| Package | Description |
|---|---|
| org.apache.shiro.cas | |
| org.apache.shiro.guice.web | |
| org.apache.shiro.web.filter |
Base package supporting all Servlet
Filter implementations used to control
access to web pages and URL resources. |
| org.apache.shiro.web.filter.authc |
Servlet
Filter implementations specific to controlling access based on a
subject's authentication status, or those that can execute authentications (log-ins) directly. |
| org.apache.shiro.web.filter.authz |
Servlet
Filter implementations that perform authorization (access control)
checks based on the Subject's abilities (for example, role or permission checks). |
| org.apache.shiro.web.filter.session | |
| org.apache.shiro.web.servlet |
Shiro-specific implementations of the Servlet API (Servlet Filters, et al).
|
| Modifier and Type | Class and Description |
|---|---|
class |
CasFilter
Deprecated.
replaced with Shiro integration in buji-pac4j.
|
| Modifier and Type | Class and Description |
|---|---|
class |
GuiceShiroFilter
Shiro filter that is managed by and receives its filter chain configurations from Guice.
|
| Modifier and Type | Class and Description |
|---|---|
class |
AccessControlFilter
Superclass for any filter that controls access to a resource and may redirect the user to the login page
if they are not authenticated.
|
class |
PathMatchingFilter
Base class for Filters that will process only specified paths and allow all others to pass through.
|
| Modifier and Type | Class and Description |
|---|---|
class |
AnonymousFilter
Filter that allows access to a path immeidately without performing security checks of any kind.
|
class |
AuthenticatingFilter
An
AuthenticationFilter that is capable of automatically performing an authentication attempt
based on the incoming request. |
class |
AuthenticationFilter
Base class for all Filters that require the current user to be authenticated.
|
class |
BasicHttpAuthenticationFilter
Requires the requesting user to be
authenticated for the
request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge. |
class |
FormAuthenticationFilter
Requires the requesting user to be authenticated for the request to continue, and if they are not, forces the user
to login via by redirecting them to the
loginUrl you configure. |
class |
LogoutFilter
Simple Filter that, upon receiving a request, will immediately log-out the currently executing
subject
and then redirect them to a configured redirectUrl. |
class |
PassThruAuthenticationFilter
An authentication filter that redirects the user to the login page when they are trying to access
a protected resource.
|
class |
UserFilter
Filter that allows access to resources if the accessor is a known user, which is defined as
having a known principal.
|
| Modifier and Type | Class and Description |
|---|---|
class |
AuthorizationFilter
Superclass for authorization-related filters.
|
class |
HostFilter
A Filter that can allow or deny access based on the host that sent the request.
|
class |
HttpMethodPermissionFilter
A filter that translates an HTTP Request's Method (eg GET, POST, etc)
into an corresponding action (verb) and uses that verb to construct a permission that will be checked to determine
access.
|
class |
PermissionsAuthorizationFilter
Filter that allows access if the current user has the permissions specified by the mapped value, or denies access
if the user does not have all of the permissions specified.
|
class |
PortFilter
A Filter that requires the request to be on a specific port, and if not, redirects to the same URL on that port.
|
class |
RolesAuthorizationFilter
Filter that allows access if the current user has the roles specified by the mapped value, or denies access
if the user does not have all of the roles specified.
|
class |
SslFilter
Filter which requires a request to be over SSL.
|
| Modifier and Type | Class and Description |
|---|---|
class |
NoSessionCreationFilter
A
PathMatchingFilter that will disable creating new Sessions during the request. |
| Modifier and Type | Class and Description |
|---|---|
class |
AbstractShiroFilter
Abstract base class that provides all standard Shiro request filtering behavior and expects
subclasses to implement configuration-specific logic (INI, XML, .properties, etc).
|
class |
AdviceFilter
A Servlet Filter that enables AOP-style "around" advice for a ServletRequest via
preHandle,
postHandle,
and afterCompletion
hooks. |
class |
IniShiroFilter
Deprecated.
in 1.2 in favor of using the
ShiroFilter |
class |
ShiroFilter
Primary Shiro Filter for web applications configuring Shiro via Servlet <listener> in web.xml.
|
Copyright © 2004–2019 The Apache Software Foundation. All rights reserved.