Modified: shiro/site/publish/confluence-auto-export.html URL: http://svn.apache.org/viewvc/shiro/site/publish/confluence-auto-export.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/confluence-auto-export.html (original) +++ shiro/site/publish/confluence-auto-export.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -71,171 +73,36 @@ <div id="content"> - <h1><a name="ConfluenceAutoExport-ConfluenceAutoExportProcessforApacheShiro"></a>Confluence Auto Export Process for Apache Shiro</h1> - -<p>This page describes how we use the Confluence <tt>Auto Export</tt> plugin to create a custom look and feel for our project's public website while still using Confluence to manage and host our content. </p> - -<p>This page is especially useful if you're a member of another Apache project that wants to use Confluence as your content repository but have a nicely formatted custom look and feel that you can design.</p> - -<h3><a name="ConfluenceAutoExport-Overview"></a>Overview</h3> - -<p>The high level overview is that you create a custom look and feel in the form of an HTML template. Confluence is then configured to automatically export your project space to static .html files that conform to the template. This allows a project website to have a different look entirely than the default Confluence theme.</p> - -<p>The generated 'templatized' static .html files are then served as the project's public facing website, which is beneficial for scalability - an Apache farm of web servers can serve the static files (doing what Apache does best), relieving the Confluence server from direct and/or heavy load.</p> - -<h3><a name="ConfluenceAutoExport-StepbyStep"></a>Step-by-Step</h3> - -<p>Here are step-by-step instructions to enable this for your project:</p> - -<ol><li><b>Create Your HTML Template</b> -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -A project contributor creates a single Velocity-based HTML template file. The Confluence documentation has a <a class="external-link" href="http://confluence.atlassian.com/display/CONFDEV/Basic+Introduction+to+Velocity"; rel="nofollow">Basic Introduction to Velocity</a> that links to the <a class="external-link" href="http://velocity.apache.org/engine/releases/velocity-1.4/user-guide.html";>Velocity User Guide</a>. You'll want to read the Velocity User Guide to understand how to set template variables, write conditional statements, etc. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"; width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Confluence Velocity Objects</b><br clear="none">When writing your template, you will want to know about the <a class="external-link" href="http://confluence.atlassian.com/display/CONFDEV/Confluence+Objects+Accessible+From+Velocity"; rel="nofollow">Confluence Objects Accessible From Velocity</a>. You can use these existing variables and macros from within your template as necessary.</td></tr></table></div> -<p><br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Also note that your template file can reference static assets such as images, css files and javascript as necessary. Typically a template designer will work in whatever design tool they like and test it out on browsers etc. Its just that the static assets themselves are not imported into the <tt>Auto Export</tt> plugin directly. They need to be hosted in a separate location. We'll cover that next. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -<b>Example</b>: Here is <a href="shiroConfluenceAutoExportTemplate.vhtml.txt?version=1&modificationDate=1274492875000">Shiro's Auto Export HTML Template</a> (as of 21 May 2010). You can use it as an example or modify as necessary for your own site in accordance with the Apache 2.0 license. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></p></li><li><b>Upload Template Static Resources</b> -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Static resources that your .html template file references are not imported into the <tt>Auto Export</tt> plugin - you need to place those in a separate location. The way we've done it for Shiro is to create a single purposefully reserved directory at the root of our website called <tt>static</tt>. So if our public website root is located here: -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre>people.apache.org:/www/incubator.apache.org/shiro/ -</pre> -</div></div> -<p><br clear="none" class="atl-forced-newline"> -then all of our static content that we manage manually will be in this directory: -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></p> -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre>people.apache.org:/www/incubator.apache.org/shiro/static/ -</pre> -</div></div> -<p><br clear="none" class="atl-forced-newline"> -It is important that you don't create a Confluence page at the root of your Confluence space named <tt>Static</tt> as it will conflict with your manually managed static directory above. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Also note that because everything else in the <tt>/www/incubator.apache.org/shiro</tt> directory is auto-exported from Confluence, you really don't ever want to mess with any files in that directory. Stick to only manually editing things in the <tt>static</tt> subdirectory and you'll be fine. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -So, if our .html template referenced some images, css, and javascript in an <tt>assets</tt> directory while we were designing the template, you'll need to secure <tt>rsync</tt> or <tt>sftp</tt> those resources to a matching directory structure on <tt>people.apache.org</tt> under our reserved <tt>static</tt> directory: -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></p> -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre>/www/incubator.apache.org/shiro/static/assets/images/header.jpg -/www/incubator.apache.org/shiro/static/assets/css/style.css -/www/incubator.apache.org/shiro/static/assets/js/some-javscript-library-minified.js -... -</pre> -</div></div> -<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"; width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Heavy CSS</b><br clear="none">For reasons that will become apparent later, it is recommended to make heavy use of CSS in your template as well as ensure that the CSS definitions are in an external static file and <b>not</b> embedded in the template itself: you will be able to freely change your CSS files in this static directory, while it will be much harder to change the template after it is installed. If your template heavily leverages CSS, you can change the CSS whenever you want.