You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by bd...@apache.org on 2016/10/19 14:24:59 UTC
svn commit: r1765607 [1/6] - in /shiro/site/publish: ./ 2010/03/18/
2010/06/01/ 2010/09/14/ 2010/09/20/ 2010/09/24/ 2010/11/03/ 2011/01/06/
2011/01/13/ 2011/02/10/ 2011/02/28/ 2011/03/14/ 2011/05/24/ 2011/06/30/
2012/01/24/ 2012/03/13/ 2012/07/29/ 2013...
Author: bdemers
Date: Wed Oct 19 14:24:58 2016
New Revision: 1765607
URL: http://svn.apache.org/viewvc?rev=1765607&view=rev
Log:
updating info, tip, warning, and danger panels
Modified:
shiro/site/publish/10-minute-tutorial.html
shiro/site/publish/2010/03/18/great-source-comments.html
shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html
shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html
shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
shiro/site/publish/2010/11/03/apache-shiro-110-released.html
shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html
shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html
shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html
shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html
shiro/site/publish/2011/06/30/apache-shiro-login-demo.html
shiro/site/publish/2012/01/24/apache-shiro-120-released.html
shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html
shiro/site/publish/2012/07/29/apache-shiro-121-released.html
shiro/site/publish/2013/05/30/apache-shiro-122-released.html
shiro/site/publish/README.html
shiro/site/publish/about.html
shiro/site/publish/adoption.html
shiro/site/publish/architecture.html
shiro/site/publish/articles.html
shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css
shiro/site/publish/authentication-features.html
shiro/site/publish/authentication-guide.html
shiro/site/publish/authentication.html
shiro/site/publish/authenticator.html
shiro/site/publish/authorization-features.html
shiro/site/publish/authorization.html
shiro/site/publish/authorizer.html
shiro/site/publish/banner.html
shiro/site/publish/cachemanager.html
shiro/site/publish/caching.html
shiro/site/publish/cas.html
shiro/site/publish/codec.html
shiro/site/publish/command-line-hasher.html
shiro/site/publish/commercial-support.html
shiro/site/publish/community.html
shiro/site/publish/concurrency.html
shiro/site/publish/conferences.html
shiro/site/publish/configuration.html
shiro/site/publish/confluence-auto-export.html
shiro/site/publish/contribute.html
shiro/site/publish/core.html
shiro/site/publish/cryptography-features.html
shiro/site/publish/cryptography.html
shiro/site/publish/deprecated-pages.html
shiro/site/publish/developer-resources.html
shiro/site/publish/developers.html
shiro/site/publish/documentation-help-block.html
shiro/site/publish/documentation.html
shiro/site/publish/download.html
shiro/site/publish/events.html
shiro/site/publish/features-overview.html
shiro/site/publish/features.html
shiro/site/publish/forums.html
shiro/site/publish/get-started.html
shiro/site/publish/getting-started-block.html
shiro/site/publish/graduation-resolution.html
shiro/site/publish/guice.html
shiro/site/publish/guides.html
shiro/site/publish/how-to-contribute.html
shiro/site/publish/inclusionslibrary.html
shiro/site/publish/index.html
shiro/site/publish/integration.html
shiro/site/publish/introduction.html
shiro/site/publish/issues.html
shiro/site/publish/java-annotations-list.html
shiro/site/publish/java-annotations.html
shiro/site/publish/java-authentication-guide.html
shiro/site/publish/java-authorization-guide.html
shiro/site/publish/java-cryptography-guide.html
shiro/site/publish/jsp-tag-library.html
shiro/site/publish/license.html
shiro/site/publish/mailing-lists.html
shiro/site/publish/navigation.html
shiro/site/publish/news.html
shiro/site/publish/overview.html
shiro/site/publish/performing-a-release.html
shiro/site/publish/permissions.html
shiro/site/publish/powered-by-shiro.html
shiro/site/publish/privacy-policy.html
shiro/site/publish/quickstart.html
shiro/site/publish/realm.html
shiro/site/publish/reference.html
shiro/site/publish/securitymanager.html
shiro/site/publish/session-management-features.html
shiro/site/publish/session-management.html
shiro/site/publish/sessionmanager.html
shiro/site/publish/sharing-block-small.html
shiro/site/publish/sharing-block.html
shiro/site/publish/site.html
shiro/site/publish/siteheader.html
shiro/site/publish/spring.html
shiro/site/publish/subject.html
shiro/site/publish/support.html
shiro/site/publish/tags.html
shiro/site/publish/team.html
shiro/site/publish/terminology.html
shiro/site/publish/testing.html
shiro/site/publish/tools.html
shiro/site/publish/tutorial.html
shiro/site/publish/version-2-brainstorming.html
shiro/site/publish/web-features.html
shiro/site/publish/web.html
shiro/site/publish/webapp-tutorial.html
shiro/site/publish/what-is-shiro.html
shiro/site/publish/wiki-todos.html
Modified: shiro/site/publish/10-minute-tutorial.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/10-minute-tutorial.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/10-minute-tutorial.html (original)
+++ shiro/site/publish/10-minute-tutorial.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
@@ -71,7 +73,9 @@
<div id="content">
- <h1><a name="10MinuteTutorial-10MinuteTutorialonApacheShiro"></a>10 Minute Tutorial on Apache Shiro</h1>
+
+
+<h1><a name="10MinuteTutorial-10MinuteTutorialonApacheShiro"></a>10 Minute Tutorial on Apache Shiro</h1>
<div class="addthis_toolbox addthis_default_style">
<a class="addthis_button_compact" href="http://www.addthis.com/bookmark.php?v=250&pubid=ra-4d66ef016022c3bd">Share</a>
@@ -121,15 +125,21 @@
<col span="1" width="24">
<col span="1">
</colgroup>
+
+
+ <tbody>
<tr>
- <td colspan="1" rowspan="1" valign="top"><img align="middle"
- src="https://cwiki.apache.org/confluence/images/icons/emoticons/information.png"
- width="16" height="16" alt="" border="0"></td>
- <td colspan="1" rowspan="1">Shiro can be run in any environment, from the simplest command line application
- to the biggest enterprise web and clustered applications, but we'll use the simplest possible example in
- a simple <tt>main</tt> method for this QuickStart so you can get a feel for the API.
