You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by bd...@apache.org on 2016/10/24 14:33:53 UTC
svn commit: r1766414 [4/16] - /shiro/site/publish/
Modified: shiro/site/publish/banner.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/banner.html?rev=1766414&r1=1766413&r2=1766414&view=diff
==============================================================================
--- shiro/site/publish/banner.html (original)
+++ shiro/site/publish/banner.html Mon Oct 24 14:33:52 2016
@@ -78,10 +78,36 @@
<div id="content">
- <div id="asf_logo">
-<a style="float:right; width:210px;display:block;text-indent:-5000px;text-decoration:none;line-height:60px; margin-top:15px; margin-right:10px;" href="http://www.apache.org" title="The Apache Software Foundation" float:right="float:right" width:_210pxdisplayblocktext-indent-5000pxtext-decorationnoneline-height60px="width:_210pxdisplayblocktext-indent-5000pxtext-decorationnoneline-height60px" margin-top:_15px="margin-top:_15px" margin-right:_10px="margin-right:_10px">ASF</a>
+ <p>This page has been moved. You are being redirected.</p>
+
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Redirection Notice</b>
+ <br clear="none">
+ This page should redirect to <a href="index.html" title="Main Page">Main Page</a>.
+ </td>
+ </tr>
+ </tbody>
+ </table>
</div>
+<script type="text/javascript">
+ <!--
+ window.location = "index.html"
+ //-->
+</script>
+
</div>
Modified: shiro/site/publish/cachemanager.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/cachemanager.html?rev=1766414&r1=1766413&r2=1766414&view=diff
==============================================================================
--- shiro/site/publish/cachemanager.html (original)
+++ shiro/site/publish/cachemanager.html Mon Oct 24 14:33:52 2016
@@ -78,38 +78,34 @@
<div id="content">
- <p>Shiro has three important cache interfaces:</p>
-
-<ul><li><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/CacheManager.html">CacheManager</a></tt></li><li><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/Cache.html">Cache</a></tt></li><li><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/CacheManagerAware.html">CacheManagerAware</a></tt></li></ul>
-
-<p>A <tt>CacheManager</tt> returns <tt>Cache</tt> instances and various Shiro components use those <tt>Cache</tt> instances to cache data as necessary. Any Shiro<br clear="none">
-component that implements <tt>CacheManager</tt> will automatically receive a configured <tt>CacheManager</tt>, where it can be used to acquire <tt>Cache</tt> instances.</p>
-
-<p>The Shiro <a href="securitymanager.html" title="SecurityManager">SecurityManager</a> implementations and all <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html">AuthorizingRealm</a></tt> implementations implement CacheManagerAware. If you set the <tt>CacheManager</tt> on the <tt>SecurityManager</tt>, it will in turn set it on the various Realms that implement CacheManagerAware as well (OO delegation). For example, in shiro.ini:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeHeader panelHeader" style="border-bottom-width: 1px;"><b>example shiro.ini CacheManger configuration</b></div><div class="codeContent panelContent">
-<pre class="code-java">
-
-securityManager.realms = $myRealm1, $myRealm2, ..., $myRealmN
+ <h1><a href="#cache-manger" name="cache-manger">Cache Manger</a></h1>
+<p>Shiro has three important cache interfaces:</p>
+<ul>
+ <li>
+ <p><a href="static/current/apidocs/org/apache/shiro/cache/CacheManager.html"><code>CacheManager</code></a></p></li>
+ <li>
+ <p><a href="static/current/apidocs/org/apache/shiro/cache/Cache.html"><code>Cache</code></a></p></li>
+ <li>
+ <p><a href="static/current/apidocs/org/apache/shiro/cache/CacheManagerAware.html"><code>CacheManagerAware</code></a></p></li>
+</ul>
+<p>A <code>CacheManager</code> returns <code>Cache</code> instances and various Shiro components use those <code>Cache<</code> instances to cache data as necessary. Any Shiro<br clear="none"><br/>component that implements <code>CacheManager</code> will automatically receive a configured <code>CacheManager</code>, where it can be used to acquire <code>Cache</code> instances.</p>
+<p>The Shiro <a href="securitymanager.html"><code>SecurityManager</code></a> implementations and all <a href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html"><code>AuthorizingRealm</code></a> implementations implement CacheManagerAware. If you set the <code>CacheManager</code> on the <code>SecurityManager</code>, it will in turn set it on the various Realms that implement CacheManagerAware as well (OO delegation). For example, in shiro.ini:</p>
+<p><strong>example shiro.ini CacheManger configuration</strong></p>
+<pre><code class="ini"><br/>securityManager.realms = $myRealm1, $myRealm2, ..., $myRealmN
...
cacheManager = my.implementation.of.CacheManager
...
