Since security concerns are an important part of good API documentation, it would be nice if the Shiro authorization annotations like @RequiresUser and @RequiresPermissions were included in standard Javadoc output.
For example, if a method in my application has this signature:
public Account getAccount()
It would be nice if the javadoc generated for my method included the fact that the @RequiresAuthentication annotation is present.
I believe this can be done by simply adding @java.lang.annotation.Documented to each of the Shiro annotation types. See:
As a point of reference, Spring annotations like @Transactional and @PreAuthorize do have the @java.lang.annotation.Documented annotation.