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-info-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Note</b>
+ <br clear="none">
+ Shiro can be run in any environment, from the simplest command line application to the biggest enterprise web and clustered applications, but we'll use the simplest possible example in a simple <tt>main</tt> method for this QuickStart so you can get a feel for the API.
</td>
</tr>
+ </tbody>
</table>
</div>
@@ -293,15 +303,17 @@ session.setAttribute( <span class="code-
<col span="1" width="24">
<col span="1">
</colgroup>
- <tr>
- <td colspan="1" rowspan="1" valign="top"><img align="middle"
- src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.png"
- width="16" height="16" alt="" border="0"></td>
- <td colspan="1" rowspan="1"><b>Handy Hint</b><br clear="none">Security best practice is to give generic
- login failure messages to users because you do not want to aid an attacker trying to break into your
- system.
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Handy Hint</b>
+ <br clear="none">
+ Security best practice is to give generic login failure messages to users because you do not want to aid an attacker trying to break into your system.
</td>
</tr>
+ </tbody>
</table>
</div>
Modified: shiro/site/publish/2010/03/18/great-source-comments.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2010/03/18/great-source-comments.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/03/18/great-source-comments.html (original)
+++ shiro/site/publish/2010/03/18/great-source-comments.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html (original)
+++ shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html (original)
+++ shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html (original)
+++ shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html (original)
+++ shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html (original)
+++ shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/11/03/apache-shiro-110-released.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2010/11/03/apache-shiro-110-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/11/03/apache-shiro-110-released.html (original)
+++ shiro/site/publish/2010/11/03/apache-shiro-110-released.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html (original)
+++ shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html (original)
+++ shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html (original)
+++ shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html (original)
+++ shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html (original)
+++ shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html (original)
+++ shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/06/30/apache-shiro-login-demo.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2011/06/30/apache-shiro-login-demo.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/06/30/apache-shiro-login-demo.html (original)
+++ shiro/site/publish/2011/06/30/apache-shiro-login-demo.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2012/01/24/apache-shiro-120-released.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2012/01/24/apache-shiro-120-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2012/01/24/apache-shiro-120-released.html (original)
+++ shiro/site/publish/2012/01/24/apache-shiro-120-released.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html (original)
+++ shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2012/07/29/apache-shiro-121-released.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2012/07/29/apache-shiro-121-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2012/07/29/apache-shiro-121-released.html (original)
+++ shiro/site/publish/2012/07/29/apache-shiro-121-released.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2013/05/30/apache-shiro-122-released.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/2013/05/30/apache-shiro-122-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2013/05/30/apache-shiro-122-released.html (original)
+++ shiro/site/publish/2013/05/30/apache-shiro-122-released.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="../../../assets/css/confluence.css" media="screen">
@@ -71,7 +73,13 @@
<div id="content">
- <p>Dear Apache Shiro Community,</p><p>The Shiro team is pleased to announce the release of Apache Shiro version 1.2.2. This is the second bug fix point release after 1.2.0.</p><p>This release includes <a class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&version=12323469">18 bug fixes</a> since the 1.2.1 release and is available for <a href="../../../download.html" title="Download">Download</a> now.</p><p>All binaries (.jars) are available in Maven Central already. Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.</p><p>For more information on Shiro 1.2, please read the “<a class="external-link" href="http://www.stormpath.com/blog/whats-new-apache-shiro-12" rel="nofollow">What’s new in Apache Shiro 1.2?</a>” article or the previous
<a class="external-link" href="../../../2012/01/24/apache-shiro-120-released.html">1.2 release announcement</a>.</p><p>Enjoy!</p><p>The Apache Shiro Team</p>
+ <p>Dear Apache Shiro Community,</p>
+<p>The Shiro team is pleased to announce the release of Apache Shiro version 1.2.2. This is the second bug fix point release after 1.2.0.</p>
+<p>This release includes <a class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&version=12323469">18 bug fixes</a> since the 1.2.1 release and is available for <a href="../../../download.html" title="Download">Download</a> now.</p>
+<p>All binaries (.jars) are available in Maven Central already. Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.</p>
+<p>For more information on Shiro 1.2, please read the “<a class="external-link" href="http://www.stormpath.com/blog/whats-new-apache-shiro-12" rel="nofollow">What’s new in Apache Shiro 1.2?</a>” article or the previous <a class="external-link" href="../../../2012/01/24/apache-shiro-120-released.html">1.2 release announcement</a>.</p>