</td></tr></table></div> -<p><br clear="none" class="atl-forced-newline"></p></li><li><b>Update Template Resource References</b> -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Once you've uploaded those resources to their appropriate place on <tt>people.apache.org</tt> filesystem, you need to now change your template to reference their runtime location where they will be when your page is served by the web server. We did this by setting a Velocity variable in our template that reflects the runtime site root: -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre><!DOCTYPE html PUBLIC ... -ASF license header here ... -## -#set ($siteroot = "http://incubator.apache.org/shiro";) -... other variables, macro definitions, etc here ... -## -<html> -... rest of html template here ... -</html> -</pre> -</div></div> -<p><br clear="none" class="atl-forced-newline"> -Then you an use the Velocity variables in your html to reference their location: -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></p> -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre><img src="$siteroot/assets/images/header.jpg"/> -</pre> -</div></div> -<p><br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Again, see <a href="shiroConfluenceAutoExportTemplate.vhtml.txt?version=1&modificationDate=1274492875000">Shiro's Auto Export HTML Template</a> as an example. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></p></li><li><b>Set Up a Cron Job to Sync Auto-Exported Content</b> -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -When <tt>Auto Export</tt> runs, it outputs its content into a different directory than your website filesystem location. You need to ensure that after <tt>Auto Export</tt> runs, the generated content will make its way to the correct filesystem location that will be published to the web server farm. You can do that by setting up a cron job on <b>one</b> of the project team member's <tt>people.apache.org</tt> account: -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -First make sure that when the crontab editor runs, it is using an editor that you feel comfortable in (VI, Emacs, etc): -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre>> export EDITOR=vi -</pre> -</div></div> -<p><br clear="none" class="atl-forced-newline"> -Then execute the following crontab command, which will launch your preferred editor: -<br clear="none" class="atl-forced-newline"></p> -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre>> crontab -e -</pre> -</div></div> -<p><br clear="none" class="atl-forced-newline"> -Ensure the following 3 cron lines* are in that file (where <tt>SPACENAME</tt> is the case-sensitive Confluence space name (in our case <tt>SHIRO</tt>) and <tt>PROJECTNAME</tt> is typically your lower-case project name (in our case <tt>shiro</tt>): -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></p> -<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent panelContent"> -<pre>0 * * * * /usr/local/bin/rsync -p -r /www/confluence-exports/SPACENAME/ /www/incubator.apache.org/PROJECTNAME >/dev/null 2>&1 -5 * * * * find /www/incubator.apache.org/PROJECTNAME -type f -exec chmod g+rw {} \; >/dev/null 2>&1 -5 * * * * find /www/incubator.apache.org/PROJECTNAME -type d -exec chmod g+rwx {} \; >/dev/null 2>&1 -</pre> -</div></div> -<p><br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Then save and exit the file. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -These 3 cron lines say:</p> - <ul><li>Line 1: "Every minute (on the minute), rsync the Confluence auto-exported content from its output directory to my project's public website directory"</li><li>Line 2: "Every minute (at the 5 second mark), ensure all the files in my project's public website are (recursively) made group readable and writable". You want other project team members to be able to write to them if necessary.</li><li>Line 3: "Every minute (at the 5 second mark), ensure all the directories in my project's public website are (recursively) made group readable, writable and executable". -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -* The <tt><b>>/dev/null 2>&1</b></tt> parts at the end of each line will swallow any output that would have been emailed to you if anything failed. Typically you'll see some innocuous permission-related messages that can be ignored. You can always take off that part on each line if you want regular emails - up to you. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></li></ul> - </li><li><b>Ask a Confluence Administrator to Import Your Template</b> -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -After you've updated your template to reference the correct resource paths and made your crontab entries, you need to find an Apache member with Confluence administrative privileges to add your template file to the <tt>Auto Export</tt> plugin configuration. Unfortunately only a Confluence administrator may perform this function - the plugin does not support per-project administrators. Check with your project mentors or the Incubator PMC as they will typically know who to contact. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Once they've added the template to the configuration, also (kindly) ask them if they would explicitly export your Confluence space so you can test the results. You can also change and save a wiki page at any time to trigger the export process and it will be copied to your project webspace when the cron job runs. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -<b>Note</b>: This is why it is important to use CSS heavily in your template. Because you may not have direct access to change the template whenever you want, it is better to rely on CSS that you <em>can</em> change whenever you want. