You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shiro.apache.org by bm...@apache.org on 2021/10/08 10:06:36 UTC

[shiro-site] branch jbake updated: convert commercial-support.md and command-line-hasher.

This is an automated email from the ASF dual-hosted git repository.

bmarwell pushed a commit to branch jbake
in repository https://gitbox.apache.org/repos/asf/shiro-site.git


The following commit(s) were added to refs/heads/jbake by this push:
     new 2bef1d9  convert commercial-support.md and command-line-hasher.
     new 2247d17  Merge pull request #104 from bmarwell/jbake
2bef1d9 is described below

commit 2bef1d9db91eed00270d224e1df53af821d173cd
Author: Benjamin Marwell <bm...@apache.org>
AuthorDate: Fri Oct 8 11:29:36 2021 +0200

    convert commercial-support.md and command-line-hasher.
---
 commercial-support.md                              | 20 -----
 .../content/command-line-hasher.adoc               | 99 +++++++++++++---------
 jbake/content/commercial-support.adoc              | 24 ++++++
 3 files changed, 81 insertions(+), 62 deletions(-)

diff --git a/commercial-support.md b/commercial-support.md
deleted file mode 100644
index 74b6356..0000000
--- a/commercial-support.md
+++ /dev/null
@@ -1,20 +0,0 @@
-<a name="CommercialSupport-CommercialSupportandConsultingforApacheShiro"></a>
-#Service and Commercial Support for Apache Shiro
-
-
-### [Apache Shiro Plugin for Stormpath User Management](https://www.stormpath.com "Stormpath User Management")
-
-The [Apache Shiro plugin for Stormpath](https://github.com/stormpath/stormpath-shiro/wiki) allows an Apache Shiro-enabled application to use the [Stormpath User Management & Authentication service](https://www.stormpath.com) for all authentication and access control needs.
-
-Pairing Shiro with Stormpath give you a full application security system complete with immediate user account support, admin UI, authentication service, account registration and password reset workflows, password security, and more-- with little to no coding on your part.
-
-[Learn More >>>](https://github.com/stormpath/stormpath-shiro/wiki "Apache Shiro plugin for Stormpath")
-
-### [Stormpath Commercial Support for Apache Shiro](https://www.stormpath.com/apache-shiro-support "Stormpath Support for Apache Shiro")
-
-Shiro commercial support and consulting services are available from Stormpath, a company started by Shiro committer and Project Chair, Les Hazlewood:
-
-[Learn More >>>](https://www.stormpath.com/apache-shiro-support "Stormpath Support for Apache Shiro")
-
-**Providing Shiro services? Get listed on this page by posting to the [Dev Mailing list](mailing-lists.html "Shiro Mailing Lists")**
-<input type="hidden" id="ghEditPage" value="commercial-support.md"></input>
diff --git a/command-line-hasher.md b/jbake/content/command-line-hasher.adoc
similarity index 63%
rename from command-line-hasher.md
rename to jbake/content/command-line-hasher.adoc
index 1ea5966..2ac28f4 100644
--- a/command-line-hasher.md
+++ b/jbake/content/command-line-hasher.adoc
@@ -1,97 +1,112 @@
-<a name="CommandLineHasher-CommandLineHasher"></a>
-#Command Line Hasher
-
-*   [Usage](#CommandLineHasher-Usage)
-*   [Common Scenarios](#CommandLineHasher-CommonScenarios)
-
-*   [`shiro.ini` User Passwords](#CommandLineHasher-%7B%7Bshiro.ini%7D%7DUserPasswords)
-*   [MD5 checksum](#CommandLineHasher-MD5checksum)
-
+[#CommandLineHasher-CommandLineHasher]
+= Command Line Hasher
+:jbake-type: page
+:jbake-status: published
+:jbake-tags: documentation, hashes, command-line, cli, hasher, tool
+:idprefix:
+:icons: font
+:toc:
 
 Shiro 1.2.0 and later provides a command line program that can hash strings and resources (files, URLs, classpath entries) of almost any type. To use it, you must have a Java Virtual Machine installed and the 'java' command must be accessible in your `$PATH` environment variable.
 
-<a name="CommandLineHasher-Usage"></a>
-##Usage
+[CAUTION]
+====
+Do not use the hashes provided in the command line hasher 1.x versions anymore!
+They are outdated and all considered insecure!
+====
 
-Ensure you have access to the `shiro-tools-hasher-`_version_`-cli.jar` file. You can either find this in a source build in the _buildroot_`/tools/hasher/target` directory or via download through Maven.
+[#CommandLineHasher-Usage]
+== Usage
 
-``` bash
+Ensure you have access to the `shiro-tools-hasher-${versions.latestRelease}-cli.jar` file.
+You can either find this in a source build in the _buildroot_`/tools/hasher/target` directory or via download through Maven.
+
+[source,bash]
+----
 # Use the following to download from Maven Central into
-# ~/.m2/repository/org/apache/shiro/tools/shiro-tools-hasher/X.X.X/shiro-tools-hasher-X.X.X-cli.jar
-$ mvn dependency:get -DgroupId=org.apache.shiro.tools -DartifactId=shiro-tools-hasher -Dclassifier=cli -Dversion=X.X.X
-```
+# ~/.m2/repository/org/apache/shiro/tools/shiro-tools-hasher/${versions.latestRelease}/shiro-tools-hasher-${versions.latestRelease}-cli.jar
+$ mvn dependency:get -DgroupId=org.apache.shiro.tools -DartifactId=shiro-tools-hasher -Dclassifier=cli -Dversion=${versions.latestRelease}
+
+----
 
 Once you have access to the jar, you can run the following command:
 
-``` bash
-$ java -jar shiro-tools-hasher-X.X.X-cli.jar
-```
+[source,bash]
+----
+$ java -jar shiro-tools-hasher-${versions.latestRelease}-cli.jar
+----
 
 This will print all available options for both standard (MD5, SHA1) and more complex password hashing scenarios.
 
