro.util.StringUtils
-
Returns the input argument, but ensures the first character is capitalized (if possible).
- url - Variable in class org.apache.shiro.realm.ldap.AbstractLdapRealm
- url - Variable in class org.apache.shiro.realm.ldap.DefaultLdapContextFactory
-
Deprecated.
- URL_PREFIX - Static variable in class org.apache.shiro.io.ResourceUtils
-
Resource path prefix that specifies to load from a url location, value is
url:
- URL_SESSION_ID_SOURCE - Static variable in class org.apache.shiro.web.servlet.ShiroHttpServletRequest
- urlEncode(String, String) - Method in class org.apache.shiro.web.util.RedirectView
-
URL-encode the given input String with the given encoding scheme, using
URLEncoder.encode(input, enc)
. - URLS - Static variable in class org.apache.shiro.web.config.IniFilterChainResolverFactory
- useNativeSessionManager - Variable in class org.apache.shiro.spring.web.config.AbstractShiroWebConfiguration
- user - org.apache.shiro.web.filter.mgt.DefaultFilter
- USER - Static variable in class org.apache.shiro.guice.web.ShiroWebModule
- UserAnnotationHandler - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresUser
annotation is declared, and if so, ensures the callingSubject
is eitherauthenticated
or remembered via remember me services before allowing access. - UserAnnotationHandler() - Constructor for class org.apache.shiro.authz.aop.UserAnnotationHandler
-
Default no-argument constructor that ensures this handler looks for
RequiresUser
annotations. - UserAnnotationMethodInterceptor - Class in org.apache.shiro.authz.aop
-
Checks to see if a @
RequiresUser
annotation is declared, and if so, ensures the callingSubject
is eitherauthenticated
or remembered via remember me services before invoking the method. - UserAnnotationMethodInterceptor() - Constructor for class org.apache.shiro.authz.aop.UserAnnotationMethodInterceptor
-
Default no-argument constructor that ensures this interceptor looks for
RequiresUser
annotations in a method declaration. - UserAnnotationMethodInterceptor(AnnotationResolver) - Constructor for class org.apache.shiro.authz.aop.UserAnnotationMethodInterceptor
- UserFilter - Class in org.apache.shiro.web.filter.authc
-
Filter that allows access to resources if the accessor is a known user, which is defined as having a known principal.
- UserFilter() - Constructor for class org.apache.shiro.web.filter.authc.UserFilter
- UsernamePasswordToken - Class in org.apache.shiro.authc
-
A simple username/password authentication token to support the most widely-used authentication mechanism.
- UsernamePasswordToken() - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
JavaBeans compatible no-arg constructor.
- UsernamePasswordToken(String, char[]) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted during an authentication attempt, with a null
host
and a rememberMe default of false. - UsernamePasswordToken(String, char[], boolean) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user wishes their identity to be remembered across sessions.
- UsernamePasswordToken(String, char[], boolean, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.
- UsernamePasswordToken(String, char[], String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the inetAddress from where the attempt is occurring, and a default rememberMe value of false
- UsernamePasswordToken(String, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted during an authentication attempt, with a null
host
and a rememberMe default of false - UsernamePasswordToken(String, String, boolean) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, as well as if the user wishes their identity to be remembered across sessions.
- UsernamePasswordToken(String, String, boolean, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, if the user wishes their identity to be remembered across sessions, and the inetAddress from where the attempt is occurring.
- UsernamePasswordToken(String, String, String) - Constructor for class org.apache.shiro.authc.UsernamePasswordToken
-
Constructs a new UsernamePasswordToken encapsulating the username and password submitted, the inetAddress from where the attempt is occurring, and a default rememberMe value of false
- userRolesQuery - Variable in class org.apache.shiro.realm.jdbc.JdbcRealm
- users - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- USERS_LOCK - Variable in class org.apache.shiro.realm.SimpleAccountRealm
- USERS_SECTION_NAME - Static variable in class org.apache.shiro.realm.text.IniRealm
- UserTag - Class in org.apache.shiro.web.tags
-
JSP tag that renders the tag body if the current user known to the system, either from a successful login attempt (not necessarily during the current session) or from 'RememberMe' services.
- UserTag() - Constructor for class org.apache.shiro.web.tags.UserTag
- useXmlFormat - Variable in class org.apache.shiro.realm.text.PropertiesRealm
- Util() - Constructor for class org.apache.shiro.util.ByteSource.Util
V
- validate() - Method in class org.apache.shiro.session.mgt.SimpleSession
- validate() - Method in interface org.apache.shiro.session.mgt.ValidatingSession
- validate(Session, SessionKey) - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- validateAuthenticationInfo(Hashtable<String, Object>) - Method in class org.apache.shiro.realm.ldap.JndiLdapContextFactory
-
Validates the configuration in the JNDI
environment
settings and throws an exception if a problem exists. - validateSessions() - Method in class org.apache.shiro.session.mgt.AbstractValidatingSessionManager
- validateSessions() - Method in interface org.apache.shiro.session.mgt.ValidatingSessionManager
-
Performs session validation for all open/active sessions in the system (those that have not been stopped or expired), and validates each one.
