PermissionsAuthorizationFilter (Apache Shiro :: Web 1.12.0 API)

java.lang.Object
- org.apache.shiro.web.servlet.ServletContextSupport
- - org.apache.shiro.web.servlet.AbstractFilter
  - - org.apache.shiro.web.servlet.NameableFilter
    - - org.apache.shiro.web.servlet.OncePerRequestFilter
      - org.apache.shiro.web.servlet.AdviceFilter
        
        org.apache.shiro.web.filter.PathMatchingFilter
        
        org.apache.shiro.web.filter.AccessControlFilter
        
        org.apache.shiro.web.filter.authz.AuthorizationFilter
        
        org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter

All Implemented Interfaces:

javax.servlet.Filter, org.apache.shiro.util.Nameable, PathConfigProcessor

Direct Known Subclasses:

HttpMethodPermissionFilter
```
public class PermissionsAuthorizationFilter
extends AuthorizationFilter
```
Filter that allows access if the current user has the permissions specified by the mapped value, or denies access if the user does not have all of the permissions specified.

Since:

0.9

Field Summary
- Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter
  DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD
- Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter
  appliedPaths, pathMatcher
- Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
  ALREADY_FILTERED_SUFFIX
- Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
  filterConfig

Constructor Summary

Constructors
Constructor Description

PermissionsAuthorizationFilter()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)`	Returns `true` if the request is allowed to proceed through the filter normally, or `false` if the request should be handled by the `onAccessDenied(request,response,mappedValue)` method instead.

Methods inherited from class org.apache.shiro.web.filter.authz.AuthorizationFilter
getUnauthorizedUrl, onAccessDenied, setUnauthorizedUrl

Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter
getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl

Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter
getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig

Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle

Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, isFilterOncePerRequest, setEnabled, setFilterOncePerRequest, shouldNotFilter

Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder

Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig

Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - PermissionsAuthorizationFilter
```
public PermissionsAuthorizationFilter()
```
- Method Detail
  - isAccessAllowed
```
public boolean isAccessAllowed(javax.servlet.ServletRequest request,
                               javax.servlet.ServletResponse response,
                               Object mappedValue)
                        throws IOException
```
    Description copied from class: AccessControlFilter
    
    Returns true if the request is allowed to proceed through the filter normally, or false if the request should be handled by the onAccessDenied(request,response,mappedValue) method instead.
    
    Specified by:
    
    isAccessAllowed in class AccessControlFilter
    
    Parameters:
    
    request - the incoming ServletRequest
    
    response - the outgoing ServletResponse
    
    mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
    
    Returns:
    
    true if the request should proceed through the filter normally, false if the request should be processed by this filter's AccessControlFilter.onAccessDenied(ServletRequest,ServletResponse,Object) method instead.
    
    Throws:
    
    IOException