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></li><li><b>Verify Pages Export Correctly</b> -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -After your template has been installed and you make modifications to your space pages, you should see them start to show up within a minute or two in your project's root web directory (again, for Shiro, this is in <tt>people.apache.org:/www/incubator.apache.org/shiro</tt>). Look inside the .html files and you should see your HTML template code surrounding the wiki content. If you see this, <tt>Auto Export</tt> and your cron job are running propertly. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"></li><li><b>Wait For the Web Server Farm</b> -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -As mentioned before, the static .html files exported to your <tt>/www/incubator.apache.org/projectname</tt> web directory need to propagate to an Apache web server farm that actually services HTTP requests. We don't have access to those machines, so we have to wait for an automated process (managed by Apache Infrastructure) to pick up the files in <tt>/www</tt> and sync them to the server farm. This process can take up to an hour or two. -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -After an hour or two, visit the site, hit refresh, and you should see any changes that you made previously in Confluence display as a nice page with your template's look and feel. You can make changes to Confluence pages from this point on and you won't need to touch the template or <tt>Auto Export</tt> settings again (unless you want to change the template). -<br clear="none" class="atl-forced-newline"> -<br clear="none" class="atl-forced-newline"> -Now you're done setting up Auto Export!</li></ol> + <p>This page has been moved. You are being redirected.</p> +<div class="panelMacro"> + <table class="noteMacro"> + <colgroup span="1"> + <col span="1" width="24"> + <col span="1"> + </colgroup> + <tbody> + <tr> + <td colspan="1" rowspan="1" valign="top"> + <i class="fa fa-warning"></i> + </td> + + <td colspan="1" rowspan="1"> + <b>Redirection Notice</b> + <br clear="none"> + This page should redirect to <a href="index.html" title="index.html">index.html</a>. + </td> + </tr> + </tbody> + </table> +</div> + +<script type="text/javascript"> + <!-- + window.location = "index.html" + //--> +</script> -<p>Please contact the <tt>[email protected]</tt> mailing list with errata.</p> </div>
Modified: shiro/site/publish/contribute.html URL: http://svn.apache.org/viewvc/shiro/site/publish/contribute.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/contribute.html (original) +++ shiro/site/publish/contribute.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/core.html URL: http://svn.apache.org/viewvc/shiro/site/publish/core.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/core.html (original) +++ shiro/site/publish/core.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/cryptography-features.html URL: http://svn.apache.org/viewvc/shiro/site/publish/cryptography-features.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/cryptography-features.html (original) +++ shiro/site/publish/cryptography-features.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/cryptography.html URL: http://svn.apache.org/viewvc/shiro/site/publish/cryptography.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/cryptography.html (original) +++ shiro/site/publish/cryptography.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/deprecated-pages.html URL: http://svn.apache.org/viewvc/shiro/site/publish/deprecated-pages.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/deprecated-pages.html (original) +++ shiro/site/publish/deprecated-pages.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/developer-resources.html URL: http://svn.apache.org/viewvc/shiro/site/publish/developer-resources.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/developer-resources.html (original) +++ shiro/site/publish/developer-resources.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -104,7 +106,28 @@ mvn install <p>The resulting artifacts will be in your local M2 Repo under the org.apache.shiro group.</p></li></ol> -<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif"; width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Cutting-edge development</b><br clear="none">When building from <tt>master</tt> or any branches, use the generated artifacts at your own risk! Current and previous stable releases will always be available via the <a href="download.html" title="Download">Download</a> page.</td></tr></table></div> +<div class="panelMacro"> + <table class="warningMacro"> + <colgroup span="1"> + <col span="1" width="24"> + <col span="1"> + </colgroup> + <tbody> + <tr> + <td colspan="1" rowspan="1" valign="top"> + <i class="fa fa-exclamation-circle"></i> + </td> + + <td colspan="1" rowspan="1"> + <b>Cutting-edge development</b> + <br clear="none"> + When building from <tt>master</tt> or any branches, use the generated artifacts at your own risk! Current and previous stable releases will always be available via the <a href="download.html" title="Download">Download</a> page. + </td> + </tr> + </tbody> + </table> +</div> + </div> Modified: shiro/site/publish/developers.html URL: http://svn.apache.org/viewvc/shiro/site/publish/developers.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/developers.html (original) +++ shiro/site/publish/developers.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/documentation-help-block.html URL: http://svn.apache.org/viewvc/shiro/site/publish/documentation-help-block.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/documentation-help-block.html (original) +++ shiro/site/publish/documentation-help-block.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/documentation.html URL: http://svn.apache.org/viewvc/shiro/site/publish/documentation.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/documentation.html (original) +++ shiro/site/publish/documentation.