securityManager.cacheManager = $cacheManager
-# at <span class="code-keyword">this</span> point, the securityManager and all CacheManagerAware
+# at this point, the securityManager and all CacheManagerAware
# realms have been set with the cacheManager instance
-</pre>
-</div></div>
-
-<p>We have an out-of-the-box <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/ehcache/EhCacheManager.html">EhCacheManager</a></tt> implementation, so you can use that today if you wanted. Otherwise, you can implement your own <tt>CacheManager</tt> (e.g. with Coherence, etc) and configure it as above, and you'll be good to go.</p>
-
-<h3><a name="CacheManager-AuthorizationCacheInvalidation"></a>Authorization Cache Invalidation</h3>
-
-<p>Finally note that <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html">AuthorizingRealm</a></tt> has a {{<a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html#clearCachedAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">clearCachedAuthorizationInfo method</a> that can be called by subclasses to evict the cached authzInfo for a particular account. It is usually called by custom logic if the corresponding account's authz data has changed (to ensure the next authz check will pick up the new data).</p>
-
-<h2><a name="CacheManager-Lendahandwithdocumentation"></a>Lend a hand with documentation </h2>
-
-<p>While we hope this documentation helps you with the work you're doing with Apache Shiro, the community is improving and expanding the documentation all the time. If you'd like to help the Shiro project, please consider corrected, expanding, or adding documentation where you see a need. Every little bit of help you provide expands the community and in turn improves Shiro. </p>
-
+</code></pre>
+<p>We have an out-of-the-box <a href="static/current/apidocs/org/apache/shiro/cache/ehcache/EhCacheManager.html"><code>EhCacheManager</code></a> implementation, so you can use that today if you wanted. Otherwise, you can implement your own <code>CacheManager</code> (e.g. with Coherence, etc) and configure it as above, and you’ll be good to go.</p>
+<a name="CacheManager-AuthorizationCacheInvalidation"></a>
+<h3><a href="#authorization-cache-invalidation" name="authorization-cache-invalidation">Authorization Cache Invalidation</a></h3>
+<p>Finally note that <a href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html"><code>AuthorizingRealm</code></a> has a <a href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html#clearCachedAuthorizationInfo%28org.apache.shiro.subject.PrincipalCollection%29"><code>clearCachedAuthorizationInfo</code></a> method that can be called by subclasses to evict the cached authzInfo for a particular account. It is usually called by custom logic if the corresponding account’s authz data has changed (to ensure the next authz check will pick up the new data).</p>
+<a name="CacheManager-Lendahandwithdocumentation"></a>
+<h3><a href="#lend-a-hand-with-documentation" name="lend-a-hand-with-documentation">Lend a hand with documentation</a></h3>
+<p>While we hope this documentation helps you with the work you’re doing with Apache Shiro, the community is improving and expanding the documentation all the time. If you’d like to help the Shiro project, please consider corrected, expanding, or adding documentation where you see a need. Every little bit of help you provide expands the community and in turn improves Shiro.</p>
<p>The easiest way to contribute your documentation is to send it to the <a class="external-link" href="http://shiro-user.582556.n2.nabble.com/" rel="nofollow">User Forum</a> or the <a href="mailing-lists.html" title="Mailing Lists">User Mailing List</a>.</p>
</div>
Modified: shiro/site/publish/caching.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/caching.html?rev=1766414&r1=1766413&r2=1766414&view=diff
==============================================================================
--- shiro/site/publish/caching.html (original)
+++ shiro/site/publish/caching.html Mon Oct 24 14:33:52 2016
@@ -78,69 +78,52 @@
<div id="content">
- <h1><a name="Caching-Caching"></a>Caching</h1>
-
-<p>The Shiro development team understands performance is critical in many applications. Caching is a first class feature built into Shiro from day one to ensure that security operations remain as fast as possible.</p>
-
-<p>However, while Caching as a concept is a fundamental part of Shiro, implementing a full Cache mechanism would be outside the core competency of a security framework. To that end, Shiro's cache support is basically an abstraction (wrapper) API that will 'sit' on top of an underlying production Cache mechanism (e.g. Hazelcast, Ehcache, OSCache, Terracotta, Coherence, GigaSpaces, JBossCache, etc). This allows a Shiro end-user to configure any cache mechanism they prefer.</p>
-
-<h2><a name="Caching-CachingAPI"></a>Caching API</h2>
-
+ <a name="Caching-Caching"></a>
+<h1><a href="#caching" name="caching">Caching</a></h1>
+<p>The Shiro development team understands performance is critical in many applications. Caching is a first class feature built into Shiro from day one to ensure that security operations remain as fast as possible.</p>
+<p>However, while Caching as a concept is a fundamental part of Shiro, implementing a full Cache mechanism would be outside the core competency of a security framework. To that end, Shiro’s cache support is basically an abstraction (wrapper) API that will ‘sit’ on top of an underlying production Cache mechanism (e.g. Hazelcast, Ehcache, OSCache, Terracotta, Coherence, GigaSpaces, JBossCache, etc). This allows a Shiro end-user to configure any cache mechanism they prefer.</p>
+<a name="Caching-CachingAPI"></a>
+<h2><a href="#caching-api" name="caching-api">Caching API</a></h2>
<p>Shiro has three important cache interfaces:</p>
-
-<ul><li><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/CacheManager.html">CacheManager</a></tt> - The primary Manager component for all caching, it returns <tt>Cache</tt> instances.</li><li><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/Cache.html">Cache</a></tt> - Maintains key/value pairs</li><li><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/CacheManagerAware.html">CacheManagerAware</a></tt> - Implemented by components wishing to receive and use a CacheManager instance</li></ul>
-
-
-<p>A <tt>CacheManager</tt> returns <tt>Cache</tt> instances and various Shiro components use those <tt>Cache</tt> instances to cache data as necessary. Any Shiro<br clear="none">
-component that implements <tt>CacheManagerAware</tt> will automatically receive a configured <tt>CacheManager</tt>, where it can be used to acquire <tt>Cache</tt> instances.</p>
-
-<p>The Shiro <a href="securitymanager.html" title="SecurityManager">SecurityManager</a> implementations and all <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/AuthenticatingRealm.html">AuthenticatingRealm</a></tt> and <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html">AuthorizingRealm</a></tt> implementations implement CacheManagerAware. If you set the <tt>CacheManager</tt> on the <tt>SecurityManager</tt>, it will in turn set it on the various Realms that implement CacheManagerAware as well (OO delegation). For example, in shiro.ini:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeHeader panelHeader" style="border-bottom-width: 1px;"><b>example shiro.ini CacheManger configuration</b></div><div class="codeContent panelContent">
-<pre class="code-java">
-securityManager.realms = $myRealm1, $myRealm2, ..., $myRealmN
+<ul>
+ <li><a href="static/current/apidocs/org/apache/shiro/cache/CacheManager.html"><code>CacheManager</code></a> - The primary Manager component for all caching, it returns <code>Cache</code> instances.</li>
+ <li><a href="static/current/apidocs/org/apache/shiro/cache/Cache.html"><code>Cache</code></a> - Maintains key/value pairs</li>
+ <li><a href="static/current/apidocs/org/apache/shiro/cache/CacheManagerAware.html"><code>CacheManagerAware</code></a> - Implemented by components wishing to receive and use a CacheManager instance</li>
+</ul>
+<p>A <code>CacheManager</code> returns <code>Cache</code> instances and various Shiro components use those <code>Cache</code> instances to cache data as necessary. Any Shiro<br/>component that implements <code>CacheManagerAware</code> will automatically receive a configured <code>CacheManager</code>, where it can be used to acquire <code>Cache</code> instances.</p>
+<p>The Shiro <a href="securitymanager.html" title="SecurityManager">SecurityManager</a> implementations and all <a href="static/current/apidocs/org/apache/shiro/realm/AuthenticatingRealm.html"><code>AuthenticatingRealm</code></a> and <a href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html"><code>AuthorizingRealm</code></a> implementations implement CacheManagerAware. If you set the <code>CacheManager</code> on the <code>SecurityManager</code>, it will in turn set it on the various Realms that implement CacheManagerAware as well (OO delegation). For example, in shiro.ini:</p>
+<p><strong>example shiro.ini CacheManger configuration</strong></p>
+<pre><code class="ini">securityManager.realms = $myRealm1, $myRealm2, ..., $myRealmN
...
cacheManager = my.implementation.of.CacheManager
...
