Default no-argument constructor.
Creates a new instance with the specified roles and no permissions. @param roles the roles assigned to the realm account.
Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any direct permissions, a new permission collection (a Set<{@link Permission Permission}>) will be created automatically. @param permission the permission to add to those directly assigned to the account.
Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet have any object-based permissions, a new permissions collection (a Set<{@link Permission Permission}>) will be created automatically. @param permissions the permissions to add to those associated directly with the account.
Adds (assigns) a role to those associated with the account. If the account doesn't yet have any roles, a new roles collection (a Set) will be created automatically. @param role the role to add to those associated with the account.
Adds (assigns) multiple roles to those associated with the account. If the account doesn't yet have any roles, a new roles collection (a Set) will be created automatically. @param roles the roles to add to those associated with the account.
Adds (assigns) a permission to those directly associated with the account. If the account doesn't yet have any direct permissions, a new permission collection (a Set<string>) will be created automatically. @param permission the permission to add to those directly assigned to the account.
Adds (assigns) multiple permissions to those associated directly with the account. If the account doesn't yet have any string-based permissions, a new permissions collection (a Set<string>) will be created automatically. @param permissions the permissions to add to those associated directly with the account.
Sets the object-based permissions assigned directly to the account. The permissions set here, in addition to any {@link #getStringPermissions() string permissions} constitute the total permissions assigned directly to the account.
Sets the roles assigned to the account. @param roles the roles assigned to the account.
Sets the string-based permissions assigned directly to the account. The permissions set here, in addition to any {@link #getObjectPermissions() object permissions} constitute the total permissions assigned directly to the account.
Collection of all object-based permissions associated with the account.
The internal roles collection.
Collection of all string-based permissions associated with the account.
Returns the names of all roles assigned to a corresponding Subject.
Returns all string-based permissions assigned to the corresponding Subject. The permissions here plus those returned from {@link #getObjectPermissions() getObjectPermissions()} represent the total set of permissions assigned. The aggregate set is used to perform a permission authorization check. <p/> This method is a convenience mechanism that allows Realms to represent permissions as Strings if they choose. When performing a security check, a <code>Realm</code> usually converts these strings to object {@link Permission Permission}s via an internal {@link hunt.shiro.authz.permission.PermissionResolver PermissionResolver} in order to perform the actual permission check. This is not a requirement of course, since <code>Realm</code>s can perform security checks in whatever manner deemed necessary, but this explains the conversion mechanism that most Shiro Realms execute for string-based permission checks.
Returns all type-safe {@link Permission Permission}s assigned to the corresponding Subject. The permissions returned from this method plus any returned from {@link #getStringPermissions() getStringPermissions()} represent the total set of permissions. The aggregate set is used to perform a permission authorization check.
Simple POJO implementation of the {@link AuthorizationInfo} interface that stores roles and permissions as internal attributes.
@see hunt.shiro.realm.AuthorizingRealm