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -71,7 +73,9 @@ <div id="content"> - <h1><a name="Documentation-ApacheShiroDocumentation"></a>Apache Shiro Documentation</h1> + + +<h1><a name="Documentation-ApacheShiroDocumentation"></a>Apache Shiro Documentation</h1> <h3><a name="Documentation-Introduction"></a>Introduction</h3> <p>Helpful if read in order:</p> Modified: shiro/site/publish/download.html URL: http://svn.apache.org/viewvc/shiro/site/publish/download.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/download.html (original) +++ shiro/site/publish/download.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -71,7 +73,9 @@ <div id="content"> - <h1><a name="Download-DownloadApacheShiro"></a>Download Apache Shiro</h1> + + +<h1><a name="Download-DownloadApacheShiro"></a>Download Apache Shiro</h1> <table align="right" width="275" style="margin-left: 20px; margin-bottom: 20px; border-style: solid; border-width: 2px; border-color: navy" cellpadding="10px"> Modified: shiro/site/publish/events.html URL: http://svn.apache.org/viewvc/shiro/site/publish/events.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/events.html (original) +++ shiro/site/publish/events.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/features-overview.html URL: http://svn.apache.org/viewvc/shiro/site/publish/features-overview.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/features-overview.html (original) +++ shiro/site/publish/features-overview.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/features.html URL: http://svn.apache.org/viewvc/shiro/site/publish/features.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/features.html (original) +++ shiro/site/publish/features.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -71,19 +73,34 @@ <div id="content"> - <h1>Apache Shiro Features Overview</h1><p>Apache Shiro aims to be the most comprehensive, but also the easiest to use Java security framework available. Here are some of the frameworks finer points:</p> + <h1><a href="#apache-shiro-features-overview" name="apache-shiro-features-overview">Apache Shiro Features Overview</a></h1> +<p>Apache Shiro aims to be the most comprehensive, but also the easiest to use Java security framework available. Here are some of the frameworks finer points:</p> <ul> - <li><p>The easiest to understand Java Security API anywhere. Class and Interface names are intuitive and <em>make sense</em>. Anything is pluggable but good defaults exist for everything.</p></li> - <li><p>Support <a href="authentication-features.html">authentication</a> (‘logins’) across one or more pluggable data sources (LDAP, JDBC, ActiveDirectory, etc).</p></li> - <li><p>Perform <a href="authorization-features.html">authorization</a> (‘access control’) based on roles or fine-grained <a href="permissions.html">permissions</a>, also using pluggable data sources.</p></li> - <li><p>First-class <a href="caching.html">caching</a> support for enhanced application performance.</p></li> - <li><p>Built-in POJO-based Enterprise <a href="session-management-features.html">Session Management</a>. Use in both web and non-web environments or in any environment where Single Sign On (SSO) or clustered or distributed sessions are desired.</p></li> - <li><p><em>Heterogeneous</em> client session access. You are no longer forced to use only the <tt>httpSession</tt> or Stateful Session Beans, which often unnecessarily tie applications to specific environments. Flash applets, C# applications, Java Web Start, and Web Applications, etc. can now all share session state regardless of deployment environment.</p></li> - <li><p>Simple Single Sign-On (SSO) support piggybacking the above Enterprise Session Management. If sessions are federated across multiple applications, the user’s authentication state can be shared too. Log in once to any application and the others all recognize that log-in.</p></li> - <li><p>Secure data with the easiest possible <a href="cryptography-features.html">Cryptogrpahy</a> APIs available, giving you power and simplicity beyond what Java provides by default for ciphers and hashes.</p></li> - <li><p>An incredibly robust yet <em>low-configuration</em> web framework that can secure any url or resource, automatically handle logins and logouts, perform Remember Me services, and more.</p></li> - <li><p>Extremely low number of required dependencies. Standalone configuration requires only <tt>slf4j-api.jar</tt> and one of slf4j’s binding .jars. Web configuration additionally requires <tt>commons-beanutils-core.jar</tt>. Feature-based dependencies (Ehcache caching, Quartz-based Session validation, Spring dependency injection, etc.) can be added when needed.</p></li> -</ul><h2>Want more information on what Shiro can do?</h2><p>Check out the specific features for each of Shiro’s major components: <a href="authentication-features.html">Authentication</a>, <a href="authorization-features.html">Authorization</a>, <a href="session-management-features.html">Session Management</a>, and <a href="cryptography-features.html">Cryptogrpahy</a>.</p><h2>Get Started in 10 Minutes with Shiro</h2><p>Try out Shiro for yourself with our <a href="10-minute-tutorial.html">10 Minute Tutorial</a>. And if you have any questions about Shiro, please check out our <a href="forums.html">community forum</a> or <a href="mailing-lists.html">user mailing list</a> for answers from the community.</p> + <li> + <p>The easiest to understand Java Security API anywhere. Class and Interface names are intuitive and <em>make sense</em>. Anything is pluggable but good defaults exist for everything.</p></li> + <li> + <p>Support <a href="authentication-features.html">authentication</a> (‘logins’) across one or more pluggable data sources (LDAP, JDBC, ActiveDirectory, etc).</p></li> + <li> + <p>Perform <a href="authorization-features.html">authorization</a> (‘access control’) based on roles or fine-grained <a href="permissions.html">permissions</a>, also using pluggable data sources.</p></li> + <li> + <p>First-class <a href="caching.html">caching</a> support for enhanced application performance.