securityManager.cacheManager = $cacheManager
-# at <span class="code-keyword">this</span> point, the securityManager and all CacheManagerAware
+# at this point, the securityManager and all CacheManagerAware
# realms have been set with the cacheManager instance
-</pre>
-</div></div>
-
-<h2><a name="Caching-CacheManagerImplementations"></a>CacheManager Implementations</h2>
-
-<p>Shiro provides a number of out-of-the-box <tt>CacheManager</tt> implementations that you might find useful instead of implementing your own.</p>
-
-<h3><a name="Caching-%7B%7BMemoryConstrainedCacheManager%7D%7D"></a><tt>MemoryConstrainedCacheManager</tt></h3>
-
-<p>The <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/MemoryConstrainedCacheManager.html">MemoryConstrainedCacheManager</a></tt> is a <tt>CacheManager</tt> implementation suitable for single-JVM production environments. It is not clustered/distributed, so if your application spans across more than one JVM (e.g. web app running on multiple web servers), and you want cache entries to be accessible across JVMs, you will need to use a distributed cache implementation instead.</p>
-
-<p>The <tt>MemoryConstrainedCacheManager</tt> manages <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/MapCache.html">MapCache</a></tt> instances, one <tt>MapCache</tt> instance per named cache. Each <tt>MapCache</tt> instance is backed by a Shiro <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/util/SoftHashMap.html">SoftHashMap</a></tt> which can auto-resize itself based on an application's runtime memory constraints/needs (by leveraging JDK <tt><a class="external-link" href="https://docs.oracle.com/javase/7/docs/api/java/lang/ref/SoftReference.html" rel="nofollow">SoftReference</a></tt> instances).</p>
-
-<p>Because the <tt>MemoryConstrainedCacheManager</tt> can auto-resize itself based on an application's memory profile, it is safe to use in a single-JVM production application as well as for testing needs. However, it does not have more advanced features suche as cache entry Time-to-Live or Time-to-Expire settings. For these more advanced cache management features, you'll likely want to use one of the more advanced <tt>CacheManager</tt> offerings below.</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeHeader panelHeader" style="border-bottom-width: 1px;"><b>MemoryConstrainedCacheManger shiro.ini configuration example</b></div><div class="codeContent panelContent">
-<pre class="code-java">
-
-...
+</code></pre>
+<a name="Caching-CacheManagerImplementations"></a>
+<h2><a href="#cachemanager-implementations" name="cachemanager-implementations">CacheManager Implementations</a></h2>
+<p>Shiro provides a number of out-of-the-box <code>CacheManager</code> implementations that you might find useful instead of implementing your own.</p>
+<a name="Caching-%7B%7BMemoryConstrainedCacheManager%7D%7D"></a>
+<h3><a href="#memoryconstrainedcachemanager" name="memoryconstrainedcachemanager">MemoryConstrainedCacheManager</a></h3>
+<p>The <a href="static/current/apidocs/org/apache/shiro/cache/MemoryConstrainedCacheManager.html"><code>MemoryConstrainedCacheManager</code></a> is a <code>CacheManager</code> implementation suitable for single-JVM production environments. It is not clustered/distributed, so if your application spans across more than one JVM (e.g. web app running on multiple web servers), and you want cache entries to be accessible across JVMs, you will need to use a distributed cache implementation instead.</p>
+<p>The <code>MemoryConstrainedCacheManager</code> manages <a href="static/current/apidocs/org/apache/shiro/cache/MapCache.html"><code>MapCache</code></a> instances, one <code>MapCache</code> instance per named cache. Each <code>MapCache</code> instance is backed by a Shiro <a href="static/current/apidocs/org/apache/shiro/util/SoftHashMap.html"><code>SoftHashMap</code></a> which can auto-resize itself based on an application’s runtime memory constraints/needs (by leveraging JDK <a href="https://docs.oracle.com/javase/7/docs/api/java/lang/ref/SoftReference.html"><code>SoftReference</code></a> instances).</p>
+<p>Because the <code>MemoryConstrainedCacheManager</code> can auto-resize itself based on an application’s memory profile, it is safe to use in a single-JVM production application as well as for testing needs. However, it does not have more advanced features suche as cache entry Time-to-Live or Time-to-Expire settings. For these more advanced cache management features, you’ll likely want to use one of the more advanced <code>CacheManager</code> offerings below.</p>
+<p><strong>MemoryConstrainedCacheManger shiro.ini configuration example</strong></p>
+<pre><code class="ini">...
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
...
securityManager.cacheManager = $cacheManager
-</pre>
-</div></div>
-
-<h3><a name="Caching-%7B%7BHazelcastCacheManager%7D%7D"></a><tt>HazelcastCacheManager</tt></h3>
-
+</code></pre>
+<a name="Caching-%7B%7BHazelcastCacheManager%7D%7D"></a>
+<h3><a href="#hazelcastcachemanager" name="hazelcastcachemanager">HazelcastCacheManager</a></h3>
<p>TBD</p>
-
-<h3><a name="Caching-%7B%7BEhCacheManager%7D%7D"></a><tt>EhCacheManager</tt></h3>
-
+<a name="Caching-%7B%7BEhCacheManager%7D%7D"></a>
+<h3><a href="#ehcachemanager" name="ehcachemanager">EhCacheManager</a></h3>
<p>TBD</p>
-
-<h2><a name="Caching-AuthorizationCacheInvalidation"></a>Authorization Cache Invalidation</h2>
-
-<p>Finally note that <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html">AuthorizingRealm</a></tt> has a <a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html#clearCachedAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)">clearCachedAuthorizationInfo method</a> that can be called by subclasses to evict the cached authzInfo for a particular account. It is usually called by custom logic if the corresponding account's authz data has changed (to ensure the next authz check will pick up the new data).</p>
+<a name="Caching-AuthorizationCacheInvalidation"></a>
+<h2><a href="#authorization-cache-invalidation" name="authorization-cache-invalidation">Authorization Cache Invalidation</a></h2>
+<p>Finally note that <a href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html"><code>AuthorizingRealm</code></a> has a <a href="static/current/apidocs/org/apache/shiro/realm/AuthorizingRealm.html#clearCachedAuthorizationInfo-org.apache.shiro.subject.PrincipalCollection-">clearCachedAuthorizationInfo method</a> that can be called by subclasses to evict the cached authzInfo for a particular account. It is usually called by custom logic if the corresponding account’s authz data has changed (to ensure the next authz check will pick up the new data).</p>
</div>
Modified: shiro/site/publish/cas.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/cas.html?rev=1766414&r1=1766413&r2=1766414&view=diff
==============================================================================
--- shiro/site/publish/cas.html (original)
+++ shiro/site/publish/cas.html Mon Oct 24 14:33:52 2016
@@ -78,189 +78,174 @@
<div id="content">
- <h1><a name="CAS-IntegratingApacheShirowithCASSSOserver"></a>Integrating Apache Shiro with CAS SSO server</h1>
-
-<div class="warning">
- <span>NOTE:</span>
- Shiro-CAS support is deprecated, support has been moved to the Apache Shiro based <a href="https://github.com/bujiio/buji-pac4j">buji-pac4j</a> project.
