You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by bd...@apache.org on 2017/07/05 15:31:22 UTC
svn commit: r1800890 - /shiro/site/publish/10-minute-tutorial.html
Author: bdemers
Date: Wed Jul 5 15:31:22 2017
New Revision: 1800890
URL: http://svn.apache.org/viewvc?rev=1800890&view=rev
Log:
merging in shiro-site #24
Modified:
shiro/site/publish/10-minute-tutorial.html
Modified: shiro/site/publish/10-minute-tutorial.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/10-minute-tutorial.html?rev=1800890&r1=1800889&r2=1800890&view=diff
==============================================================================
--- shiro/site/publish/10-minute-tutorial.html (original)
+++ shiro/site/publish/10-minute-tutorial.html Wed Jul 5 15:31:22 2017
@@ -272,7 +272,7 @@
<p>In almost all environments, you can obtain the currently executing user via the following call:</p>
<pre><code class="java">Subject currentUser = SecurityUtils.getSubject();
</code></pre>
-<p>Using <a href="static/current/apidocs/org/apache/shiro/SecurityUtils.html"><code>SecurityUtils</code></a>.[getSubject()](static/current/apidocs/org/apache/shiro/SecurityUtils.html#getSubject()), we can obtain the currently executing <a href="static/current/apidocs/org/apache/shiro/subject/Subject.html"><code>Subject</code></a>. A <em>Subject</em> is just a security-specific “view” of an application User. We actually wanted to call it ‘User’ since that “just makes sense”, but we decided against it: too many applications have existing APIs that already have their own User classes/frameworks, and we didn’t want to conflict with those. Also, in the security world, the term <code>Subject</code> is actually the recognized nomenclature. Ok, moving on…</p>
+<p>Using <a href="static/current/apidocs/org/apache/shiro/SecurityUtils.html"><code>SecurityUtils</code></a>.<a href="static/current/apidocs/org/apache/shiro/SecurityUtils.html#getSubject--"><code>getSubject()</code></a>, we can obtain the currently executing <a href="static/current/apidocs/org/apache/shiro/subject/Subject.html"><code>Subject</code></a>. A <em>Subject</em> is just a security-specific “view” of an application User. We actually wanted to call it ‘User’ since that “just makes sense”, but we decided against it: too many applications have existing APIs that already have their own User classes/frameworks, and we didn’t want to conflict with those. Also, in the security world, the term <code>Subject</code> is actually the recognized nomenclature. Ok, moving on…</p>
<p>The <code>getSubject()</code> call in a standalone application might return a <code>Subject</code> based on user data in an application-specific location, and in a server environment (e.g. web app), it acquires the <code>Subject</code> based on user data associated with current thread or incoming request.</p>
<p>Now that you have a <code>Subject</code>, what can you do with it?</p>
<p>If you want to make things available to the user during their current session with the application, you can get their session:</p>