+<p>Enjoy!</p>
+<p>The Apache Shiro Team</p>
</div>
Modified: shiro/site/publish/README.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/README.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/README.html (original)
+++ shiro/site/publish/README.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
@@ -71,7 +73,13 @@
<div id="content">
- <h1>Apache Shiro Website Overview</h1><p>The Apache Shiro website is a static content website accessible at <a href="http://shiro.apache.org">http://shiro.apache.org</a></p><p>Site content is authored as Markdown and HTML files. These files are scanned by a tool that applies a page template to each file’s contents as necessary, and the rendered static .html files are output to a <code>publish</code> directory.</p><p>Publishing site changes is as simple as committing any changes in the <code>publish</code> directory to version control. ASF infrastructure will see the commit and automatically push the changes to the ASF’s production webservers.</p><h2>Generating and Publishing</h2><p>The tool used to generate the static content is <a href="https://github.com/lhazlewood/scms">SCMS</a>. Once scms is installed and in your <code>$PATH</code>, generating and publishing the site on the command line is easy.</p><p>The following example assumes you have SVN commit perm
issions to the <code>publish</code> directory, typically because your are an Apache Shiro project committer:</p>
+ <h1><a href="#apache-shiro-website-overview" name="apache-shiro-website-overview">Apache Shiro Website Overview</a></h1>
+<p>The Apache Shiro website is a static content website accessible at <a href="http://shiro.apache.org">http://shiro.apache.org</a></p>
+<p>Site content is authored as Markdown and HTML files. These files are scanned by a tool that applies a page template to each file’s contents as necessary, and the rendered static .html files are output to a <code>publish</code> directory.</p>
+<p>Publishing site changes is as simple as committing any changes in the <code>publish</code> directory to version control. ASF infrastructure will see the commit and automatically push the changes to the ASF’s production webservers.</p>
+<h2><a href="#generating-and-publishing" name="generating-and-publishing">Generating and Publishing</a></h2>
+<p>The tool used to generate the static content is <a href="https://github.com/lhazlewood/scms">SCMS</a>. Once scms is installed and in your <code>$PATH</code>, generating and publishing the site on the command line is easy.</p>
+<p>The following example assumes you have SVN commit permissions to the <code>publish</code> directory, typically because your are an Apache Shiro project committer:</p>
<pre><code>cd site
# This next command will take a few seconds, be patient :)
scms trunk publish
Modified: shiro/site/publish/about.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/about.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/about.html (original)
+++ shiro/site/publish/about.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/adoption.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/adoption.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/adoption.html (original)
+++ shiro/site/publish/adoption.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/architecture.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/architecture.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/architecture.html (original)
+++ shiro/site/publish/architecture.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
@@ -174,7 +176,25 @@ and more.</li></ul>
<p>The <tt>SecurityManager</tt> implementations and are also JavaBeans compatible, which allows you (or a configuration mechanism) to easily customize the pluggable components via standard JavaBeans accessor/mutator methods (get*/set*). This means the Shiro's architectural modularity can translate into very easy configuration for custom behavior.</p>
-<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Easy Configuration</b><br clear="none">Because of JavaBeans compatibility, it is very easy to configure the <tt>SecurityManager</tt> with custom components via any mechanism that supports JavaBeans-style configuration, such as <a href="spring.html" title="Spring">Spring</a>, Guice, JBoss, etc.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="tipMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Easy Configuration</b>
+ <br clear="none">
+ Because of JavaBeans compatibility, it is very easy to configure the <tt>SecurityManager</tt> with custom components via any mechanism that supports JavaBeans-style configuration, such as <a href="spring.html" title="Spring">Spring</a>, Guice, JBoss, etc.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<p>We will cover <a href="configuration.html" title="Configuration">Configuration</a> next.</p>
Modified: shiro/site/publish/articles.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/articles.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/articles.html (original)
+++ shiro/site/publish/articles.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css
URL: http://svn.apache.org/viewvc/shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css (original)
+++ shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css Wed Oct 19 14:24:58 2016
@@ -31,6 +31,10 @@
top: 3.23em;
right: -3.23em;
+ -webkit-box-sizing: content-box;
+ -moz-box-sizing: content-box;
+ box-sizing: content-box;
+
-webkit-transform: rotate(45deg);
-moz-transform: rotate(45deg);
-ms-transform: rotate(45deg);
Modified: shiro/site/publish/authentication-features.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/authentication-features.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authentication-features.html (original)
+++ shiro/site/publish/authentication-features.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
@@ -71,7 +73,10 @@
<div id="content">