+ <a name="CAS-IntegratingApacheShirowithCASSSOserver"></a>
+<h1><a href="#integrating-apache-shiro-with-cas-sso-server" name="integrating-apache-shiro-with-cas-sso-server">Integrating Apache Shiro with CAS SSO server</a></h1>
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>NOTE:</b>
+ <br clear="none">
+ Shiro-CAS support is deprecated, support has been moved to the Apache Shiro based <a href="https://github.com/bujiio/buji-pac4j">buji-pac4j</a> project.
+ </td>
+ </tr>
+ </tbody>
+ </table>
</div>
-
-<table align="right" width="275" style="margin-left: 20px; margin-bottom: 20px; border-style: solid; border-width: 2px; border-color: navy" cellpadding="10px">
-
-<tr>
-<td>
+<table align="right" width="275" style="margin-left: 20px; margin-bottom: 20px; border-style: solid; border-width: 2px; border-color: navy" cellpadding="10px"><tbody><tr><td>
<div id="border">
- <h2>Related Content</h2>
+ <h2>Related Content</h2>
<h3><a href="web-features.html">Web Apps with Shiro</a></h3>
- <p>Learn more about integrating Shiro into web applications. </br><span style="font-size:11"><a href="web-features.html">Read More >></a></span></p>
+ <p>Learn more about integrating Shiro into web applications. <br><span style="font-size:11"><a href="web-features.html">Read More >></a></span></p>
</div>
-</td>
-</tr>
-</table>
-
-
-<p>The <em>shiro-cas</em> module is made to protect a web application with a <a class="external-link" href="https://wiki.jasig.org/display/CAS/Home" rel="nofollow">Jasig CAS</a> SSO server. It enables a Shiro-enabled application to be a CAS client.</p>
-
-<h2><a name="CAS-BasicunderstandingoftheCASprotocol"></a>Basic understanding of the CAS protocol</h2>
-
-<p>1. If you want to access an application protected by a CAS client and if you are not authenticated in this application, you are redirected by the CAS client to the CAS server login page. A service parameter in the CAS login url defines the application the user wants to login.</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">http:<span class="code-comment">//application.examples.com/<span class="code-keyword">protected</span>/index.jsp → HTTP 302
-</span>→ https:<span class="code-comment">//server.cas.com/login?service=http://application.examples.com/shiro-cas</span></pre>
-</div></div>
-
-<p>2. You fill the login and password and authenticate in CAS server which then redirects the user to the application (the service url) with a service ticket in url. The service ticket is a short-lived one-time-use token redeemable at the CAS server for a user identifier (and optionally, user attributes).</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">https:<span class="code-comment">//server.cas.com/login?service=http://application.examples.com/shiro-cas → HTTP 302
-</span>→ http:<span class="code-comment">//application.examples.com/shiro-cas?ticket=ST-4545454542121-cas</span></pre>
-</div></div>
-
-<p>3. The application asks directly the CAS server if the service ticket is valid and the CAS server responds by the identity of the authenticated user. Generally, the CAS client forwards the user to the originally called protected page.</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">http:<span class="code-comment">//application.examples.com/shiro-cas?ticket=ST-4545454542121-cas → HTTP 302
-</span>→ http:<span class="code-comment">//application.examples.com/<span class="code-keyword">protected</span>/index.jsp</span></pre>
-</div></div>
-
-
-<h2><a name="CAS-HowtoconfigureshirotoworkwithCASserver%3F"></a>How to configure shiro to work with CAS server ?</h2>
-
-<h3><a name="CAS-Dependency"></a>Dependency</h3>
-
+</td></tr></tbody></table>
+<p>The <em>shiro-cas</em> module is made to protect a web application with a <a href="https://wiki.jasig.org/display/CAS/Home">Jasig CAS</a> SSO server. It enables a Shiro-enabled application to be a CAS client.</p>
+<a name="CAS-BasicunderstandingoftheCASprotocol"></a>
+<h2><a href="#basic-understanding-of-the-cas-protocol" name="basic-understanding-of-the-cas-protocol">Basic understanding of the CAS protocol</a></h2>
+<ol>
+ <li>If you want to access an application protected by a CAS client and if you are not authenticated in this application, you are redirected by the CAS client to the CAS server login page. A service parameter in the CAS login url defines the application the user wants to login.</li>
+</ol>
+<pre><code class="nohighlight">http://application.examples.com/protected/index.jsp → HTTP 302 → https://server.cas.com/login?service=http://application.examples.com/shiro-cas
+</code></pre>
+<ol>
+ <li>You fill the login and password and authenticate in CAS server which then redirects the user to the application (the service url) with a service ticket in url. The service ticket is a short-lived one-time-use token redeemable at the CAS server for a user identifier (and optionally, user attributes).</li>
+</ol>
+<pre><code class="nohighlight">https://server.cas.com/login?service=http://application.examples.com/shiro-cas → HTTP 302 → http://application.examples.com/shiro-cas?ticket=ST-4545454542121-cas
+</code></pre>
+<ol>
+ <li>The application asks directly the CAS server if the service ticket is valid and the CAS server responds by the identity of the authenticated user. Generally, the CAS client forwards the user to the originally called protected page.</li>
+</ol>
+<pre><code class="nohighlight">http://application.examples.com/shiro-cas?ticket=ST-4545454542121-cas → HTTP 302 → http://application.examples.com/protected/index.jsp
+</code></pre>
+<a name="CAS-HowtoconfigureshirotoworkwithCASserver%3F"></a>
+<h2><a href="#how-to-configure-shiro-to-work-with-cas-server-" name="how-to-configure-shiro-to-work-with-cas-server-">How to configure shiro to work with CAS server ?</a></h2>
+<a name="CAS-Dependency"></a>
+<h3><a href="#dependency" name="dependency">Dependency</a></h3>
<p>You need to add the <em>shiro-cas</em> Maven dependency in your application :</p>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag"><dependency></span>
- <span class="code-tag"><groupId></span>org.apache.shiro<span class="code-tag"></groupId></span>
- <span class="code-tag"><artifactId></span>shiro-cas<span class="code-tag"></artifactId></span>
- <span class="code-tag"><version></span>version<span class="code-tag"></version></span>
-<span class="code-tag"></dependency></span></pre>
-</div></div>
-<p>(<em>version</em> >= 1.2.0).</p>
-
-<h3><a name="CAS-CasFilter"></a>CasFilter</h3>
-
-<p>You have to define the service url of your application (which has to be declared also in the CAS server). This url will be used to receive CAS service ticket. For example : <a class="external-link" href="http://application.examples.com/shiro-cas" rel="nofollow">http://application.examples.com/shiro-cas</a></p>