-<a name="CommandLineHasher-CommonScenarios"></a>
-##Common Scenarios
+[#CommandLineHasher-CommonScenarios]
+== Common Scenarios
 
 Please read the printed instructions for the above command. It will provide an exhaustive list of instructions which will help you use the hasher depending on your needs. However, we've provided some quick reference usages/scenarios below for convenience.
 
-<a name="CommandLineHasher-%7B%7Bshiro.ini%7D%7DUserPasswords"></a>
-###`shiro.ini` User Passwords
+[#CommandLineHasher-shiro.iniUserPasswords]
+=== `shiro.ini` User Passwords
 
 It is best to keep user passwords in the `shiro.ini` `[users]` section secure. To add a new user account line, use the above command with the `**-p**` (or `--password`) option:
 
-``` bash
-$ java -jar shiro-tools-hasher-X.X.X-cli.jar -p
-```
+[source,bash]
+----
+$ java -jar shiro-tools-hasher-${versions.latestRelease}-cli.jar -p
+----
 
 It will then ask you to enter the password and then confirm it:
 
-``` bash
+[source,bash]
+----
 Password to hash:
 Password to hash (confirm):
-```
+----
 
 When this command executes, it will print out the securely-salted-iterated-and-hashed password. For example:
 
-``` bash
+[source,bash]
+----
 $shiro1$SHA-256$500000$eWpVX2tGX7WCP2J+jMCNqw==$it/NRclMOHrfOvhAEFZ0mxIZRdbcfqIBdwdwdDXW2dM=
-```
+----
 
-Take this value and place it as the password in the user definition line (followed by any optional roles) as defined in the [INI Users Configuration](configuration.html#Configuration-%5Cusers%5C) documentation. For example:
+Take this value and place it as the password in the user definition line (followed by any optional roles) as defined in the link:/configuration.html#Configuration-%5Cusers%5C[INI Users Configuration] documentation. For example:
 
-``` ini
+[source,ini]
+----
 [users]
 ...
 user1 = $shiro1$SHA-256$500000$eWpVX2tGX7WCP2J+jMCNqw==$it/NRclMOHrfOvhAEFZ0mxIZRdbcfqIBdwdwdDXW2dM=
-```
+----
 
 You will also need to ensure that the implicit `iniRealm` uses a `CredentialsMatcher` that knows how to perform secure hashed password comparisons. So configure this in the `[main]` section as well:
 
-``` ini
+[source,ini]
+----
 [main]
 ...
 passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
 iniRealm.credentialsMatcher = $passwordMatcher
 ...
-```
+----
 
-<a name="CommandLineHasher-MD5checksum"></a>
-###MD5 checksum
+[#CommandLineHasher-MD5checksum]
+=== MD5 checksum
 
 Although you can perform any hash with any algorithm supported on the JVM, the default hashing algorithm is MD5, common for file checksums. Just use the `**-r**` (or `--resource`) option to indicate the following value is a resource location (and not text you wish hashed):
 
-``` bash
+[source,bash]
+----
 $ java -jar shiro-tools-hasher-X.X.X-cli.jar -r RESOURCE_PATH
-```
+----
 
 By default `RESOURCE_PATH` is expected to be a file path, but you may specify classpath or URL resources by using the `classpath:` or `url:` prefix respectively.
 
 Some examples:
 
-``` bash
+[source,bash]
+----
 <command> -r fileInCurrentDirectory.txt
 <command> -r ../../relativePathFile.xml
 <command> -r ~/documents/myfile.pdf
 <command> -r /usr/local/logs/absolutePathFile.log
 <command> -r url:http://foo.com/page.html <command> -r classpath:/WEB-INF/lib/something.jar
-```
-<input type="hidden" id="ghEditPage" value="command-line-hasher.md"></input>
+----
diff --git a/jbake/content/commercial-support.adoc b/jbake/content/commercial-support.adoc
new file mode 100644
index 0000000..6026cd9
--- /dev/null
+++ b/jbake/content/commercial-support.adoc
@@ -0,0 +1,24 @@
+[#CommercialSupport-CommercialSupportandConsultingforApacheShiro]
+= Service and Commercial Support for Apache Shiro
+:jbake-type: page
+:jbake-status: published
+:jbake-tags: documentation, support, services
+:idprefix:
+:icons: font
+
+== Okta Shiro Integration
+
+The link:https://github.com/oktadev/okta-shiro-plugin[Okta Shiro Plugin] contains a Shiro Realm for Okta, for use with OAuth 2.0 Resource Servers.
+This realm will validate Okta JWT access tokens.
+
+== Commercial Support for Apache Shiro
+
+=== Yupiik commercial support
+
+Shiro commercial support and consulting services are available from Yupiik:
+
+link:https://www.yupiik.com/production-support/[Learn More &gt;&gt;&gt;]
+
+=== Get listed
+
+*Providing Shiro services? Get listed on this page by posting to the link:mailing-lists.html[Dev Mailing list]*