Package org.tynamo.security.services.impl

Class SecurityServiceImpl

java.lang.Object

org.tynamo.security.services.impl.SecurityServiceImpl

All Implemented Interfaces:

SecurityService

public class SecurityServiceImpl
extends Object
implements SecurityService

DOCUMENT ME!

See Also:

• SecurityService

Constructor Summary

Constructors

Constructor	Description
SecurityServiceImpl()

Method Summary

Modifier and Type	Method	Description
org.apache.shiro.subject.Subject	getSubject()
boolean	hasAllPermissions(String permissions)
boolean	hasAllRoles(String roles)
boolean	hasAnyPermissions(String permissions)
boolean	hasAnyRoles(String roles)	Return true if the current user has any of the roles specified.
boolean	hasPermission(String permission)
boolean	hasRole(String role)
<T> T	invokeWithSecurityDisabled(Callable<T> callable)	Temporarily disable security before invocation of Callable.
boolean	isAuthenticated()	Return true only if the current user has executed a successful authentication attempt during their current session.
boolean	isGuest()	Return true if the current user is not known to the system, either because they haven't logged in yet, or because they have no 'RememberMe' identity.
boolean	isLacksPermission(String permission)
boolean	isLacksRole(String role)
boolean	isNotAuthenticated()	Return true only if the current user has not executed a successful authentication attempt during their current session.
boolean	isUser()	Return true if the current user known to the system, either from a successful login attempt (not necessarily during the current session) or from 'RememberMe' services.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecurityServiceImpl

public SecurityServiceImpl()

Method Details

getSubject

public org.apache.shiro.subject.Subject getSubject()

Specified by:

getSubject in interface SecurityService

isAuthenticated

public boolean isAuthenticated()

Description copied from interface: SecurityService

Return true only if the current user has executed a successful authentication attempt during their current session.

This is more restrictive than the SecurityService.isUser(), which only ensures the current user is known to the system, either via a current login or from Remember Me services, which only makes the assumption that the current user is who they say they are, and does not guarantee it like this method does.

Specified by:

isAuthenticated in interface SecurityService

isNotAuthenticated

public boolean isNotAuthenticated()

Description copied from interface: SecurityService

Return true only if the current user has not executed a successful authentication attempt during their current session.

The logically opposite tag of this one is the SecurityService.isAuthenticated().

Specified by:

isNotAuthenticated in interface SecurityService

isUser

public boolean isUser()

Description copied from interface: SecurityService

Return true if the current user known to the system, either from a successful login attempt (not necessarily during the current session) or from 'RememberMe' services.

Note: This is less restrictive than the SecurityService.isAuthenticated() since it only assumes the user is who they say they are, either via a current session login or via Remember Me services, which makes no guarantee the user is who they say they are. The SecurityService.isAuthenticated() however guarantees that the current user has logged in during their current session, proving they really are who they say they are.

The logically opposite method of this one is the SecurityService.isGuest().

Specified by:

isUser in interface SecurityService

isGuest

public boolean isGuest()

Description copied from interface: SecurityService

Return true if the current user is not known to the system, either because they haven't logged in yet, or because they have no 'RememberMe' identity.

The logically opposite method of this one is the SecurityService.isUser(). Please read that class's JavaDoc as it explains more about the differences between Authenticated/Unauthenticated and User/Guest semantic differences.

Specified by:

isGuest in interface SecurityService

hasAnyRoles

public boolean hasAnyRoles(String roles)

Description copied from interface: SecurityService

Return true if the current user has any of the roles specified.

Specified by:

hasAnyRoles in interface SecurityService

hasAllRoles

public boolean hasAllRoles(String roles)

Specified by:

hasAllRoles in interface SecurityService

hasAllPermissions

public boolean hasAllPermissions(String permissions)

Specified by:

hasAllPermissions in interface SecurityService

hasAnyPermissions

public boolean hasAnyPermissions(String permissions)

Specified by:

hasAnyPermissions in interface SecurityService

hasPermission

public boolean hasPermission(String permission)

Specified by:

hasPermission in interface SecurityService

hasRole

public boolean hasRole(String role)

Specified by:

hasRole in interface SecurityService

isLacksPermission

public boolean isLacksPermission(String permission)

Specified by:

isLacksPermission in interface SecurityService

isLacksRole

public boolean isLacksRole(String role)

Specified by:

isLacksRole in interface SecurityService

invokeWithSecurityDisabled

public <T> T invokeWithSecurityDisabled(Callable<T> callable)
                                 throws Exception

Description copied from interface: SecurityService

Temporarily disable security before invocation of Callable.

Specified by:

invokeWithSecurityDisabled in interface SecurityService

Parameters:

callable - A callable that will be invoked with security disabled

Returns:

Throws:

Exception