-
-<p>In your shiro configuration, you have to define the <tt>CasFilter</tt> :</p>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">[main]
+<pre><code class="xml"><dependency>
+ <groupId>org.apache.shiro</groupId>
+ <artifactId>shiro-cas</artifactId>
+ <version>version</version>
+</dependency>
+</code></pre>
+<p>(_version_ >= 1.2.0).</p>
+<a name="CAS-CasFilter"></a>
+<h3><a href="#casfilter" name="casfilter">CasFilter</a></h3>
+<p>You have to define the service url of your application (which has to be declared also in the CAS server). This url will be used to receive CAS service ticket. For example : <a href="http://application.examples.com/shiro-cas">http://application.examples.com/shiro-cas</a></p>
+<p>In your shiro configuration, you have to define the <tt>CasFilter</tt> :</p>
+<pre><code class="ini">[main]
casFilter = org.apache.shiro.cas.CasFilter
-casFilter.failureUrl = /error.jsp</pre>
-</div></div>
+casFilter.failureUrl = /error.jsp
+</code></pre>
<p>(the failure url is called when the service ticket validation fails).</p>
-
-<p>And the url on which it is available :</p>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">[urls]
-/shiro-cas = casFilter</pre>
-</div></div>
-
-<p>This way, when the user is redirected to the application service url (<em>/shiro-cas</em>) by the CAS server with a valid service ticket (after authentication), this filter receives the service ticket and creates a <tt>CasToken</tt> which can be used by the <tt>CasRealm</tt>.</p>
-
-<h3><a name="CAS-CasRealm"></a>CasRealm</h3>
-
+<p>And the url on which it is available :</p>
+<pre><code class="ini">[urls]
+/shiro-cas = casFilter
+</code></pre>
+<p>This way, when the user is redirected to the application service url (_/shiro-cas_) by the CAS server with a valid service ticket (after authentication), this filter receives the service ticket and creates a <tt>CasToken</tt> which can be used by the <tt>CasRealm</tt>.</p>
+<a name="CAS-CasRealm"></a>
+<h3><a href="#casrealm" name="casrealm">CasRealm</a></h3>
<p>The <tt>CasRealm</tt> uses the <tt>CasToken</tt> created by the <tt>CasFilter</tt> to authenticate the user by validating the CAS service ticket against the CAS server.</p>
-
-<p>In your shiro configuration, you have to add the <tt>CasRealm</tt> :</p>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">[main]
+<p>In your shiro configuration, you have to add the <tt>CasRealm</tt> :</p>
+<pre><code class="ini">[main]
casRealm = org.apache.shiro.cas.CasRealm
casRealm.defaultRoles = ROLE_USER
#casRealm.defaultPermissions
#casRealm.roleAttributeNames
#casRealm.permissionAttributeNames
#casRealm.validationProtocol = SAML
-casRealm.casServerUrlPrefix = https:<span class="code-comment">//server.cas.com/
-</span>casRealm.casService = http:<span class="code-comment">//application.examples.com/shiro-cas</span></pre>
-</div></div>
-
-<p>The <em>casServerUrlPrefix</em> is the url of the CAS server (for example : <a class="external-link" href="https://server.cas.com" rel="nofollow">https://server.cas.com</a>).<br clear="none">
-The <em>casService</em> is the application service url, the url on wich the application receives CAS service ticket (for example : <a class="external-link" href="http://application.examples.com/shiro-cas" rel="nofollow">http://application.examples.com/shiro-cas</a>).<br clear="none">
-The <em>validationProcol</em> can be SAML or CAS (default) : attributes and remember me information are only pushed throught the SAML validation procotol (except specific customizations). It depends on the version of the CAS server : SAML protocol can be used with CAS server version >= 3.1.</p>
-<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.png" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1">If you choose SAML validation, you need some more specific dependencies :</td></tr></table></div>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-xml">
-<span class="code-tag"><dependency></span>
- <span class="code-tag"><groupId></span>commons-codec<span class="code-tag"></groupId></span>
- <span class="code-tag"><artifactId></span>commons-codec<span class="code-tag"></artifactId></span>
-<span class="code-tag"></dependency></span>
-<span class="code-tag"><dependency></span>
- <span class="code-tag"><groupId></span>org.opensaml<span class="code-tag"></groupId></span>
- <span class="code-tag"><artifactId></span>opensaml<span class="code-tag"></artifactId></span>
- <span class="code-tag"><version></span>1.1<span class="code-tag"></version></span>
-<span class="code-tag"></dependency></span>
-<span class="code-tag"><dependency></span>
- <span class="code-tag"><groupId></span>org.apache.santuario<span class="code-tag"></groupId></span>
- <span class="code-tag"><artifactId></span>xmlsec<span class="code-tag"></artifactId></span>
- <span class="code-tag"><version></span>1.4.3<span class="code-tag"></version></span>
-<span class="code-tag"></dependency></span></pre>
-</div></div>
-<p>The <em>defaultRoles</em> is the default roles given to the authenticated user after CAS authentication success.<br clear="none">
-The <em>defaultPermissions</em> is the default permissions given to the authenticated user after CAS authentication success.<br clear="none">
-The <em>roleAttributeNames</em> defines the names of the attributes received from CAS response which define roles to give to the authenticated user (the roles are separated by comas).<br clear="none">
-The <em>permissionAttributeNames</em> defines the names of the attributes received from CAS response which define permissions to give to the autnewhenticated user (the permissions are separated by comas).</p>
-
-<h3><a name="CAS-CasSubjectFactory"></a>CasSubjectFactory</h3>
-
-<p>In CAS server, you can have "remember me" support. This information is pushed through SAML validation or CAS customized validation.<br clear="none">
-To reflect the CAS-remember me status in Shiro, you have to define a specific <tt>CasSubjectFactory</tt> in your Shiro configuration :</p>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">[main]
+casRealm.casServerUrlPrefix = https://server.cas.com/ casRealm.casService = http://application.examples.com/shiro-cas
+</code></pre>
