org.apache.shiro.authz.aop
Class AuthorizingMethodInterceptor

java.lang.Object
  extended by org.apache.shiro.aop.MethodInterceptorSupport
      extended by org.apache.shiro.authz.aop.AuthorizingMethodInterceptor
All Implemented Interfaces:
MethodInterceptor
Direct Known Subclasses:
AnnotationsAuthorizingMethodInterceptor

public abstract class AuthorizingMethodInterceptor
extends MethodInterceptorSupport

Basic abstract class to support intercepting methods that perform authorization (access control) checks.

Since:
0.9

Constructor Summary
AuthorizingMethodInterceptor()
           
 
Method Summary
protected abstract  void assertAuthorized(MethodInvocation methodInvocation)
          Asserts that the specified MethodInvocation is allowed to continue by performing any necessary authorization (access control) checks first.
 Object invoke(MethodInvocation methodInvocation)
          Invokes the specified method (methodInvocation.proceed() if authorization is allowed by first calling assertAuthorized.
 
Methods inherited from class org.apache.shiro.aop.MethodInterceptorSupport
getSubject
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthorizingMethodInterceptor

public AuthorizingMethodInterceptor()
Method Detail

invoke

public Object invoke(MethodInvocation methodInvocation)
              throws Throwable
Invokes the specified method (methodInvocation.proceed() if authorization is allowed by first calling assertAuthorized.

Parameters:
methodInvocation - the MethodInvocation to execute.
Returns:
the result of the invocation
Throws:
Throwable - if the method invocation throws a Throwable or if an error occurs in pre/post/finally advice.

assertAuthorized

protected abstract void assertAuthorized(MethodInvocation methodInvocation)
                                  throws AuthorizationException
Asserts that the specified MethodInvocation is allowed to continue by performing any necessary authorization (access control) checks first.

Parameters:
methodInvocation - the MethodInvocation to invoke.
Throws:
AuthorizationException - if the methodInvocation should not be allowed to continue/execute.


Copyright © 2004-2016 The Apache Software Foundation. All Rights Reserved.