- <h1>Apache Shiro Authentication Features</h1><p>Authentication is the process of identity verification– you are trying to verify a user is who they say they are. To do so, a user needs to provide some sort of proof of identity that your system understands and trusts. </p><p>The Shiro framework is designed to make authentication as clean and intuitive as possible while providing a rich set of features. Below is a highlight of the Shiro authentication features.</p><h2>Features</h2>
+ <h1><a href="#apache-shiro-authentication-features" name="apache-shiro-authentication-features">Apache Shiro Authentication Features</a></h1>
+<p>Authentication is the process of identity verification– you are trying to verify a user is who they say they are. To do so, a user needs to provide some sort of proof of identity that your system understands and trusts. </p>
+<p>The Shiro framework is designed to make authentication as clean and intuitive as possible while providing a rich set of features. Below is a highlight of the Shiro authentication features.</p>
+<h2><a href="#features" name="features">Features</a></h2>
<table align="right" width="275" style="margin-left: 20px; margin-bottom: 20px; border-style: solid; border-width: 2px; border-color: navy" cellpadding="10px">
<tr>
@@ -96,12 +101,18 @@
</tr>
</table>
<ul>
- <li><p><strong>Subject Based</strong> - Almost everything you do in Shiro is based on the currently executing user, called a Subject. And you can easily retrieve the Subject anywhere in your code. This makes it easier for you to understand and work with Shiro in your applications.</p></li>
- <li><p><strong>Single Method call</strong> - The authentication process is a single method call. Needing only one method call keeps the API simple and your application code clean, saving you time and effort.</p></li>
- <li><p><strong>Rich Exception Hierarchy</strong> - Shiro offers a rich exception hierarchy to offered detailed explanations for why a login failed. The hierarchy can help you more easily diagnose code bugs or customer services issues related to authentication. In addition, the richness can help you create more complex authentication functionality if needed.</p></li>
- <li><p><strong>‘Remember Me’ built in</strong> - Standard in the Shiro API is the ability to remember your users if they return to your application. You can offer a better user experience to your them with minimal development effort.</p></li>
- <li><p><strong>Pluggable data sources</strong> - Shiro uses pluggable data access objects (DAOs), called Realms, to connect to security data sources like LDAP and Active Directory. To help you avoid building and maintaining integrations yourself, Shiro provides out-of-the-box realms for popular data sources like LDAP, Active Directory, and JDBC. If needed, you can also create your own realms to support specific functionality not included in the basic realms.</p></li>
- <li><p><strong>Login with one or more realms</strong> - Using Shiro, you can easily authenticate a user against one or more realms and return one unified view of their identity. In addition, you can customize the authentication process with Shiro’s notion of an authentication strategy. The strategies can be setup in configuration files so changes don’t require source code modifications– reducing complexity and maintenance effort.</p></li>
+ <li>
+ <p><strong>Subject Based</strong> - Almost everything you do in Shiro is based on the currently executing user, called a Subject. And you can easily retrieve the Subject anywhere in your code. This makes it easier for you to understand and work with Shiro in your applications.</p></li>
+ <li>
+ <p><strong>Single Method call</strong> - The authentication process is a single method call. Needing only one method call keeps the API simple and your application code clean, saving you time and effort.</p></li>
+ <li>
+ <p><strong>Rich Exception Hierarchy</strong> - Shiro offers a rich exception hierarchy to offered detailed explanations for why a login failed. The hierarchy can help you more easily diagnose code bugs or customer services issues related to authentication. In addition, the richness can help you create more complex authentication functionality if needed.</p></li>
+ <li>
+ <p><strong>‘Remember Me’ built in</strong> - Standard in the Shiro API is the ability to remember your users if they return to your application. You can offer a better user experience to your them with minimal development effort.</p></li>
+ <li>
+ <p><strong>Pluggable data sources</strong> - Shiro uses pluggable data access objects (DAOs), called Realms, to connect to security data sources like LDAP and Active Directory. To help you avoid building and maintaining integrations yourself, Shiro provides out-of-the-box realms for popular data sources like LDAP, Active Directory, and JDBC. If needed, you can also create your own realms to support specific functionality not included in the basic realms.</p></li>
+ <li>
+ <p><strong>Login with one or more realms</strong> - Using Shiro, you can easily authenticate a user against one or more realms and return one unified view of their identity. In addition, you can customize the authentication process with Shiro’s notion of an authentication strategy. The strategies can be setup in configuration files so changes don’t require source code modifications– reducing complexity and maintenance effort.</p></li>
</ul>
</div>
Modified: shiro/site/publish/authentication-guide.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/authentication-guide.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authentication-guide.html (original)
+++ shiro/site/publish/authentication-guide.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
@@ -73,7 +75,29 @@
<p>This page has been moved. You are being redirected.</p>
-<p></p><div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Redirection Notice</b><br clear="none">This page should redirect to <a href="java-authentication-guide.html" title="Java Authentication Guide">Java Authentication Guide</a>.</td></tr></table></div>
+<p></p>
+
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Redirection Notice</b>
+ <br clear="none">