- ValidatingSession - Interface in org.apache.shiro.session.mgt
-
A
ValidatingSession
is aSession
that is capable of determining it is valid or not and is able to validate itself if necessary. - ValidatingSessionManager - Interface in org.apache.shiro.session.mgt
-
A ValidatingSessionManager is a SessionManager that can proactively validate any or all sessions that may be expired.
- value() - Method in annotation type org.apache.shiro.authz.annotation.RequiresPermissions
-
The permission string which will be passed to
Subject.isPermitted(String)
to determine if the user is allowed to invoke the code protected by this annotation. - value() - Method in annotation type org.apache.shiro.authz.annotation.RequiresRoles
-
A single String role name or multiple comma-delimited role names required in order for the method invocation to be allowed.
- valueOf(String) - Static method in enum org.apache.shiro.authz.annotation.Logical
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.apache.shiro.crypto.hash.format.ProvidedHashFormat
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.apache.shiro.crypto.OperationMode
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.apache.shiro.crypto.PaddingScheme
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.apache.shiro.web.filter.mgt.DefaultFilter
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum org.apache.shiro.web.servlet.Cookie.SameSiteOptions
-
Returns the enum constant of this type with the specified name.
- values() - Static method in enum org.apache.shiro.authz.annotation.Logical
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Method in interface org.apache.shiro.cache.Cache
-
Returns a view of all of the values contained in this cache.
- values() - Method in class org.apache.shiro.cache.ehcache.EhCache
- values() - Method in class org.apache.shiro.cache.MapCache
- values() - Method in class org.apache.shiro.config.Ini.Section
- values() - Method in class org.apache.shiro.config.Ini
- values() - Static method in enum org.apache.shiro.crypto.hash.format.ProvidedHashFormat
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Static method in enum org.apache.shiro.crypto.OperationMode
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Static method in enum org.apache.shiro.crypto.PaddingScheme
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Static method in enum org.apache.shiro.realm.jdbc.JdbcRealm.SaltStyle
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Method in class org.apache.shiro.subject.SimplePrincipalMap
- values() - Method in class org.apache.shiro.util.MapContext
- values() - Method in class org.apache.shiro.util.SoftHashMap
- values() - Static method in enum org.apache.shiro.web.filter.mgt.DefaultFilter
-
Returns an array containing the constants of this enum type, in the order they are declared.
- values() - Static method in enum org.apache.shiro.web.servlet.Cookie.SameSiteOptions
-
Returns an array containing the constants of this enum type, in the order they are declared.
- verifyAttributes() - Method in class org.apache.shiro.web.tags.PermissionTag
- verifyAttributes() - Method in class org.apache.shiro.web.tags.SecureTag
- VERSION_ATTRIBUTE_NAME - Static variable in class org.apache.shiro.web.servlet.SimpleCookie
W
- WebApp - Class in org.apache.shiro.samples
- WebApp() - Constructor for class org.apache.shiro.samples.WebApp
- webClient - Variable in class org.apache.shiro.testing.web.AbstractContainerIT
- WebDelegatingSubject - Class in org.apache.shiro.web.subject.support
-
Default
WebSubject
implementation that additional ensures the ability to retain a servlet request/response pair to be used by internal shiro components as necessary during the request execution. - WebDelegatingSubject(PrincipalCollection, boolean, String, Session, boolean, ServletRequest, ServletResponse, SecurityManager) - Constructor for class org.apache.shiro.web.subject.support.WebDelegatingSubject
- WebDelegatingSubject(PrincipalCollection, boolean, String, Session, ServletRequest, ServletResponse, SecurityManager) - Constructor for class org.apache.shiro.web.subject.support.WebDelegatingSubject
- WebEnvironment - Interface in org.apache.shiro.web.env
-
A web-specific
Environment
instance, used in web applications. - WebIniSecurityManagerFactory - Class in org.apache.shiro.web.config
-
Deprecated.use Shiro's
Environment
mechanisms instead. - WebIniSecurityManagerFactory() - Constructor for class org.apache.shiro.web.config.WebIniSecurityManagerFactory
-
Deprecated.Creates a new
WebIniSecurityManagerFactory
instance which will construct web-capableSecurityManager
instances. - WebIniSecurityManagerFactory(Ini) - Constructor for class org.apache.shiro.web.config.WebIniSecurityManagerFactory
-
Deprecated.Creates a new