+<p>The <em>casServerUrlPrefix</em> is the url of the CAS server (for example : <a href="https://server.cas.com">https://server.cas.com</a>).<br/>The <em>casService</em> is the application service url, the url on wich the application receives CAS service ticket (for example : <a href="http://application.examples.com/shiro-cas">http://application.examples.com/shiro-cas</a>).<br/>The <em>validationProcol</em> can be SAML or CAS (default) : attributes and remember me information are only pushed throught the SAML validation procotol (except specific customizations). It depends on the version of the CAS server : SAML protocol can be used with CAS server version >= 3.1.</p>
+<div class="panelMacro">
+ <table class="warningMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-exclamation-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>NOTE:</b>
+ <br clear="none">
+ If you choose SAML validation, you need some more specific dependencies :
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
+<pre><code class="xml"><dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+</dependency>
+<dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml</artifactId>
+ <version>1.1</version>
+</dependency>
+<dependency>
+ <groupId>org.apache.santuario</groupId>
+ <artifactId>xmlsec</artifactId>
+ <version>1.4.3</version>
+</dependency>
+</code></pre>
+<p>The <em>defaultRoles</em> is the default roles given to the authenticated user after CAS authentication success.<br/>The <em>defaultPermissions</em> is the default permissions given to the authenticated user after CAS authentication success.<br/>The <em>roleAttributeNames</em> defines the names of the attributes received from CAS response which define roles to give to the authenticated user (the roles are separated by comas).<br/>The <em>permissionAttributeNames</em> defines the names of the attributes received from CAS response which define permissions to give to the autnewhenticated user (the permissions are separated by comas).</p>
+<a name="CAS-CasSubjectFactory"></a>
+<h3><a href="#cassubjectfactory" name="cassubjectfactory">CasSubjectFactory</a></h3>
+<p>In CAS server, you can have “remember me” support. This information is pushed through SAML validation or CAS customized validation.<br/>To reflect the CAS-remember me status in Shiro, you have to define a specific <tt>CasSubjectFactory</tt> in your Shiro configuration :</p>
+<pre><code class="ini">[main]
casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory
-securityManager.subjectFactory = $casSubjectFactory</pre>
-</div></div>
-
-<h3><a name="CAS-Security%C2%A0oftheapplication"></a>Security of the application</h3>
-
+securityManager.subjectFactory = $casSubjectFactory
+</code></pre>
+<a name="CAS-Security%C2%A0oftheapplication"></a>
+<h3><a href="#security-of-the-application" name="security-of-the-application">Security of the application</a></h3>
<p>Finally, you have to define the security of your application.</p>
-
-<p>In your Shiro configuration, you have to protect url with roles (for example) :</p>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">[urls]
-/<span class="code-keyword">protected</span>/** = roles[ROLE_USER]
-/** = anon</pre>
-</div></div>
-
-<p>And the login url if the user is not authenticated is to be defined on the CAS server with the application service url :</p>
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">[main]
-roles.loginUrl = https:<span class="code-comment">//server.cas.com/login?service=http://application.examples.com/shiro-cas</span></pre>
-</div></div>
-
+<p>In your Shiro configuration, you have to protect url with roles (for example) :</p>
+<pre><code class="ini">[urls]
+/protected/** = roles[ROLE_USER]
+/** = anon
+</code></pre>
+<p>And the login url if the user is not authenticated is to be defined on the CAS server with the application service url :</p>
+<pre><code class="ini">[main]
+roles.loginUrl = https://server.cas.com/login?service=http://application.examples.com/shiro-cas
+</code></pre>
<p>This way, if you are not authenticated and try to acces a <em>/protected/**</em> url, you are redirected to the CAS server for authentication.</p>
-
-<h3><a name="CAS-Completeconfigurationsample"></a>Complete configuration sample</h3>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">[main]
+<a name="CAS-Completeconfigurationsample"></a>
+<h3><a href="#complete-configuration-sample" name="complete-configuration-sample">Complete configuration sample</a></h3>
+<pre><code class="ini">[main]
casFilter = org.apache.shiro.cas.CasFilter
casFilter.failureUrl = /error.jsp
casRealm = org.apache.shiro.cas.CasRealm
casRealm.defaultRoles = ROLE_USER
-casRealm.casServerUrlPrefix = https:<span class="code-comment">//server.cas.com/
-</span>casRealm.casService = http:<span class="code-comment">//application.examples.com/shiro-cas
-</span>
+casRealm.casServerUrlPrefix = https://server.cas.com/ casRealm.casService = http://application.examples.com/shiro-cas
casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory
securityManager.subjectFactory = $casSubjectFactory
-roles.loginUrl = https:<span class="code-comment">//server.cas.com/login?service=http://application.examples.com/shiro-cas
-</span>
+roles.loginUrl = https://server.cas.com/login?service=http://application.examples.com/shiro-cas
[urls]
/shiro-cas = casFilter
-/<span class="code-keyword">protected</span>/** = roles[ROLE_USER]
-/** = anon</pre>
-</div></div>
-
-<h2><a name="CAS-History"></a>History</h2>
-
-<p><em>Version 1.2.0</em> : first release of the <em>shiro-cas</em> module.</p>
-
+/protected/** = roles[ROLE_USER]
+/** = anon
+</code></pre>
+<a name="CAS-History"></a>
+<h2><a href="#history" name="history">History</a></h2>
+<p><em>Version 1.2.0</em> : first release of the <em>shiro-cas</em> module.</p>
</div>
Modified: shiro/site/publish/codec.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/codec.html?rev=1766414&r1=1766413&r2=1766414&view=diff
==============================================================================
--- shiro/site/publish/codec.html (original)
+++ shiro/site/publish/codec.html Mon Oct 24 14:33:52 2016
@@ -80,11 +80,12 @@
<p>TODO</p>
-<h2><a name="Codec-Lendahandwithdocumentation"></a>Lend a hand with documentation </h2>
+<h2><a name="Lendahandwithdocumentation"></a>Lend a hand with documentation </h2>
<p>While we hope this documentation helps you with the work you're doing with Apache Shiro, the community is improving and expanding the documentation all the time. If you'd like to help the Shiro project, please consider corrected, expanding, or adding documentation where you see a need. Every little bit of help you provide expands the community and in turn improves Shiro. </p>
<p>The easiest way to contribute your documentation is to send it to the <a class="external-link" href="http://shiro-user.582556.n2.nabble.com/" rel="nofollow">User Forum</a> or the <a href="mailing-lists.html" title="Mailing Lists">User Mailing List</a>.</p>
+)
</div>
