Below are a list of the different Shiro annotations you can use in your application.
-
RequiresAuthentication - Requires the current Subject to have been authenticated during their current session for the annotated class/instance/method to be accessed or invoked
-
RequiresGuest - Requires the current Subject to be a "guest", that is, they are not authenticated or remembered from a previous session for the annotated class/instance/method to be accessed or invoked.
-
RequiresPermissions - Requires the current executor's Subject to imply a particular permission in order to execute the annotated method. If the executor's associated Subject determines that the executor does not imply the specified permission, the method will not be executed.
-
RequiresRoles - Requires the currently executing Subject to have all of the specified roles. If they do not have the role(s), the method will not be executed and an AuthorizationException is thrown.
-
RequiresUser - Requires the current Subject to be an application user for the annotated class/instance/method to be accessed or invoked.