WebIniSecurityManagerFactory
instance which will construct web-capableSecurityManager
instances. - WebSecurityManager - Interface in org.apache.shiro.web.mgt
-
This interface represents a
SecurityManager
implementation that can used in web-enabled applications. - WebSessionContext - Interface in org.apache.shiro.web.session.mgt
-
A
WebSubjectContext
is aSessionContext
that additionally provides for type-safe methods to set and retrieve aServletRequest
andServletResponse
, as the request/response pair will often need to be referenced during construction of web-initiatedSession
instances. - WebSessionKey - Class in org.apache.shiro.web.session.mgt
-
A
SessionKey
implementation that also retains theServletRequest
andServletResponse
associated with the web request that is performing the session lookup. - WebSessionKey(Serializable, ServletRequest, ServletResponse) - Constructor for class org.apache.shiro.web.session.mgt.WebSessionKey
- WebSessionKey(ServletRequest, ServletResponse) - Constructor for class org.apache.shiro.web.session.mgt.WebSessionKey
- WebSessionManager - Interface in org.apache.shiro.web.session.mgt
-
SessionManager
specific to web-enabled applications. - WebSubject - Interface in org.apache.shiro.web.subject
-
A
WebSubject
represents a Subject instance that was acquired as a result of an incomingServletRequest
. - WebSubject.Builder - Class in org.apache.shiro.web.subject
-
A
WebSubject.Builder
performs the same function as aSubject.Builder
, but additionally ensures that the Servlet request/response pair that is triggering the Subject instance's creation is retained for use by internal Shiro components as necessary. - WebSubjectContext - Interface in org.apache.shiro.web.subject
-
A
WebSubjectContext
is aSubjectContext
that additionally provides for type-safe methods to set and retrieve aServletRequest
andServletResponse
. - WebUtils - Class in org.apache.shiro.web.util
-
Simple utility class for operations used across multiple class hierarchies in the web framework code.
- WebUtils() - Constructor for class org.apache.shiro.web.util.WebUtils
- WILDCARD_TOKEN - Static variable in class org.apache.shiro.authz.permission.WildcardPermission
- WildcardPermission - Class in org.apache.shiro.authz.permission
-
A
WildcardPermission
is a very flexible permission construct supporting multiple levels of permission matching. - WildcardPermission() - Constructor for class org.apache.shiro.authz.permission.WildcardPermission
-
Default no-arg constructor for subclasses only - end-user developers instantiating Permission instances must provide a wildcard string at a minimum, since Permission instances are immutable once instantiated.
- WildcardPermission(String) - Constructor for class org.apache.shiro.authz.permission.WildcardPermission
- WildcardPermission(String, boolean) - Constructor for class org.apache.shiro.authz.permission.WildcardPermission
- WildcardPermissionResolver - Class in org.apache.shiro.authz.permission
-
PermissionResolver implementation that returns a new
WildcardPermission
based on the input string. - WildcardPermissionResolver() - Constructor for class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Default constructor.
- WildcardPermissionResolver(boolean) - Constructor for class org.apache.shiro.authz.permission.WildcardPermissionResolver
-
Constructor to specify case sensitivity for the resolved premissions.
- wrapServletRequest(HttpServletRequest) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Wraps the original HttpServletRequest in a
ShiroHttpServletRequest
, which is required for supporting Servlet Specification behavior backed by aSubject
instance. - wrapServletResponse(HttpServletResponse, ShiroHttpServletRequest) - Method in class org.apache.shiro.web.servlet.AbstractShiroFilter
-
Returns a new
ShiroHttpServletResponse
instance, wrapping theorig
argument, in order to provide correct URL rewriting behavior required by the Servlet Specification when using Shiro-based sessions (and not Servlet Container HTTP-based sessions). - writeRestrictedCall() - Method in class org.apache.shiro.samples.SimpleService
X
- XmlSerializer - Class in org.apache.shiro.io
-
Deprecated.This class should not be used directly because of unsecure XMLEncoder/XMLDecoder usage.
- XmlSerializer() - Constructor for class org.apache.shiro.io.XmlSerializer
-
Deprecated.
_
- _isSessionCreationEnabled(Object) - Static method in class org.apache.shiro.web.util.WebUtils
-
Returns
true
if a session is allowed to be created for a subject-associated request,false
otherwise. - _isSessionCreationEnabled(ServletRequest) - Static method in class org.apache.shiro.web.util.WebUtils
-
Returns
true
if a session is allowed to be created for a subject-associated request,false
otherwise.
All Classes All Packages