001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 */ 019package org.apache.shiro.authz.aop; 020 021import java.lang.annotation.Annotation; 022 023import org.apache.shiro.authz.UnauthenticatedException; 024import org.apache.shiro.authz.annotation.RequiresAuthentication; 025 026 027/** 028 * Handles {@link RequiresAuthentication RequiresAuthentication} annotations and ensures the calling subject is 029 * authenticated before allowing access. 030 * 031 * @since 0.9.0 032 */ 033public class AuthenticatedAnnotationHandler extends AuthorizingAnnotationHandler { 034 035 /** 036 * Default no-argument constructor that ensures this handler to process 037 * {@link org.apache.shiro.authz.annotation.RequiresAuthentication RequiresAuthentication} annotations. 038 */ 039 public AuthenticatedAnnotationHandler() { 040 super(RequiresAuthentication.class); 041 } 042 043 /** 044 * Ensures that the calling <code>Subject</code> is authenticated, and if not, throws an 045 * {@link org.apache.shiro.authz.UnauthenticatedException UnauthenticatedException} indicating the method is not allowed to be executed. 046 * 047 * @param a the annotation to inspect 048 * @throws org.apache.shiro.authz.UnauthenticatedException if the calling <code>Subject</code> has not yet 049 * authenticated. 050 */ 051 public void assertAuthorized(Annotation a) throws UnauthenticatedException { 052 if (a instanceof RequiresAuthentication && !getSubject().isAuthenticated() ) { 053 throw new UnauthenticatedException( "The current Subject is not authenticated. Access denied." ); 054 } 055 } 056}