All Classes (Apache Shiro :: Web 1.12.0 API)

All Classes Interface Summary Class Summary Enum Summary
Class	Description
AbstractFilter	Base abstract Filter simplifying Filter initialization and `access` to init parameters.
AbstractShiroFilter	Abstract base class that provides all standard Shiro request filtering behavior and expects subclasses to implement configuration-specific logic (INI, XML, .properties, etc).
AccessControlFilter	Superclass for any filter that controls access to a resource and may redirect the user to the login page if they are not authenticated.
AdviceFilter	A Servlet Filter that enables AOP-style "around" advice for a ServletRequest via `preHandle`, `postHandle`, and `afterCompletion` hooks.
AnonymousFilter	Filter that allows access to a path immeidately without performing security checks of any kind.
AuthenticatedTag	JSP tag that renders the tag body only if the current user has executed a successful authentication attempt during their current session.
AuthenticatingFilter	An `AuthenticationFilter` that is capable of automatically performing an authentication attempt based on the incoming request.
AuthenticationFilter	Base class for all Filters that require the current user to be authenticated.
AuthorizationFilter	Superclass for authorization-related filters.
BasicHttpAuthenticationFilter	Requires the requesting user to be `authenticated` for the request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge.
BearerHttpAuthenticationFilter	Requires the requesting user to be `authenticated` for the request to continue, and if they're not, requires the user to login via the HTTP Bearer protocol-specific challenge.
Cookie	Interface representing HTTP cookie operations, supporting pojo-style getters and setters for all attributes which includes HttpOnly support.
Cookie.SameSiteOptions	The SameSite attribute of the Set-Cookie HTTP response header allows you to declare if your cookie should be restricted to a first-party or same-site context.
CookieRememberMeManager	Remembers a Subject's identity by saving the Subject's `principals` to a `Cookie` for later retrieval.
DefaultFilter	Enum representing all of the default Shiro Filter instances available to web applications.
DefaultFilterChainManager	Default `FilterChainManager` implementation maintaining a map of `Filter` instances (key: filter name, value: Filter) as well as a map of `NamedFilterList`s created from these `Filter`s (key: filter chain name, value: NamedFilterList).
DefaultWebEnvironment	Default `WebEnvironment` implementation based on a backing `Map` instance.
DefaultWebSecurityManager	Default `WebSecurityManager` implementation used in web-based applications or any application that requires HTTP connectivity (SOAP, http remoting, etc).
DefaultWebSessionContext	Default implementation of the `WebSessionContext` interface which provides getters and setters that wrap interaction with the underlying backing context map.
DefaultWebSessionManager	Web-application capable `SessionManager` implementation.
DefaultWebSessionStorageEvaluator	A web-specific `SessionStorageEvaluator` that performs the same logic as the parent class `DefaultSessionStorageEvaluator` but additionally checks for a request-specific flag that may enable or disable session access.
DefaultWebSubjectContext	Default `WebSubjectContext` implementation that provides for additional storage and retrieval of a `ServletRequest` and `ServletResponse`.
DefaultWebSubjectFactory	A `SubjectFactory` implementation that creates `WebDelegatingSubject` instances.
EnvironmentLoader	An `EnvironmentLoader` is responsible for loading a web application's Shiro `WebEnvironment` (which includes the web app's `WebSecurityManager`) into the `ServletContext` at application startup.
EnvironmentLoaderListener	Bootstrap listener to startup and shutdown the web application's Shiro `WebEnvironment` at ServletContext startup and shutdown respectively.
FilterChainManager	A `FilterChainManager` manages the creation and modification of `Filter` chains from an available pool of `Filter` instances.
FilterChainResolver	A `FilterChainResolver` can resolve an appropriate `FilterChain` to execute during a `ServletRequest`.
FormAuthenticationFilter	Requires the requesting user to be authenticated for the request to continue, and if they are not, forces the user to login via by redirecting them to the `loginUrl` you configure.
GuestTag	JSP tag that renders the tag body if the current user is not known to the system, either because they haven't logged in yet, or because they have no 'RememberMe' identity.
HasAnyRolesTag	Displays body content if the current user has any of the roles specified.
HasPermissionTag
HasRoleTag
HostFilter	A Filter that can allow or deny access based on the host that sent the request.
HttpMethodPermissionFilter	A filter that translates an HTTP Request's Method (eg GET, POST, etc) into an corresponding action (verb) and uses that verb to construct a permission that will be checked to determine access.
HttpServletSession	`Session` implementation that is backed entirely by a standard servlet container `HttpSession` instance.
HttpSessionContext	Deprecated.
IniFilterChainResolverFactory	A `Factory` that creates `FilterChainResolver` instances based on `Ini` configuration.
IniShiroFilter	Deprecated. in 1.2 in favor of using the `ShiroFilter`
IniWebEnvironment	`WebEnvironment` implementation configured by an `Ini` instance or `Ini` resource locations.
InvalidRequestFilter	A request filter that blocks malicious requests.
LacksPermissionTag
LacksRoleTag
LogoutFilter	Simple Filter that, upon receiving a request, will immediately log-out the currently executing `subject` and then redirect them to a configured `redirectUrl`.
MutableWebEnvironment	A `WebEnvironment` that supports 'write' operations operations.