Modified: shiro/site/publish/command-line-hasher.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/command-line-hasher.html?rev=1766414&r1=1766413&r2=1766414&view=diff
==============================================================================
--- shiro/site/publish/command-line-hasher.html (original)
+++ shiro/site/publish/command-line-hasher.html Mon Oct 24 14:33:52 2016
@@ -78,105 +78,63 @@
<div id="content">
- <h1><a name="CommandLineHasher-CommandLineHasher"></a>Command Line Hasher</h1>
-
-<div class="toc">
-<ul><li><a href="#CommandLineHasher-Usage">Usage</a></li><li><a href="#CommandLineHasher-CommonScenarios">Common Scenarios</a></li><ul><li><a href="#CommandLineHasher-%7B%7Bshiro.ini%7D%7DUserPasswords"> <tt>shiro.ini</tt> User Passwords</a></li><li><a href="#CommandLineHasher-MD5checksum">MD5 checksum</a></li></ul></ul></div>
-
-<p>Shiro 1.2.0 and later provides a command line program that can hash strings and resources (files, URLs, classpath entries) of almost any type. To use it, you must have a Java Virtual Machine installed and the 'java' command must be accessible in your <tt>$PATH</tt> environment variable.</p>
-
-<h2><a name="CommandLineHasher-Usage"></a>Usage</h2>
-
-<p>Ensure you have access to the <tt>shiro-tools-hasher-</tt><em>version</em><tt>-cli.jar</tt> file. You can either find this in a source build in the <em>buildroot</em><tt>/tools/hasher/target</tt> directory or via download through Maven.</p>
-
+ <a name="CommandLineHasher-CommandLineHasher"></a>
+<h1><a href="#command-line-hasher" name="command-line-hasher">Command Line Hasher</a></h1>
+<ul>
+ <li><a href="#CommandLineHasher-Usage">Usage</a></li>
+ <li><a href="#CommandLineHasher-CommonScenarios">Common Scenarios</a></li>
+ <li>
+ <p><a href="#CommandLineHasher-%7B%7Bshiro.ini%7D%7DUserPasswords"><code>shiro.ini</code> User Passwords</a></p></li>
+ <li><a href="#CommandLineHasher-MD5checksum">MD5 checksum</a></li>
+</ul>
+<p>Shiro 1.2.0 and later provides a command line program that can hash strings and resources (files, URLs, classpath entries) of almost any type. To use it, you must have a Java Virtual Machine installed and the ‘java’ command must be accessible in your <code>$PATH</code> environment variable.</p>
+<a name="CommandLineHasher-Usage"></a>
+<h2><a href="#usage" name="usage">Usage</a></h2>
+<p>Ensure you have access to the <code>shiro-tools-hasher-</code>_version_<code>-cli.jar</code> file. You can either find this in a source build in the <em>buildroot</em><code>/tools/hasher/target</code> directory or via download through Maven.</p>
<p>Once you have access to the jar, you can run the following command:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-> java -jar shiro-tools-hasher-X.X.X-cli.jar
-</pre>
-</div></div>
-
+<pre><code class="bash">$ java -jar shiro-tools-hasher-X.X.X-cli.jar
+</code></pre>
<p>This will print all available options for both standard (MD5, SHA1) and more complex password hashing scenarios.</p>
-
-<h2><a name="CommandLineHasher-CommonScenarios"></a>Common Scenarios</h2>
-
-<p>Please read the printed instructions for the above command. It will provide an exhaustive list of instructions which will help you use the hasher depending on your needs. However, we've provided some quick reference usages/scenarios below for convenience.</p>
-
-<h3><a name="CommandLineHasher-%7B%7Bshiro.ini%7D%7DUserPasswords"></a><tt>shiro.ini</tt> User Passwords</h3>
-
-<p>It is best to keep user passwords in the <tt>shiro.ini</tt> <tt>[users]</tt> section secure. To add a new user account line, use the above command with the <tt><b>-p</b></tt> (or <tt>--password</tt>) option:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-> java -jar shiro-tools-hasher-X.X.X-cli.jar -p
-</pre>
-</div></div>
-
+<a name="CommandLineHasher-CommonScenarios"></a>
+<h2><a href="#common-scenarios" name="common-scenarios">Common Scenarios</a></h2>
+<p>Please read the printed instructions for the above command. It will provide an exhaustive list of instructions which will help you use the hasher depending on your needs. However, we’ve provided some quick reference usages/scenarios below for convenience.</p>
+<a name="CommandLineHasher-%7B%7Bshiro.ini%7D%7DUserPasswords"></a>
+<h3><code>shiro.ini</code> User Passwords</h3>
+<p>It is best to keep user passwords in the <code>shiro.ini</code> <code>[users]</code> section secure. To add a new user account line, use the above command with the <code>**-p**</code> (or <code>--password</code>) option:</p>
+<pre><code class="bash">$ java -jar shiro-tools-hasher-X.X.X-cli.jar -p
+</code></pre>
<p>It will then ask you to enter the password and then confirm it:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-Password to hash:
+<pre><code class="bash">Password to hash:
Password to hash (confirm):
-</pre>
-</div></div>
-
-<p>When this command executes, it will print out the securely-salted-iterated-and-hashed password. For example:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-$shiro1$SHA-256$500000$eWpVX2tGX7WCP2J+jMCNqw==$it/NRclMOHrfOvhAEFZ0mxIZRdbcfqIBdwdwdDXW2dM=
-</pre>
-</div></div>
-
-<p>Take this value and place it as the password in the user definition line (followed by any optional roles) as defined in the <a href="configuration.html#Configuration-%5Cusers%5C">INI Users Configuration</a> documentation. For example:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-[users]
+</code></pre>
+<p>When this command executes, it will print out the securely-salted-iterated-and-hashed password. For example:</p>
+<pre><code class="bash">$shiro1$SHA-256$500000$eWpVX2tGX7WCP2J+jMCNqw==$it/NRclMOHrfOvhAEFZ0mxIZRdbcfqIBdwdwdDXW2dM=
+</code></pre>
+<p>Take this value and place it as the password in the user definition line (followed by any optional roles) as defined in the <a href="configuration.html#Configuration-%5Cusers%5C">INI Users Configuration</a> documentation. For example:</p>
+<pre><code class="ini">[users]
...
user1 = $shiro1$SHA-256$500000$eWpVX2tGX7WCP2J+jMCNqw==$it/NRclMOHrfOvhAEFZ0mxIZRdbcfqIBdwdwdDXW2dM=
-</pre>
-</div></div>
-
-<p>You will also need to ensure that the implicit <tt>iniRealm</tt> uses a <tt>CredentialsMatcher</tt> that knows how to perform secure hashed password comparisons. So configure this in the <tt>[main]</tt> section as well:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-[main]
+</code></pre>
+<p>You will also need to ensure that the implicit <code>iniRealm</code> uses a <code>CredentialsMatcher</code> that knows how to perform secure hashed password comparisons. So configure this in the <code>[main]</code> section as well:</p>
+<pre><code class="ini">[main]
...