+ This page should redirect to <a href="java-authentication-guide.html" title="Java Authentication Guide">Java Authentication Guide</a>.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<script type="text/javascript">
<!--
Modified: shiro/site/publish/authentication.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/authentication.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authentication.html (original)
+++ shiro/site/publish/authentication.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
@@ -85,9 +87,32 @@
<ul><li><b>Principals</b> are a Subject's 'identifying attributes'. Principals can be anything that identifies a Subject, such as a first name (given name), last name (surname or family name), a username, Social Security Number, etc. Of course things like family names are not very good at uniquely identifying a <tt>Subject</tt>, so the best principals to use for authentication are unique for an application - typically a username or email address.
<br clear="none" class="atl-forced-newline">
<br clear="none" class="atl-forced-newline">
-<div class="panelMacro"><table class="infoMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/information.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Primary Principal</b><br clear="none">While Shiro can represent any number of principals, Shiro expects an application to have exactly one 'Primary' principal - a single value that uniquely identifies the <tt>Subject</tt> within the application. This is typically a username, email address or globally unique user id in most applications.</td></tr></table></div>
-<p><br clear="none" class="atl-forced-newline">
-<br clear="none" class="atl-forced-newline"></p></li><li><b>Credentials</b> are usually secret values known only by the <tt>Subject</tt> which are used as supporting evidence that they in fact 'own' the claimed identity. Some common examples of credentials are passwords, biometric data such as fingerprints and retina scans, and X.509 certificates.</li></ul>
+
+<div class="panelMacro">
+ <table class="infoMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+
+
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-info-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Primary Principal</b>
+ <br clear="none">
+ While Shiro can represent any number of principals, Shiro expects an application to have exactly one 'Primary' principal - a single value that uniquely identifies the <tt>Subject</tt> within the application. This is typically a username, email address or globally unique user id in most applications.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
+
+</li><li><b>Credentials</b> are usually secret values known only by the <tt>Subject</tt> which are used as supporting evidence that they in fact 'own' the claimed identity. Some common examples of credentials are passwords, biometric data such as fingerprints and retina scans, and X.509 certificates.</li></ul>
<p>The most common example of a principal/credential pairing is that of a username and password. The username is the claimed identity, and the password is the proof matching the claimed identity. If a submitted password matches what is expected by the application, the application can largely assume that the user really is who they say they are because no-one else should know the same password.</p>
@@ -133,13 +158,13 @@ currentUser.login(token);
</pre>
</div></div>
-<p>After acquiring the currently-executing <tt>Subject</tt>, we make a single <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#login(org.apache.shiro.authc.AuthenticationToken)">login</a></tt> call, passing in the <tt>AuthenticationToken</tt> instance we created earlier.</p>
+<p>After acquiring the currently-executing <tt>Subject</tt>, we make a single <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#login(org.apache.shiro.authc.AuthenticationToken)">login</a></tt> call, passing in the <tt>AuthenticationToken</tt> instance we created earlier.</p>
<p>An invocation to the <tt>login</tt> method effectively represents an authentication attempt.</p>
<h3><a name="Authentication-Step3%3AHandlingSuccessorFailure"></a>Step 3: Handling Success or Failure</h3>
-<p>If the <tt>login</tt> method returns quietly, that's it - we're done! The <tt>Subject</tt> has been authenticated. The application thread can continue uninterrupted and all further calls to <tt>SecurityUtils.getSubject()</tt> will return the authenticated <tt>Subject</tt> instance, and any calls to <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isAuthenticated()">isAuthenticated()</a></tt> will return <tt>true</tt>.</p>
+<p>If the <tt>login</tt> method returns quietly, that's it - we're done! The <tt>Subject</tt> has been authenticated. The application thread can continue uninterrupted and all further calls to <tt>SecurityUtils.getSubject()</tt> will return the authenticated <tt>Subject</tt> instance, and any calls to <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isAuthenticated()">isAuthenticated()</a></tt> will return <tt>true</tt>.</p>
<p>But what happens if the login attempt failed? For example, what if the end-user supplied an incorrect password, or accessed the system too many times and maybe their account is locked?</p>
@@ -164,18 +189,56 @@ currentUser.login(token);
<p>If one of the existing exception classes do not meet your needs, custom <tt>AuthenticationExceptions</tt> can be created to represent specific failure scenarios.</p>
-<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Login Failure Tip</b><br clear="none">While your code can react to specific exceptions and execute logic as necessary, a security best practice is to only show a generic failure message to an end user in the event of a failure, for example, "Incorrect username or password.". This ensures no specific information is available to hackers that may be attempting an attack vector.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="tipMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Login Failure Tip</b>
+ <br clear="none">
