Returns all principals associated with the corresponding Subject. Each principal is an identifying piece of information useful to the application such as a username, or user id, a given name, etc - anything useful to the application to identify the current <code>Subject</code>. <p/> The returned PrincipalCollection should <em>not</em> contain any credentials used to verify principals, such as passwords, private keys, etc. Those should be instead returned by {@link #getCredentials() getCredentials()}.
Returns the credentials associated with the corresponding Subject. A credential verifies one or more of the {@link #getPrincipals() principals} associated with the Subject, such as a password or private key. Credentials are used by Shiro particularly during the authentication process to ensure that submitted credentials during a login attempt match exactly the credentials here in the <code>AuthenticationInfo</code> instance.
Returns the names of all roles assigned to a corresponding Subject.
Returns all string-based permissions assigned to the corresponding Subject. The permissions here plus those returned from {@link #getObjectPermissions() getObjectPermissions()} represent the total set of permissions assigned. The aggregate set is used to perform a permission authorization check. <p/> This method is a convenience mechanism that allows Realms to represent permissions as Strings if they choose. When performing a security check, a <code>Realm</code> usually converts these strings to object {@link Permission Permission}s via an internal {@link hunt.shiro.authz.permission.PermissionResolver PermissionResolver} in order to perform the actual permission check. This is not a requirement of course, since <code>Realm</code>s can perform security checks in whatever manner deemed necessary, but this explains the conversion mechanism that most Shiro Realms execute for string-based permission checks.
Returns all type-safe {@link Permission Permission}s assigned to the corresponding Subject. The permissions returned from this method plus any returned from {@link #getStringPermissions() getStringPermissions()} represent the total set of permissions. The aggregate set is used to perform a permission authorization check.
An <tt>Account</tt> is a convenience interface that : both {@link AuthenticationInfo} and {@link AuthorizationInfo} and represents authentication and authorization for a <em>single account</em> in a <em>single Realm</em>. <p/> This interface can be useful when a Realm implementation finds it more convenient to use a single object to encapsulate both the authentication and authorization information used by both authc and authz operations. <p/> <b>Please Note</b>: Since Shiro sometimes logs account operations, please ensure your Account's <code>toString()</code> implementation does <em>not</em> print out account credentials (password, etc), as these might be viewable to someone reading your logs. This is good practice anyway, and account principals should rarely (if ever) be printed out for any reason. If you're using Shiro's default implementations of this interface, they only ever print the account {@link #getPrincipals() principals}, so you do not need to do anything additional.
@see SimpleAccount @since 0.9