</p></li> + <li> + <p>Built-in POJO-based Enterprise <a href="session-management-features.html">Session Management</a>. Use in both web and non-web environments or in any environment where Single Sign On (SSO) or clustered or distributed sessions are desired.</p></li> + <li> + <p><em>Heterogeneous</em> client session access. You are no longer forced to use only the <tt>httpSession</tt> or Stateful Session Beans, which often unnecessarily tie applications to specific environments. Flash applets, C# applications, Java Web Start, and Web Applications, etc. can now all share session state regardless of deployment environment.</p></li> + <li> + <p>Simple Single Sign-On (SSO) support piggybacking the above Enterprise Session Management. If sessions are federated across multiple applications, the user’s authentication state can be shared too. Log in once to any application and the others all recognize that log-in.</p></li> + <li> + <p>Secure data with the easiest possible <a href="cryptography-features.html">Cryptogrpahy</a> APIs available, giving you power and simplicity beyond what Java provides by default for ciphers and hashes.</p></li> + <li> + <p>An incredibly robust yet <em>low-configuration</em> web framework that can secure any url or resource, automatically handle logins and logouts, perform Remember Me services, and more.</p></li> + <li> + <p>Extremely low number of required dependencies. Standalone configuration requires only <tt>slf4j-api.jar</tt> and one of slf4j’s binding .jars. Web configuration additionally requires <tt>commons-beanutils-core.jar</tt>. Feature-based dependencies (Ehcache caching, Quartz-based Session validation, Spring dependency injection, etc.) can be added when needed.</p></li> +</ul> +<h2><a href="#want-more-information-on-what-shiro-can-do-" name="want-more-information-on-what-shiro-can-do-">Want more information on what Shiro can do?</a></h2> +<p>Check out the specific features for each of Shiro’s major components: <a href="authentication-features.html">Authentication</a>, <a href="authorization-features.html">Authorization</a>, <a href="session-management-features.html">Session Management</a>, and <a href="cryptography-features.html">Cryptogrpahy</a>.</p> +<h2><a href="#get-started-in-10-minutes-with-shiro" name="get-started-in-10-minutes-with-shiro">Get Started in 10 Minutes with Shiro</a></h2> +<p>Try out Shiro for yourself with our <a href="10-minute-tutorial.html">10 Minute Tutorial</a>. And if you have any questions about Shiro, please check out our <a href="forums.html">community forum</a> or <a href="mailing-lists.html">user mailing list</a> for answers from the community.</p> </div> Modified: shiro/site/publish/forums.html URL: http://svn.apache.org/viewvc/shiro/site/publish/forums.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/forums.html (original) +++ shiro/site/publish/forums.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/get-started.html URL: http://svn.apache.org/viewvc/shiro/site/publish/get-started.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/get-started.html (original) +++ shiro/site/publish/get-started.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -71,15 +73,24 @@ <div id="content"> - <h1>Get Started with Apache Shiro</h1><p>Apache Shiro focuses on ease-of-use, so you can rely on secure, stable authentication, authorization, cryptography, and session management. With Shiroâs easy-to-understand API, you can quickly and easily secure any application. Get started!</p><p>Here are some links related help you get started with Shiro:</p> + <h1><a href="#get-started-with-apache-shiro" name="get-started-with-apache-shiro">Get Started with Apache Shiro</a></h1> +<p>Apache Shiro focuses on ease-of-use, so you can rely on secure, stable authentication, authorization, cryptography, and session management. With Shiroâs easy-to-understand API, you can quickly and easily secure any application. Get started!</p> +<p>Here are some links related help you get started with Shiro:</p> <ul> - <li><p><strong><a href="introduction.html">Introduction to the Apache Shiro Java Security Framework</a></strong><br/>Apache Shiro’s first and foremost goal is to be easy to use and understand. Security can be very complex at times, even painful, but it doesn’t have to be.</p></li> - <li><p><strong><a href="terminology.html">Terminology</a></strong><br/>Security can be really confusing because of the terminology used. We’ll make life easier by clarifying some core concepts, so you understand how they’re reflected in the Shiro API.</p></li> - <li><p><strong><a href="10-minute-tutorial.html">10-Minute Tutorial</a></strong><br/>Learn all the ins and outs of the Shiro Framework in under 10 minutes. This quick and simple tutorial shows how a developer uses Shiro in their application. </p></li> - <li><p><strong><a href="tutorial.html">Your First Shiro Application</a></strong><br/>If you’re new to Apache Shiro, this short tutorial will show you how to set up a very simple application secured by Apache Shiro. We’ll discuss Shiro’s core concepts along the way to help familiarize you with Shiro’s design and API.</p></li> - <li><p><strong><a href="architecture.html">Architecture</a></strong><br/>By modeling what is already intuitive for software developers, Apache Shiro remains intuitive and easy to use in practically any application.</p></li> - <li><p><strong><a href="articles.html">Introductory Articles… and Beyond!</a></strong><br/>Articles and Guides written by and for members of the Apache Shiro community.</p></li> - <li><p><strong><a href="what-is-shiro.html">Apache Shiro Project Background</a></strong><br/>Apache Shiro, like most useful tools, was created out of necessity. Learn more about the project history and mission statement.</p></li> + <li> + <p><strong><a href="introduction.html">Introduction to the Apache Shiro Java Security Framework</a></strong><br/>Apache Shiro’s first and foremost goal is to be easy to use and understand. Security can be very complex at times, even painful, but it doesn’t have to be.</p></li> + <li> + <p><strong><a href="terminology.html">Terminology</a></strong><br/>Security can be really confusing because of the terminology used. We’ll make life easier by clarifying some core concepts, so you understand how they’re reflected in the Shiro API.