SecuritySupport (SeedStack API 18.11.3)

```
public interface SecuritySupport
```
Support for all security concerns. Retrieve connected user principals, get/check roles/permissions...

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`void`	`checkPermission(String permission)` Checks if the connected user has the given permission : if the user does not have the permission, throws an exception to block execution. The permission is given as a String in the form "object:action[:id]" (e.g.
`void`	`checkPermission(String permission, Scope... scopes)` Checks if the connected user has the given permission on the given scopes : if the user does not have the permission, throws an exception to block execution. The permission is given as a String in the form "object:action[:id]" (e.g.
`void`	`checkPermissions(String... permissions)` Checks if the connected user has the given permissions : if the user does not have all the permissions, throws an exception to block execution. The permissions are given as Strings in the form "object:action[:id]" (e.g.
`void`	`checkRole(String roleIdentifier)` Checks if the connected user has the given role : throws an exception otherwise. Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application.
`void`	`checkRoles(String... roleIdentifiers)` Checks if the connected user has all the given roles : throws an exception otherwise. Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application.
`String`	`getHost()` Returns the host name or IP string of the host of the connected user, or `null` if the host is unknown.
`PrincipalProvider<?>`	`getIdentityPrincipal()` Gets the principal provider that holds the user's identity.
`Collection<PrincipalProvider<?>>`	`getOtherPrincipals()` Retrieves all the PrincipalProviders containing the user's details.
`<T extends Serializable> Collection<PrincipalProvider<T>>`	`getPrincipalsByType(Class<T> principalClass)` Gets all the PrincipalProviders corresponding to a type of PrincipalProvider. For example, you can use this method to get the LDAPUser by calling : `getPrincipalsByType(LDAPUser.class)`. Then on the first element of the collection : `LDAPUser user = ldapUserPrincipalProvider.getPrincipal()`.
`Set<Role>`	`getRoles()` Gives the roles given to the user.
`SimplePrincipalProvider`	`getSimplePrincipalByName(String principalName)` Gets the SimplePrincipalProvider which name is provided.
`Collection<SimplePrincipalProvider>`	`getSimplePrincipals()` Gets the user's SimplePrincipalProviders. A `SimplePrincipalProvider` is a name/value principal.
`Set<SimpleScope>`	`getSimpleScopes()` Gives all the simple scopes of the user found in all its roles.
`boolean`	`hasAllRoles(String... roleIdentifiers)` Tells if the connected user has all of the given roles. Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application.
`boolean`	`hasAnyRole(String... roleIdentifiers)` Tells if the connected user has at least one of the given roles. Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application.
`boolean`	`hasRole(String roleIdentifier)` Tells if the connected user has the given role. Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application.
`boolean`	`hasRole(String roleIdentifier, Scope... scopes)` Tells if the connected user has the given role on all the given scopes. Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application.
`boolean`	`isAuthenticated()` Check if the current user is authenticated.
`boolean`	`isPermitted(String permission)` Tells if the connected user has the given permission. The permission is given as a String in the form "object:action[:id]" (e.g.
`boolean`	`isPermitted(String permission, Scope... scopes)` Tells if the connected user has the given permission on the given scopes. The permission is given as a String in the form "object:action[:id]" (e.g.
`boolean`	`isPermittedAll(String... permissions)` Tells if the connected user has all of the given permissions. The permissions are given as Strings in the form "object:action[:id]" (e.g.
`boolean`	`isPermittedAny(String... permissions)` Tells if the connected user has at least one of the given permissions. The permissions are given as Strings in the form "object:action[:id]" (e.g.
`boolean`	`isRemembered()` Checks if the current user has logged successfully on a previous session
`void`	`logout()` Logs out the connected user and invalidates and/or removes any associated entities, such as a Session and authorization data.

- Method Detail
  - getIdentityPrincipal
```
PrincipalProvider<?> getIdentityPrincipal()
```
    Gets the principal provider that holds the user's identity. The identity is just an Object; in most simple case, a String of the user's id.
    
    Returns:
    
    The principalProvider holding the identity. Not null, empty value if none.
  - getOtherPrincipals
```
Collection<PrincipalProvider<?>> getOtherPrincipals()
```
    Retrieves all the PrincipalProviders containing the user's details.
    
    Returns:
    
    A non-null collection of user's PrincipalProviders.
  - getPrincipalsByType
```
<T extends Serializable> Collection<PrincipalProvider<T>> getPrincipalsByType(Class<T> principalClass)
```
    Gets all the PrincipalProviders corresponding to a type of PrincipalProvider.
    