NameableFilter	Allows a filter to be named via JavaBeans-compatible `NameableFilter.getName()`/`NameableFilter.setName(String)` methods.
NamedFilterList	A `NamedFilterList` is a `List` of `Filter` instances that is uniquely identified by a `name`.
NoSessionCreationFilter	A `PathMatchingFilter` that will disable creating new Sessions during the request.
NotAuthenticatedTag	JSP tag that renders the tag body only if the current user has not executed a successful authentication attempt during their current session.
OncePerRequestFilter	Filter base class that guarantees to be just executed once per request, on any servlet container.
PassThruAuthenticationFilter	An authentication filter that redirects the user to the login page when they are trying to access a protected resource.
PathConfigProcessor	A PathConfigProcessor processes configuration entries on a per path (url) basis.
PathMatchingFilter	Base class for Filters that will process only specified paths and allow all others to pass through.
PathMatchingFilterChainResolver	A `FilterChainResolver` that resolves `FilterChain`s based on url path matching, as determined by a configurable `PathMatcher`.
PermissionsAuthorizationFilter	Filter that allows access if the current user has the permissions specified by the mapped value, or denies access if the user does not have all of the permissions specified.
PermissionTag
PortFilter	A Filter that requires the request to be on a specific port, and if not, redirects to the same URL on that port.
PrincipalTag	Tag used to print out the String value of a user's default principal, or a specific principal as specified by the tag's attributes.
ProxiedFilterChain	A proxied filter chain is a `FilterChain` instance that proxies an original `FilterChain` as well as a `List` of other `Filter`s that might need to execute prior to the final wrapped original chain.
RedirectView	View that redirects to an absolute, context relative, or current request relative URL, exposing all model attributes as HTTP query parameters.
RequestPairSource	A `RequestPairSource` is a component that can supply a `ServletRequest` and `ServletResponse` pair associated with a currently executing request.
ResourceBasedWebEnvironment	Abstract implementation for `WebEnvironment`s that can be initialized via resource paths (config files).
RolesAuthorizationFilter	Filter that allows access if the current user has the roles specified by the mapped value, or denies access if the user does not have all of the roles specified.
RoleTag
SavedRequest	Maintains request data for a request that was redirected, so that after authentication the user can be redirected to the originally requested page.
SecureTag
ServletContainerSessionManager	SessionManager implementation providing `Session` implementations that are merely wrappers for the Servlet container's `HttpSession`.
ServletContextSupport	Base implementation for any components that need to access the web application's `ServletContext`.
ShiroFilter	Primary Shiro Filter for web applications configuring Shiro via Servlet <listener> in web.xml.
ShiroFilterConfiguration	Configuration for Shiro's root level servlet filter.
ShiroHttpServletRequest	A `ShiroHttpServletRequest` wraps the Servlet container's original `ServletRequest` instance, but ensures that all `HttpServletRequest` invocations that require Shiro's support (`getRemoteUser`, `getSession`, etc) can be executed first by Shiro as necessary before allowing the underlying Servlet container instance's method to be invoked.
ShiroHttpServletResponse	HttpServletResponse implementation to support URL Encoding of Shiro Session IDs.
ShiroHttpSession	Wrapper class that uses a Shiro `Session` under the hood for all session operations instead of the Servlet Container's session mechanism.
SimpleCookie	Default `Cookie` implementation.
SimpleNamedFilterList	Simple `NamedFilterList` implementation that is supported by a backing `List` instance and a simple `name` property.
SslFilter	Filter which requires a request to be over SSL.
UserFilter	Filter that allows access to resources if the accessor is a known user, which is defined as having a known principal.
UserTag	JSP tag that renders the tag body if the current user known to the system, either from a successful login attempt (not necessarily during the current session) or from 'RememberMe' services.
WebDelegatingSubject	Default `WebSubject` implementation that additional ensures the ability to retain a servlet request/response pair to be used by internal shiro components as necessary during the request execution.
WebEnvironment	A web-specific `Environment` instance, used in web applications.
WebIniSecurityManagerFactory	Deprecated. use Shiro's `Environment` mechanisms instead.
WebSecurityManager	This interface represents a `SecurityManager` implementation that can used in web-enabled applications.
WebSessionContext	A `WebSubjectContext` is a `SessionContext` that additionally provides for type-safe methods to set and retrieve a `ServletRequest` and `ServletResponse`, as the request/response pair will often need to be referenced during construction of web-initiated `Session` instances.
WebSessionKey	A `SessionKey` implementation that also retains the `ServletRequest` and `ServletResponse` associated with the web request that is performing the session lookup.
WebSessionManager	`SessionManager` specific to web-enabled applications.
WebSubject	A `WebSubject` represents a Subject instance that was acquired as a result of an incoming `ServletRequest`.
WebSubject.Builder	A `WebSubject.Builder` performs the same function as a `Subject.Builder`, but additionally ensures that the Servlet request/response pair that is triggering the Subject instance's creation is retained for use by internal Shiro components as necessary.
WebSubjectContext	A `WebSubjectContext` is a `SubjectContext` that additionally provides for type-safe methods to set and retrieve a `ServletRequest` and `ServletResponse`.
WebUtils	Simple utility class for operations used across multiple class hierarchies in the web framework code.