+ While your code can react to specific exceptions and execute logic as necessary, a security best practice is to only show a generic failure message to an end user in the event of a failure, for example, "Incorrect username or password.". This ensures no specific information is available to hackers that may be attempting an attack vector.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h2><a name="Authentication-Rememberedvs.Authenticated"></a>Remembered vs. Authenticated</h2>
<p>As shown in the example above, Shiro supports the notion of "remember me" in addition to the normal login process. It is worth pointing out at this time that Shiro makes a very precise distinction between a <em>remembered</em> Subject and an actual <em>authenticated</em> Subject: </p>
-<ul><li><b>Remembered</b>: A remembered <tt>Subject</tt> is not anonymous and has a known identity (i.e. <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#getPrincipals()">getPrincipals()</a></tt> is non-empty). But this identity is remembered from a previous authentication during a <b>previous</b> session. A subject is considered remembered if <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isRemembered()">isRemembered()</a></tt> returns <tt>true</tt>.
+<ul><li><b>Remembered</b>: A remembered <tt>Subject</tt> is not anonymous and has a known identity (i.e. <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#getPrincipals()">getPrincipals()</a></tt> is non-empty). But this identity is remembered from a previous authentication during a <b>previous</b> session. A subject is considered remembered if <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isRemembered()">isRemembered()</a></tt> returns <tt>true</tt>.
<br clear="none" class="atl-forced-newline">
-<br clear="none" class="atl-forced-newline"></li><li><b>Authenticated</b>: An authenticated <tt>Subject</tt> is one that has been successfully authenticated (i.e. the <tt>login</tt> method was invoked without throwing an exception) <em>during the Subject's current session</em>. A subject is considered authenticated if <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isAuthenticated()">isAuthenticated()</a></tt> returns <tt>true</tt>.</li></ul>
+<br clear="none" class="atl-forced-newline"></li><li><b>Authenticated</b>: An authenticated <tt>Subject</tt> is one that has been successfully authenticated (i.e. the <tt>login</tt> method was invoked without throwing an exception) <em>during the Subject's current session</em>. A subject is considered authenticated if <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isAuthenticated()">isAuthenticated()</a></tt> returns <tt>true</tt>.</li></ul>
-<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Mutually Exclusive</b><br clear="none">Remembered and authenticated states are mutually exclusive - a <tt>true</tt> value for one indicates a <tt>false</tt> value for the other and vice versa.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Mutually Exclusive</b>
+ <br clear="none">
+ Remembered and authenticated states are mutually exclusive - a <tt>true</tt> value for one indicates a <tt>false</tt> value for the other and vice versa.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h3><a name="Authentication-Whythedistinction%3F"></a>Why the distinction?</h3>
@@ -203,7 +266,7 @@ currentUser.login(token);
<h2><a name="Authentication-LoggingOut"></a>Logging Out</h2>
-<p>The opposite of authenticating is releasing all known identifying state. When the <tt>Subject</tt> is done interacting with the application, you can call <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#logout()">logout()</a></tt> to relinquish all identifying information:</p>
+<p>The opposite of authenticating is releasing all known identifying state. When the <tt>Subject</tt> is done interacting with the application, you can call <tt>subject.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#logout()">logout()</a></tt> to relinquish all identifying information:</p>
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
@@ -215,7 +278,27 @@ currentUser.logout(); <span class="code-
<p>After a <tt>Subject</tt> logs-out, the <tt>Subject</tt> instance is considered anonymous again and, except for web applications, can be re-used for <tt>login</tt> again if desired.</p>
-<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Web Application Notice</b><br clear="none">Because remembered identity in web applications is often persisted with cookies, and cookies can only be deleted before a Response body is committed, it is highly recommended to redirect the end-user to a new view or page immediately after calling <tt>subject.logout()</tt>. This guarantees that any security-related cookies are deleted as expected. This is a limitation of how HTTP cookies function and not a limitation of Shiro.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="warningMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-exclamation-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Web Application Notice</b>
+ <br clear="none">
+ Because remembered identity in web applications is often persisted with cookies, and cookies can only be deleted before a Response body is committed, it is highly recommended to redirect the end-user to a new view or page immediately after calling <tt>subject.logout()</tt>. This guarantees that any security-related cookies are deleted as expected. This is a limitation of how HTTP cookies function and not a limitation of Shiro.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<p><a name="Authentication-sequence"></a></p>
<h2><a name="Authentication-AuthenticationSequence"></a>Authentication Sequence</h2>
@@ -235,12 +318,32 @@ currentUser.logout(); <span class="code-
<b>Step 2</b>: The <tt>Subject</tt> instance, typically a <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/support/DelegatingSubject.html">DelegatingSubject</a></tt> (or a subclass) delegates to the application's <tt>SecurityManager</tt> by calling <tt>securityManager.login(token)</tt>, where the actual authentication work begins.