    For example, you can use this method to get the LDAPUser by calling :
    getPrincipalsByType(LDAPUser.class).
    
    Then on the first element of the collection :
    LDAPUser user = ldapUserPrincipalProvider.getPrincipal().
    
    Type Parameters:
    
    T - type of the principal
    
    Parameters:
    
    principalClass - the Principal type, not null
    
    Returns:
    
    A collection of the user's PrincipalProviders of type principalProviderClass. Not null.
    
    See Also:
    
    Principals.getPrincipalsByType(Collection, Class)
  - getSimplePrincipals
```
Collection<SimplePrincipalProvider> getSimplePrincipals()
```
    Gets the user's SimplePrincipalProviders.
    A SimplePrincipalProvider is a name/value principal. A list of common SimplePrincipalProviders names are found in class Principals.
    
    Returns:
    
    the list of the user's SimplePrincipalProviders. Not null
    
    See Also:
    
    Principals.getSimplePrincipals(Collection)
  - getSimplePrincipalByName
```
SimplePrincipalProvider getSimplePrincipalByName(String principalName)
```
    Gets the SimplePrincipalProvider which name is provided.
    
    Parameters:
    
    principalName - the name of the principal. Null returns null.
    
    Returns:
    
    the SimplePrincipalProvider identified by principalName. Null if none found.
    
    See Also:
    
    Principals.getSimplePrincipalByName(Collection, String)
  - isPermitted
```
boolean isPermitted(String permission)
```
    Tells if the connected user has the given permission.
    The permission is given as a String in the form "object:action[:id]" (e.g. door:open or document:print).
    
    Parameters:
    
    permission - the string permission to test. Not null
    
    Returns:
    
    true if user has the given permission, false otherwise.
  - isPermitted
```
boolean isPermitted(String permission,
                    Scope... scopes)
```
    Tells if the connected user has the given permission on the given scopes.
    The permission is given as a String in the form "object:action[:id]" (e.g. door:open or document:print).
    
    Parameters:
    
    permission - the string permission to test. Not null
    
    scopes - the scopes to verify the permission on. optional
    
    Returns:
    
    true if user has the given permission, false otherwise.
  - isPermittedAll
```
boolean isPermittedAll(String... permissions)
```
    Tells if the connected user has all of the given permissions.
    The permissions are given as Strings in the form "object:action[:id]" (e.g. door:open or document:print).
    
    Parameters:
    
    permissions - the string permissions to test. not null
    
    Returns:
    
    true if user has all the given permissions, false otherwise.
  - isPermittedAny
```
boolean isPermittedAny(String... permissions)
```
    Tells if the connected user has at least one of the given permissions.
    The permissions are given as Strings in the form "object:action[:id]" (e.g. door:open or document:print).
    
    Parameters:
    
    permissions - the string permissions to test. Not null
    
    Returns:
    
    true if user has at least one of the given permissions, false otherwise.
  - checkPermission
```
void checkPermission(String permission,
                     Scope... scopes)
```
    Checks if the connected user has the given permission on the given scopes : if the user does not have the permission, throws an exception to block execution.
    
    The permission is given as a String in the form "object:action[:id]" (e.g. door:open or document:print).
    
    Parameters:
    
    permission - the string permission to test. Not null.
    
    scopes - the scopes to verify the permission on. optional
    
    Throws:
    
    AuthorizationException - if the user does not have the permission.
  - checkPermission
```
void checkPermission(String permission)
```
    Checks if the connected user has the given permission : if the user does not have the permission, throws an exception to block execution.
    
    The permission is given as a String in the form "object:action[:id]" (e.g. door:open or document:print).
    
    Parameters:
    
    permission - the string permission to test. Not null.
    
    Throws:
    
    AuthorizationException - if the user does not have the permission.
  - checkPermissions
```
void checkPermissions(String... permissions)
```
    Checks if the connected user has the given permissions : if the user does not have all the permissions, throws an exception to block execution.
    
    The permissions are given as Strings in the form "object:action[:id]" (e.g. door:open or document:print).
    
    Parameters:
    
    permissions - the string permissions to test. Not null.
    
    Throws:
    
    AuthorizationException - if the user does not have all of the given permissions.
  - hasRole
```
boolean hasRole(String roleIdentifier,
                Scope... scopes)
```
    Tells if the connected user has the given role on all the given scopes.
    
    Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application. To ensure durability of your code, check permissions instead of roles.
    
    Parameters:
    
    roleIdentifier - the id of the role to test. Not null.
    
    scopes - the scopes to verify the role on. optional
    
    Returns:
    
    true if the user has the role, false otherwise.
  - hasRole
```
boolean hasRole(String roleIdentifier)
```
    Tells if the connected user has the given role.
    
    Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application. To ensure durability of your code, check permissions instead of roles.
    
    Parameters:
    
    roleIdentifier - the id of the role to test. Not null.
    
    Returns:
    
    true if the user has the role, false otherwise.
  - hasAllRoles
```
boolean hasAllRoles(String... roleIdentifiers)
```
    Tells if the connected user has all of the given roles.
    
    Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application. To ensure durability of your code, check permissions instead of roles.
    
    Parameters:
    
    roleIdentifiers - the names of the roles to test. Not null.
    
    Returns:
    
    true if the user has all the roles, false otherwise.
  - hasAnyRole
```
boolean hasAnyRole(String... roleIdentifiers)
```
    Tells if the connected user has at least one of the given roles.
    
    Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application. To ensure durability of your code, check permissions instead of roles.
    
    Parameters:
    
    roleIdentifiers - the names of the roles to test. Not null.
    
    Returns:
    
    true if the user has at least one of the roles, false otherwise.
  - checkRole
```
void checkRole(String roleIdentifier)
```
    Checks if the connected user has the given role : throws an exception otherwise.
    
    Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application. To ensure durability of your code, check permissions instead of roles.
    
    Parameters:
    
    roleIdentifier - the name of the role to check. Not null.
    
    Throws:
    
    AuthorizationException - if the user does not have the given role.
  - checkRoles
```
void checkRoles(String... roleIdentifiers)
```
    Checks if the connected user has all the given roles : throws an exception otherwise.
    
    Note that it is discouraged to test for roles in your application as role names are prone to change in the life span of your application. To ensure durability of your code, check permissions instead of roles.
    
    Parameters:
    
    roleIdentifiers - the name of the roles to check. Not null.
    
    Throws:
    
    AuthorizationException - if the user does not have all the given role.
  - getRoles
```
Set<Role> getRoles()
```
    Gives the roles given to the user. You can find all the scopes of a Role by calling role.getScopes() or the scopes of a specific type (like SimpleScope) by calling role.getScopesByType(SimpleScope.class)
    
    Returns:
    
    a Set of all the roles the user has. Not null, empty if none.
  - getSimpleScopes
```
Set<SimpleScope> getSimpleScopes()
```
    Gives all the simple scopes of the user found in all its roles.
    
    Returns:
    
    a Set of all the scopes.
  - logout
```
void logout()
```
    Logs out the connected user and invalidates and/or removes any associated entities, such as a Session and authorization data. After this method is called, the user is considered 'anonymous' and may continue to be used for another log-in if desired.
    Web Environment Warning
    Calling this method in web environments will usually remove any associated session cookie as part of session invalidation. Because cookies are part of the HTTP header, and headers can only be set before the response body (html, image, etc) is sent, this method in web environments must be called before any content has been rendered.
    The typical approach most applications use in this scenario is to redirect the user to a different location (e .g. home page) immediately after calling this method. This is an effect of the HTTP protocol itself and not a reflection of the implementation.
  - isAuthenticated
```
boolean isAuthenticated()
```
    Check if the current user is authenticated. Authenticated on Shiro means that subject has successfully logged in on the current session
    
    Returns:
    
    true if authenticated, false otherwise.
    
    See Also:
    
    isRemembered()
  - isRemembered
```
boolean isRemembered()
```
    Checks if the current user has logged successfully on a previous session
    
    Returns:
    
    true if remembered, false otherwise.
  - getHost
```
String getHost()
```
    Returns the host name or IP string of the host of the connected user, or null if the host is unknown.
    
    Returns:
    
    the host name or IP string of the host that originated this session, or null if the host address is unknown.

Interface SecuritySupport

Method Summary

Method Detail

getIdentityPrincipal

getOtherPrincipals

getPrincipalsByType

getSimplePrincipals

getSimplePrincipalByName

isPermitted

isPermitted

isPermittedAll

isPermittedAny

checkPermission

checkPermission

checkPermissions

hasRole

hasRole

hasAllRoles

hasAnyRole

checkRole

checkRoles

getRoles

getSimpleScopes

logout

Web Environment Warning

isAuthenticated

isRemembered

getHost