</p></li> + <li> + <p><strong><a href="10-minute-tutorial.html">10-Minute Tutorial</a></strong><br/>Learn all the ins and outs of the Shiro Framework in under 10 minutes. This quick and simple tutorial shows how a developer uses Shiro in their application. </p></li> + <li> + <p><strong><a href="tutorial.html">Your First Shiro Application</a></strong><br/>If you’re new to Apache Shiro, this short tutorial will show you how to set up a very simple application secured by Apache Shiro. We’ll discuss Shiro’s core concepts along the way to help familiarize you with Shiro’s design and API.</p></li> + <li> + <p><strong><a href="architecture.html">Architecture</a></strong><br/>By modeling what is already intuitive for software developers, Apache Shiro remains intuitive and easy to use in practically any application.</p></li> + <li> + <p><strong><a href="articles.html">Introductory Articles… and Beyond!</a></strong><br/>Articles and Guides written by and for members of the Apache Shiro community.</p></li> + <li> + <p><strong><a href="what-is-shiro.html">Apache Shiro Project Background</a></strong><br/>Apache Shiro, like most useful tools, was created out of necessity. Learn more about the project history and mission statement.</p></li> </ul> </div> Modified: shiro/site/publish/getting-started-block.html URL: http://svn.apache.org/viewvc/shiro/site/publish/getting-started-block.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/getting-started-block.html (original) +++ shiro/site/publish/getting-started-block.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/graduation-resolution.html URL: http://svn.apache.org/viewvc/shiro/site/publish/graduation-resolution.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/graduation-resolution.html (original) +++ shiro/site/publish/graduation-resolution.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/guice.html URL: http://svn.apache.org/viewvc/shiro/site/publish/guice.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/guice.html (original) +++ shiro/site/publish/guice.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -119,7 +121,27 @@ <p>In this case, user and role configuration would go in the <tt>shiro.ini</tt> file.</p> -<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif"; width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>shiro.ini usage in Guice</b><br clear="none">It is important to note that, in this above configuration, only the <tt>users</tt> and <tt>roles</tt> sections from the ini file are used.</td></tr></table></div> +<div class="panelMacro"> + <table class="noteMacro"> + <colgroup span="1"> + <col span="1" width="24"> + <col span="1"> + </colgroup> + <tbody> + <tr> + <td colspan="1" rowspan="1" valign="top"> + <i class="fa fa-warning"></i> + </td> + + <td colspan="1" rowspan="1"> + <b>shiro.ini usage in Guice</b> + <br clear="none"> + It is important to note that, in this above configuration, only the <tt>users</tt> and <tt>roles</tt> sections from the ini file are used. + </td> + </tr> + </tbody> + </table> +</div> <p>Then, the module is used to create a Guice injector, and the injector is used to obtain a <tt>SecurityManager</tt>. The following example serves the same purpose as the first three lines in the <a class="external-link" href="10-minute-tutorial.html#10MinuteTutorial-Quickstart.java">Quickstart</a> example.</p> Modified: shiro/site/publish/guides.html URL: http://svn.apache.org/viewvc/shiro/site/publish/guides.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/guides.html (original) +++ shiro/site/publish/guides.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/how-to-contribute.html URL: http://svn.apache.org/viewvc/shiro/site/publish/how-to-contribute.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/how-to-contribute.html (original) +++ shiro/site/publish/how-to-contribute.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/inclusionslibrary.html URL: http://svn.apache.org/viewvc/shiro/site/publish/inclusionslibrary.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/inclusionslibrary.html (original) +++ shiro/site/publish/inclusionslibrary.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/index.html URL: http://svn.apache.org/viewvc/shiro/site/publish/index.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/index.html (original) +++ shiro/site/publish/index.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/integration.html URL: http://svn.apache.org/viewvc/shiro/site/publish/integration.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/integration.html (original) +++ shiro/site/publish/integration.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -71,33 +73,60 @@ <div id="content"> - <h1>Apache Shiro Integrations</h1><p>Shiro has been downloaded over one million times and is in production at thousands of companies. One reason: it integrates well with other technologies and frameworks. </p><h2>Officially Supported Integrations</h2><p>These integrations are supported by the Apache Shiro Development team. Want to help make them great? <a href="how-to-contribute.html">Contribute</a> back to the project!</p> + <h1><a href="#apache-shiro-integrations" name="apache-shiro-integrations">Apache Shiro Integrations</a></h1> +<p>Shiro has been downloaded over one million times and is in production at thousands of companies. One reason: it integrates well with other technologies and frameworks. </p> +<h2><a href="#officially-supported-integrations" name="officially-supported-integrations">Officially Supported Integrations</a></h2> +<p>These integrations are supported by the Apache Shiro Development team. Want to help make them great? <a href="how-to-contribute.html">Contribute</a> back to the project!</p> <ul> - <li><p><strong><a href="spring.html">Spring Application Framework</a></strong> Integrate Shiro into standalone or web-based Spring applications.</p></li> - <li><p><strong><a href="guice.html">Guice Dependency Injection Framework</a></strong> For Guice-based applications using standard Guice conventions and mechanisms.