| Package | Description |
|---|---|
| org.apache.shiro.cas | |
| org.apache.shiro.guice.web | |
| org.apache.shiro.web.filter |
Base package supporting all Servlet
Filter implementations used to control
access to web pages and URL resources. |
| org.apache.shiro.web.filter.authc |
Servlet
Filter implementations specific to controlling access based on a
subject's authentication status, or those that can execute authentications (log-ins) directly. |
| org.apache.shiro.web.filter.authz |
Servlet
Filter implementations that perform authorization (access control)
checks based on the Subject's abilities (for example, role or permission checks). |
| org.apache.shiro.web.filter.session |
| Modifier and Type | Class and Description |
|---|---|
class |
CasFilter
This filter validates the CAS service ticket to authenticate the user.
|
| Modifier and Type | Method and Description |
|---|---|
protected static <T extends PathMatchingFilter> |
ShiroWebModule.config(Class<T> type,
String configValue) |
protected static <T extends PathMatchingFilter> |
ShiroWebModule.config(com.google.inject.Key<T> baseKey,
String configValue) |
protected static <T extends PathMatchingFilter> |
ShiroWebModule.config(com.google.inject.TypeLiteral<T> typeLiteral,
String configValue) |
| Modifier and Type | Class and Description |
|---|---|
class |
AccessControlFilter
Superclass for any filter that controls access to a resource and may redirect the user to the login page
if they are not authenticated.
|
| Modifier and Type | Class and Description |
|---|---|
class |
AnonymousFilter
Filter that allows access to a path immeidately without performing security checks of any kind.
|
class |
AuthenticatingFilter
An
AuthenticationFilter that is capable of automatically performing an authentication attempt
based on the incoming request. |
class |
AuthenticationFilter
Base class for all Filters that require the current user to be authenticated.
|
class |
BasicHttpAuthenticationFilter
Requires the requesting user to be
authenticated for the
request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge. |
class |
FormAuthenticationFilter
Requires the requesting user to be authenticated for the request to continue, and if they are not, forces the user
to login via by redirecting them to the
loginUrl you configure. |
class |
PassThruAuthenticationFilter
An authentication filter that redirects the user to the login page when they are trying to access
a protected resource.
|
class |
UserFilter
Filter that allows access to resources if the accessor is a known user, which is defined as
having a known principal.
|
| Modifier and Type | Class and Description |
|---|---|
class |
AuthorizationFilter
Superclass for authorization-related filters.
|
class |
HostFilter
A Filter that can allow or deny access based on the host that sent the request.
|
class |
HttpMethodPermissionFilter
A filter that translates an HTTP Request's Method (eg GET, POST, etc)
into an corresponding action (verb) and uses that verb to construct a permission that will be checked to determine
access.
|
class |
PermissionsAuthorizationFilter
Filter that allows access if the current user has the permissions specified by the mapped value, or denies access
if the user does not have all of the permissions specified.
|
class |
PortFilter
A Filter that requires the request to be on a specific port, and if not, redirects to the same URL on that port.
|
class |
RolesAuthorizationFilter
Filter that allows access if the current user has the roles specified by the mapped value, or denies access
if the user does not have all of the roles specified.
|
class |
SslFilter
Filter which requires a request to be over SSL.
|
| Modifier and Type | Class and Description |
|---|---|
class |
NoSessionCreationFilter
A
PathMatchingFilter that will disable creating new Sessions during the request. |
Copyright © 2004-2013 The Apache Software Foundation. All Rights Reserved.