How to use

UserAnnotationHandler

in

org.apache.shiro.authz.aop

/**
 * Default no-argument constructor that ensures this interceptor looks for
 *
 * {@link org.apache.shiro.authz.annotation.RequiresUser RequiresUser} annotations in a method
 * declaration.
 */
public UserAnnotationMethodInterceptor() {
  super( new UserAnnotationHandler() );
}

  /**
   * Ensures that the calling <code>Subject</code> is a <em>user</em>, that is, they are <em>either</code>
   * {@link org.apache.shiro.subject.Subject#isAuthenticated() authenticated} <b><em>or</em></b> remembered via remember
   * me services before allowing access, and if not, throws an
   * <code>AuthorizingException</code> indicating access is not allowed.
   *
   * @param a the RequiresUser annotation to check
   * @throws org.apache.shiro.authz.AuthorizationException
   *         if the calling <code>Subject</code> is not authenticated or remembered via rememberMe services.
   */
  public void assertAuthorized(Annotation a) throws AuthorizationException {
    if (a instanceof RequiresUser && getSubject().getPrincipal() == null) {
      throw new UnauthenticatedException("Attempting to perform a user-only operation.  The current Subject is " +
          "not a user (they haven't been authenticated or remembered from a previous login).  " +
          "Access denied.");
    }
  }
}

/**
 *
 * @param resolver
 * @since 1.1
 */
public UserAnnotationMethodInterceptor(AnnotationResolver resolver) {
  super(new UserAnnotationHandler(), resolver);
}

  /**
   * Ensures that the calling <code>Subject</code> is a <em>user</em>, that is, they are <em>either</code>
   * {@link org.apache.shiro.subject.Subject#isAuthenticated() authenticated} <b><em>or</em></b> remembered via remember
   * me services before allowing access, and if not, throws an
   * <code>AuthorizingException</code> indicating access is not allowed.
   *
   * @param a the RequiresUser annotation to check
   * @throws org.apache.shiro.authz.AuthorizationException
   *         if the calling <code>Subject</code> is not authenticated or remembered via rememberMe services.
   */
  public void assertAuthorized(Annotation a) throws AuthorizationException {
    if (a instanceof RequiresUser && getSubject().getPrincipal() == null) {
      throw new UnauthenticatedException("Attempting to perform a user-only operation.  The current Subject is " +
          "not a user (they haven't been authenticated or remembered from a previous login).  " +
          "Access denied.");
    }
  }
}

private static AuthorizingAnnotationHandler createHandler(Annotation annotation) {
  Class<?> t = annotation.annotationType();
  if (RequiresPermissions.class.equals(t)) return new PermissionAnnotationHandler();
  else if (RequiresRoles.class.equals(t)) return new RoleAnnotationHandler();
  else if (RequiresUser.class.equals(t)) return new UserAnnotationHandler();
  else if (RequiresGuest.class.equals(t)) return new GuestAnnotationHandler();
  else if (RequiresAuthentication.class.equals(t)) return new AuthenticatedAnnotationHandler();
  else throw new IllegalArgumentException("Cannot create a handler for the unknown for annotation " + t);
}

  /**
   * Ensures that the calling <code>Subject</code> is a <em>user</em>, that is, they are <em>either</code>
   * {@link org.apache.shiro.subject.Subject#isAuthenticated() authenticated} <b><em>or</em></b> remembered via remember
   * me services before allowing access, and if not, throws an
   * <code>AuthorizingException</code> indicating access is not allowed.
   *
   * @param a the RequiresUser annotation to check
   * @throws org.apache.shiro.authz.AuthorizationException
   *         if the calling <code>Subject</code> is not authenticated or remembered via rememberMe services.
   */
  public void assertAuthorized(Annotation a) throws AuthorizationException {
    if (a instanceof RequiresUser && getSubject().getPrincipal() == null) {
      throw new UnauthenticatedException("Attempting to perform a user-only operation.  The current Subject is " +
          "not a user (they haven't been authenticated or remembered from a previous login).  " +
          "Access denied.");
    }
  }
}

/**
 *
 * @param resolver
 * @since 1.1
 */
public UserAnnotationMethodInterceptor(AnnotationResolver resolver) {
  super(new UserAnnotationHandler(), resolver);
}

/**
 * Default no-argument constructor that ensures this interceptor looks for
 *
 * {@link org.apache.shiro.authz.annotation.RequiresUser RequiresUser} annotations in a method
 * declaration.
 */
public UserAnnotationMethodInterceptor() {
  super( new UserAnnotationHandler() );
}

/**
 * Default no-argument constructor that ensures this interceptor looks for
 *
 * {@link org.apache.shiro.authz.annotation.RequiresUser RequiresUser} annotations in a method
 * declaration.
 */
public UserAnnotationMethodInterceptor() {
  super( new UserAnnotationHandler() );
}

/**
 *
 * @param resolver
 * @since 1.1
 */
public UserAnnotationMethodInterceptor(AnnotationResolver resolver) {
  super(new UserAnnotationHandler(), resolver);
}

private static AuthorizingAnnotationHandler createHandler(Annotation annotation) {
  Class<?> t = annotation.annotationType();
  if (RequiresPermissions.class.equals(t)) return new PermissionAnnotationHandler();
  else if (RequiresRoles.class.equals(t)) return new RoleAnnotationHandler();
  else if (RequiresUser.class.equals(t)) return new UserAnnotationHandler();
  else if (RequiresGuest.class.equals(t)) return new GuestAnnotationHandler();
  else if (RequiresAuthentication.class.equals(t)) return new AuthenticatedAnnotationHandler();
  else throw new IllegalArgumentException("Cannot create a handler for the unknown for annotation " + t);
}