</p></li> - <li><p><strong><a href="cas.html">CAS SSO server</a></strong> Protect your WebApp with a Jasig CAS SSO server. </p></li> -</ul><h2>Open Source Community Integrations</h2> + <li> + <p><strong><a href="spring.html">Spring Application Framework</a></strong> Integrate Shiro into standalone or web-based Spring applications.</p></li> + <li> + <p><strong><a href="guice.html">Guice Dependency Injection Framework</a></strong> For Guice-based applications using standard Guice conventions and mechanisms.</p></li> + <li> + <p><strong><a href="cas.html">CAS SSO server</a></strong> Protect your WebApp with a Jasig CAS SSO server. </p></li> +</ul> +<h2><a href="#open-source-community-integrations" name="open-source-community-integrations">Open Source Community Integrations</a></h2> <ul> - <li><p><strong><a href="http://www.stormpath.com/blog/user-management-java-web-apps-stormpath-and-apache-shiro";>Stormpath User Management</a></strong> from <a href="http://www.stormpath.com/";>Stormpath</a><br/>Pairing Apache Shiro with Stormpath gives you a full application security and user management system, with little to no coding.</p></li> - <li><p><strong><a href="http://grails.org/plugins/shiro";>Grails</a></strong> from <a href="http://grails.org/";>Pivotal</a> and <a href="https://twitter.com/@pledbrook";>@pledbrook</a><br/>Very up-to-date Grails/Shiro Integration, including Grails 2.0 and Shiro 1.2. Adds easy authentication and access control to Grails applications. </p></li> - <li><p><strong><a href="http://isis.apache.org";>Apache Isis</a></strong> from <a href="http://apache.org/";>Apache</a><br/>Apache Isis is a full-stack framework for rapidly developing domain driven apps and RESTful APIs in Java. <a href="http://isis.apache.org/documentation.html#security";>It uses Apache Shiro</a> 1.2.x for authentication and authorization.</p></li> - <li><p><strong><a href="https://github.com/FeedTheCoffers/shiro-oauth";>Oauth</a></strong> from <a href="https://twitter.com/@JimmiDyson";>@JimmiDyson</a><br/>Source code for an OAuth module for Apache Shiro based on Scribe</p></li> - <li><p><strong><a href="https://github.com/cilogi/gaeshiro";>Google App Engine</a></strong> from <a href="https://twitter.com/@cilogi";>@cilogi</a><br/>Demo of one way to integrate Shiro with App Engine and Google Guice, plus front-end user registration and password management.</p></li> - <li><p><strong><a href="https://github.com/wsargent/play-shiro";>Play!</a></strong> from <a href="https://twitter.com/@will_sargent";>@will_sargent</a><br/>A very simple integration between Apache Shiro and Play 2.0. If you want to play with Play, this project could use an update handling statelessness since the Shiro 1.2 release. </p></li> - <li><p><strong><a href="https://github.com/55minutes/fiftyfive-wicket";>55Wicket</a></strong> from <a href="http://www.55minutes.com/";>55 Minutes</a><br/>A nifty set of tools and libraries for enhancing productivity with the Apache Wicket Java web framework, including Shiro Integration.</p></li> - <li><p><strong><a href="https://github.com/timperrett/lift-shiro";>Lift</a></strong> from <a href="https://twitter.com/@timperrett";>@timperrett</a><br/>Integration between Shiro and the Lift Web framework. Uses Liftâs sitemap Locs instead of Shiroâs built in web.xml resource filters to control access to URLs. </p></li> - <li><p><strong><a href="https://github.com/alexxiyang/shiro-redis";>Redis Cache Manager</a></strong> from <a href="https://github.com/alexxiyang";>@alexxiyang</a><br/>A <a href="http://redis.io/";>Redis</a> Cache Manager implementation.</p></li> - <li><p><strong><a href="https://github.com/mythfish/shiro-memcached";>Memcached Cache Manager</a></strong> from <a href="https://github.com/mythfish";>@mythfish</a><br/>A <a href="https://memcached.org/";>Memcached</a> Cache Manager implementation.</p></li> - <li><p><strong><a href="https://github.com/silb/shiro-jersey";>JAX-RS</a></strong> from <a href="https://github.com/silb";>@silb</a><br/>Apache Shiro support for the Jersey JAX-RS implementation.</p></li> - <li><p><strong><a href="https://github.com/silb/dropwizard-shiro";>Dropwizard</a></strong> from <a href="https://github.com/silb";>@silb</a><br/>A bundle for securing <a href="http://www.dropwizard.io/";>Dropwizard</a> with Apache Shiro.</p></li> - <li><p><strong><a href="https://github.com/theborakompanioni/thymeleaf-extras-shiro";>Thymeleaf</a></strong> from <a href="https://github.com/theborakompanioni";>@theborakompanioni</a><br/>A <a href="http://www.thymeleaf.org/";>Thymeleaf</a> dialect for <a href="https://shiro.apache.org";>Apache Shiro</a> <a href="https://shiro.apache.org/tags";>tags</a>.</p></li> - <li><p><strong><a href="https://github.com/davidsowerby/krail";>Krail</a></strong> from <a href="https://github.com/davidsowerby";>@davidsowerby</a><br/>Krail provides a framework for rapid Java web development by combining Vaadin, Guice, Apache Shiro, Apache Commons Configuration and others.</p></li> -</ul><h2>Ports</h2> + <li> + <p><strong><a href="http://www.stormpath.com/blog/user-management-java-web-apps-stormpath-and-apache-shiro";>Stormpath User Management</a></strong> from <a href="http://www.stormpath.com/";>Stormpath</a><br/>Pairing Apache Shiro with Stormpath gives you a full application security and user management system, with little to no coding.</p></li> + <li> + <p><strong><a href="http://grails.org/plugins/shiro";>Grails</a></strong> from <a href="http://grails.org/";>Pivotal</a> and <a href="https://twitter.com/@pledbrook";>@pledbrook</a><br/>Very up-to-date Grails/Shiro Integration, including Grails 2.0 and Shiro 1.2. Adds easy authentication and access control to Grails applications. </p></li> + <li> + <p><strong><a href="http://isis.apache.org";>Apache Isis</a></strong> from <a href="http://apache.org/";>Apache</a><br/>Apache Isis is a full-stack framework for rapidly developing domain driven apps and RESTful APIs in Java. <a href="http://isis.apache.org/documentation.html#security";>It uses Apache Shiro</a> 1.2.x for authentication and authorization.