<br clear="none" class="atl-forced-newline">
<br clear="none" class="atl-forced-newline">
-<b>Step 3</b>: The <tt>SecurityManager</tt>, being a basic 'umbrella' component, receives the token and simply delegates to its internal <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html">Authenticator</a></tt> instance by calling <tt>authenticator.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html#authenticate(org.apache.shiro.authc.AuthenticationToken)">authenticate(token)</a></tt>. This is almost always a <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/pam/ModularRealmAuthenticator.html">ModularRealmAuthenticator</a></tt> instance, which supports coordinating one or more <tt>Realm</tt> instances during authentication. The <tt>ModularRealmAuthenticator</tt> essentially provides a <a class="external-link" href="http://en.wikipedia.org/wiki/Pluggable_Authentication_Modules" rel="nofollow">PAM</a>-style paradigm for Apache Shiro (where each <tt>Re
alm</tt> is a 'module' in PAM terminology).
+<b>Step 3</b>: The <tt>SecurityManager</tt>, being a basic 'umbrella' component, receives the token and simply delegates to its internal <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html">Authenticator</a></tt> instance by calling <tt>authenticator.</tt><tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html\#authenticate(org.apache.shiro.authc.AuthenticationToken)">authenticate(token)</a></tt>. This is almost always a <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/pam/ModularRealmAuthenticator.html">ModularRealmAuthenticator</a></tt> instance, which supports coordinating one or more <tt>Realm</tt> instances during authentication. The <tt>ModularRealmAuthenticator</tt> essentially provides a <a class="external-link" href="http://en.wikipedia.org/wiki/Pluggable_Authentication_Modules" rel="nofollow">PAM</a>-style paradigm for Apache Shiro (where each <tt>R
ealm</tt> is a 'module' in PAM terminology).
<br clear="none" class="atl-forced-newline">
<br clear="none" class="atl-forced-newline">
<b>Step 4</b>: If more than one <tt>Realm</tt> is configured for the application, the <tt>ModularRealmAuthenticator</tt> instance will initiate a multi-<tt>Realm</tt> authentication attempt utilizing its configured <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/pam/AuthenticationStrategy.html">AuthenticationStrategy</a></tt>. Before, during and after the <tt>Realms</tt> are invoked for authentication, the <tt>AuthenticationStrategy</tt> will be called to allow it to react to each Realm's results. We will cover <tt>AuthenticationStrategies</tt> soon.</p>
-<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Single-Realm Application</b><br clear="none">If only a single Realm is configured, it is called directly - there is no need for an <tt>AuthenticationStrategy</tt> in a single-Realm application.</td></tr></table></div>
-<p><b>Step 5</b>: Each configured <tt>Realm</tt> is consulted to see if it <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html#supports(org.apache.shiro.authc.AuthenticationToken)">supports</a></tt> the submitted <tt>AuthenticationToken</tt>. If so, the supporting Realm's <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo</a></tt> method will be invoked with the submitted <tt>token</tt>. The <tt>getAuthenticationInfo</tt> method effectively represents a single authentication attempt for that particular <tt>Realm</tt>. We will cover the <tt>Realm</tt> authentication behavior shortly.</p>
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Single-Realm Application</b>
+ <br clear="none">
+ If only a single Realm is configured, it is called directly - there is no need for an <tt>AuthenticationStrategy</tt> in a single-Realm application.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
+<p><b>Step 5</b>: Each configured <tt>Realm</tt> is consulted to see if it <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html\#supports(org.apache.shiro.authc.AuthenticationToken)">supports</a></tt> the submitted <tt>AuthenticationToken</tt>. If so, the supporting Realm's <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html\#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo</a></tt> method will be invoked with the submitted <tt>token</tt>. The <tt>getAuthenticationInfo</tt> method effectively represents a single authentication attempt for that particular <tt>Realm</tt>. We will cover the <tt>Realm</tt> authentication behavior shortly.</p>
<h3><a name="Authentication-%7B%7BAuthenticator%7D%7D"></a><tt>Authenticator</tt></h3>
@@ -274,7 +377,29 @@ securityManager.authenticator = $authent
<p>Also an <tt>AuthenticationStrategy</tt> is responsible for aggregating the results from each successful Realm and 'bundling' them into a single <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/AuthenticationInfo.html">AuthenticationInfo</a></tt> representation. This final aggregate <tt>AuthenticatinoInfo</tt> instance is what is returned by the <tt>Authenticator</tt> instance and is what Shiro uses to represent the <tt>Subject</tt>'s final identity (aka Principals).</p>
-<div class="panelMacro"><table class="infoMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/information.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Subject Identity 'View'</b><br clear="none">If you use more than one Realm in your application to acquire account data from multiple data sources, the <tt>AuthenticationStrategy</tt> is ultimately responsible for the final 'merged' view of the Subject's identity that is seen by the application.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="infoMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+