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
iniRealm.credentialsMatcher = $passwordMatcher
...
-</pre>
-</div></div>
-
-
-<h3><a name="CommandLineHasher-MD5checksum"></a>MD5 checksum</h3>
-
-<p>Although you can perform any hash with any algorithm supported on the JVM, the default hashing algorithm is MD5, common for file checksums. Just use the <tt><b>-r</b></tt> (or <tt>--resource</tt>) option to indicate the following value is a resource location (and not text you wish hashed):</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-> java -jar shiro-tools-hasher-X.X.X-cli.jar -r RESOURCE_PATH
-</pre>
-</div></div>
-
-<p>By default <tt>RESOURCE_PATH</tt> is expected to be a file path, but you may specify classpath or URL resources by using the <tt>classpath:</tt> or <tt>url:</tt> prefix respectively.</p>
-
+</code></pre>
+<a name="CommandLineHasher-MD5checksum"></a>
+<h3><a href="#md5-checksum" name="md5-checksum">MD5 checksum</a></h3>
+<p>Although you can perform any hash with any algorithm supported on the JVM, the default hashing algorithm is MD5, common for file checksums. Just use the <code>**-r**</code> (or <code>--resource</code>) option to indicate the following value is a resource location (and not text you wish hashed):</p>
+<pre><code class="bash">$ java -jar shiro-tools-hasher-X.X.X-cli.jar -r RESOURCE_PATH
+</code></pre>
+<p>By default <code>RESOURCE_PATH</code> is expected to be a file path, but you may specify classpath or URL resources by using the <code>classpath:</code> or <code>url:</code> prefix respectively.</p>
<p>Some examples:</p>
-
-<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
-<pre class="code-java">
-<command> -r fileInCurrentDirectory.txt
+<pre><code class="bash"><command> -r fileInCurrentDirectory.txt
<command> -r ../../relativePathFile.xml
<command> -r ~/documents/myfile.pdf
<command> -r /usr/local/logs/absolutePathFile.log
-<command> -r url:http:<span class="code-comment">//foo.com/page.html
-</span><command> -r classpath:/WEB-INF/lib/something.jar
-</pre>
-</div></div>
+<command> -r url:http://foo.com/page.html <command> -r classpath:/WEB-INF/lib/something.jar
+</code></pre>
</div>
Modified: shiro/site/publish/commercial-support.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/commercial-support.html?rev=1766414&r1=1766413&r2=1766414&view=diff
==============================================================================
--- shiro/site/publish/commercial-support.html (original)
+++ shiro/site/publish/commercial-support.html Mon Oct 24 14:33:52 2016
@@ -78,27 +78,16 @@
<div id="content">
- <h1><a name="CommercialSupport-CommercialSupportandConsultingforApacheShiro"></a>Service and Commercial Support for Apache Shiro</h1>
-
-<div>
-<h3>
- <a class="external-link" href="https://www.stormpath.com" title="Stormpath User Management">Apache Shiro Plugin for Stormpath User Management</a>
-</h3>
-
-<p>The <a href="https://github.com/stormpath/stormpath-shiro/wiki">Apache Shiro plugin for Stormpath</a> allows an Apache Shiro-enabled application to use the <a href="https://www.stormpath.com">Stormpath User Management & Authentication service</a> for all authentication and access control needs. </p>
-
-<p>Pairing Shiro with Stormpath give you a full application security system complete with immediate user account support, admin UI, authentication service, account registration and password reset workflows, password security, and more-- with little to no coding on your part.</p>
- <a class="external-link" href="https://github.com/stormpath/stormpath-shiro/wiki" title="Apache Shiro plugin for Stormpath">Learn More >>></a>
-<h3>
- <a class="external-link" href="https://www.stormpath.com/apache-shiro-support" title="Stormpath Support for Apache Shiro">Stormpath Commercial Support for Apache Shiro</a>
-</h3>
-
-<p>Shiro commercial support and consulting services are available from Stormpath, a company started by Shiro committer and Project Chair, Les Hazlewood:
-</p>
- <a class="external-link" href="https://www.stormpath.com/apache-shiro-support" title="Stormpath Support for Apache Shiro">Learn More >>></a>
-</div>
-<br>
-<p><strong>Providing Shiro services? Get listed on this page by posting to the <a href="mailing-lists.html" title="Shiro Mailing Lists">Dev Mailing list</a> </strong></p>
+ <a name="CommercialSupport-CommercialSupportandConsultingforApacheShiro"></a>
+<h1><a href="#service-and-commercial-support-for-apache-shiro" name="service-and-commercial-support-for-apache-shiro">Service and Commercial Support for Apache Shiro</a></h1>
+<h3><a href="https://www.stormpath.com" title="Stormpath User Management">Apache Shiro Plugin for Stormpath User Management</a></h3>
+<p>The <a href="https://github.com/stormpath/stormpath-shiro/wiki">Apache Shiro plugin for Stormpath</a> allows an Apache Shiro-enabled application to use the <a href="https://www.stormpath.com">Stormpath User Management & Authentication service</a> for all authentication and access control needs.</p>
+<p>Pairing Shiro with Stormpath give you a full application security system complete with immediate user account support, admin UI, authentication service, account registration and password reset workflows, password security, and more– with little to no coding on your part.</p>
+<p><a href="https://github.com/stormpath/stormpath-shiro/wiki" title="Apache Shiro plugin for Stormpath">Learn More >>></a></p>
+<h3><a href="https://www.stormpath.com/apache-shiro-support" title="Stormpath Support for Apache Shiro">Stormpath Commercial Support for Apache Shiro</a></h3>
+<p>Shiro commercial support and consulting services are available from Stormpath, a company started by Shiro committer and Project Chair, Les Hazlewood:</p>
+<p><a href="https://www.stormpath.com/apache-shiro-support" title="Stormpath Support for Apache Shiro">Learn More >>></a></p>
+<p><strong>Providing Shiro services? Get listed on this page by posting to the <a href="mailing-lists.html" title="Shiro Mailing Lists">Dev Mailing list</a></strong></p>
</div>