hunt.shiro.authz.annotation.RequiresUser

Undocumented in source.

Members

Interfaces

RequiresUser
interface RequiresUser

Requires the current Subject to be an application <em>user</em> for the annotated class/instance/method to be accessed or invoked. This is <em>less</em> restrictive than the {@link RequiresAuthentication RequiresAuthentication} annotation. <p/> Shiro defines a &quot;user&quot; as a Subject that is either &quot;remembered&quot; <b><em>or</em></b> authenticated: <ul> <li>An <b>authenticated</b> user is a Subject that has successfully logged in (proven their identity) <em>during their current session</em>.</li> <li>A <b>remembered</b> user is any Subject that has proven their identity at least once, although not necessarily during their current session, and asked the system to remember them.</li> </ul> <p/> See the {@link hunt.shiro.authc.RememberMeAuthenticationToken RememberMeAuthenticationToken} JavaDoc for an explanation of why these two states are considered different.

Meta