+
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-info-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Subject Identity 'View'</b>
+ <br clear="none">
+ If you use more than one Realm in your application to acquire account data from multiple data sources, the <tt>AuthenticationStrategy</tt> is ultimately responsible for the final 'merged' view of the Subject's identity that is seen by the application.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<p>Shiro has 3 concrete <tt>AuthenticationStrategy</tt> implementations:</p>
@@ -297,7 +422,25 @@ securityManager.authenticator.authentica
</pre>
</div></div>
-<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Custom AuthenticationStrategy</b><br clear="none">If you wanted to create your own <tt>AuthenticationStrategy</tt> implementation yourself, you could use the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/pam/AbstractAuthenticationStrategy.html">org.apache.shiro.authc.pam.AbstractAuthenticationStrategy</a></tt> as a starting point. The <tt>AbstractAuthenticationStrategy</tt> class automatically implements the 'bundling'/aggregation behavior of merging the results from each Realm into a single <tt>AuthenticationInfo</tt> instance.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="tipMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Custom AuthenticationStrategy</b>
+ <br clear="none">
+ If you wanted to create your own <tt>AuthenticationStrategy</tt> implementation yourself, you could use the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/pam/AbstractAuthenticationStrategy.html">org.apache.shiro.authc.pam.AbstractAuthenticationStrategy</a></tt> as a starting point. The <tt>AbstractAuthenticationStrategy</tt> class automatically implements the 'bundling'/aggregation behavior of merging the results from each Realm into a single <tt>AuthenticationInfo</tt> instance.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h3><a name="Authentication-RealmAuthenticationOrder"></a>Realm Authentication Order</h3>
@@ -351,11 +494,31 @@ securityManager.realms = $fooRealm, $bar
</pre>
</div></div>
-<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Explicit Realm Inclusion</b><br clear="none">When you explicitly configure the <tt>securityManager.realms</tt> property, <em>only</em> the referenced realms will be configured on the <tt>SecurityManager</tt>. This means you could define 5 realms in INI, but only actually use 3 if 3 are referenced for the <tt>realms</tt> property. This is different than implicit realm ordering where all available realms will be used.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Explicit Realm Inclusion</b>
+ <br clear="none">
+ When you explicitly configure the <tt>securityManager.realms</tt> property, <em>only</em> the referenced realms will be configured on the <tt>SecurityManager</tt>. This means you could define 5 realms in INI, but only actually use 3 if 3 are referenced for the <tt>realms</tt> property. This is different than implicit realm ordering where all available realms will be used.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h2><a name="Authentication-RealmAuthentication"></a>Realm Authentication</h2>
-<p>This chapter covers Shiro's master workflow explaining how an authentication attempt occurs. The internal workflow of what happens in a single realm as it is consulted during authentication (i.e. 'Step 5' above) is covered in the <a href="realm.html" title="Realm">Realm</a> chapter's <a href="realm.html#Realm-authentication">Realm Authentication</a> section.</p>
+<p>This chapter covers Shiro's master workflow explaining how an authentication attempt occurs. The internal workflow of what happens in a single realm as it is consulted during authentication (i.e. 'Step 5' above) is covered in the <a href="realm.html" title="Realm">Realm</a> chapter's <a href="realm.html\#Realm-authentication">Realm Authentication</a> section.</p>
<h2><a name="Authentication-Lendahandwithdocumentation"></a>Lend a hand with documentation </h2>
Modified: shiro/site/publish/authenticator.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/authenticator.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authenticator.html (original)
+++ shiro/site/publish/authenticator.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen">
@@ -73,12 +75,13 @@
<p>TODO</p>
-<h2><a name="Authenticator-Lendahandwithdocumentation"></a>Lend a hand with documentation </h2>
+<h2><a name="Lendahandwithdocumentation"></a>Lend a hand with documentation </h2>
<p>While we hope this documentation helps you with the work you're doing with Apache Shiro, the community is improving and expanding the documentation all the time. If you'd like to help the Shiro project, please consider corrected, expanding, or adding documentation where you see a need. Every little bit of help you provide expands the community and in turn improves Shiro. </p>
<p>The easiest way to contribute your documentation is to send it to the <a class="external-link" href="http://shiro-user.582556.n2.nabble.com/" rel="nofollow">User Forum</a> or the <a href="mailing-lists.html" title="Mailing Lists">User Mailing List</a>.</p>
+
</div>
</div><!--END WRAPPER-->