</p></li> + <li> + <p><strong><a href="https://github.com/FeedTheCoffers/shiro-oauth";>Oauth</a></strong> from <a href="https://twitter.com/@JimmiDyson";>@JimmiDyson</a><br/>Source code for an OAuth module for Apache Shiro based on Scribe</p></li> + <li> + <p><strong><a href="https://github.com/cilogi/gaeshiro";>Google App Engine</a></strong> from <a href="https://twitter.com/@cilogi";>@cilogi</a><br/>Demo of one way to integrate Shiro with App Engine and Google Guice, plus front-end user registration and password management.</p></li> + <li> + <p><strong><a href="https://github.com/wsargent/play-shiro";>Play!</a></strong> from <a href="https://twitter.com/@will_sargent";>@will_sargent</a><br/>A very simple integration between Apache Shiro and Play 2.0. If you want to play with Play, this project could use an update handling statelessness since the Shiro 1.2 release. </p></li> + <li> + <p><strong><a href="https://github.com/55minutes/fiftyfive-wicket";>55Wicket</a></strong> from <a href="http://www.55minutes.com/";>55 Minutes</a><br/>A nifty set of tools and libraries for enhancing productivity with the Apache Wicket Java web framework, including Shiro Integration.</p></li> + <li> + <p><strong><a href="https://github.com/timperrett/lift-shiro";>Lift</a></strong> from <a href="https://twitter.com/@timperrett";>@timperrett</a><br/>Integration between Shiro and the Lift Web framework. Uses Liftâs sitemap Locs instead of Shiroâs built in web.xml resource filters to control access to URLs. </p></li> + <li> + <p><strong><a href="https://github.com/alexxiyang/shiro-redis";>Redis Cache Manager</a></strong> from <a href="https://github.com/alexxiyang";>@alexxiyang</a><br/>A <a href="http://redis.io/";>Redis</a> Cache Manager implementation.</p></li> + <li> + <p><strong><a href="https://github.com/mythfish/shiro-memcached";>Memcached Cache Manager</a></strong> from <a href="https://github.com/mythfish";>@mythfish</a><br/>A <a href="https://memcached.org/";>Memcached</a> Cache Manager implementation.</p></li> + <li> + <p><strong><a href="https://github.com/silb/shiro-jersey";>JAX-RS</a></strong> from <a href="https://github.com/silb";>@silb</a><br/>Apache Shiro support for the Jersey JAX-RS implementation.</p></li> + <li> + <p><strong><a href="https://github.com/silb/dropwizard-shiro";>Dropwizard</a></strong> from <a href="https://github.com/silb";>@silb</a><br/>A bundle for securing <a href="http://www.dropwizard.io/";>Dropwizard</a> with Apache Shiro.</p></li> + <li> + <p><strong><a href="https://github.com/theborakompanioni/thymeleaf-extras-shiro";>Thymeleaf</a></strong> from <a href="https://github.com/theborakompanioni";>@theborakompanioni</a><br/>A <a href="http://www.thymeleaf.org/";>Thymeleaf</a> dialect for <a href="https://shiro.apache.org";>Apache Shiro</a> <a href="https://shiro.apache.org/tags";>tags</a>.</p></li> + <li> + <p><strong><a href="https://github.com/davidsowerby/krail";>Krail</a></strong> from <a href="https://github.com/davidsowerby";>@davidsowerby</a><br/>Krail provides a framework for rapid Java web development by combining Vaadin, Guice, Apache Shiro, Apache Commons Configuration and others.</p></li> +</ul> +<h2><a href="#ports" name="ports">Ports</a></h2> <ul> - <li><p><strong><a href="https://github.com/stormpath/Turnstile";>Turnstile</a></strong> - Swift</p></li> - <li><p><strong><a href="https://github.com/YosaiProject/yosai";>Yosai</a></strong> - Python</p></li> - <li><p><strong><a href="https://github.com/gnavarro77/angular-shiro";>Angular</a></strong> - Angular</p></li> -</ul><h2>Got An Integration?</h2><p>Have an integration you want listed? Send us a pull request of <a href="https://github.com/apache/shiro-site/blob/master/integration.md";>this page</a>, and participate in Shiro development! <a href="how-to-contribute.html">Learn more about contributing to Apache Shiro</a>.</p> + <li> + <p><strong><a href="https://github.com/stormpath/Turnstile";>Turnstile</a></strong> - Swift</p></li> + <li> + <p><strong><a href="https://github.com/YosaiProject/yosai";>Yosai</a></strong> - Python</p></li> + <li> + <p><strong><a href="https://github.com/gnavarro77/angular-shiro";>Angular</a></strong> - Angular</p></li> +</ul> +<h2><a href="#got-an-integration-" name="got-an-integration-">Got An Integration?</a></h2> +<p>Have an integration you want listed? Send us a pull request of <a href="https://github.com/apache/shiro-site/blob/master/integration.md";>this page</a>, and participate in Shiro development! <a href="how-to-contribute.html">Learn more about contributing to Apache Shiro</a>.</p> </div> Modified: shiro/site/publish/introduction.html URL: http://svn.apache.org/viewvc/shiro/site/publish/introduction.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/introduction.html (original) +++ shiro/site/publish/introduction.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/issues.html URL: http://svn.apache.org/viewvc/shiro/site/publish/issues.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/issues.html (original) +++ shiro/site/publish/issues.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/java-annotations-list.html URL: http://svn.apache.org/viewvc/shiro/site/publish/java-annotations-list.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/java-annotations-list.html (original) +++ shiro/site/publish/java-annotations-list.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/java-annotations.html URL: http://svn.apache.org/viewvc/shiro/site/publish/java-annotations.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/java-annotations.html (original) +++ shiro/site/publish/java-annotations.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> Modified: shiro/site/publish/java-authentication-guide.html URL: http://svn.apache.org/viewvc/shiro/site/publish/java-authentication-guide.html?rev=1765607&r1=1765606&r2=1765607&view=diff ============================================================================== --- shiro/site/publish/java-authentication-guide.html (original) +++ shiro/site/publish/java-authentication-guide.html Wed Oct 19 14:24:58 2016 @@ -15,6 +15,7 @@ limitations under the License. --> <html> + <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta name="description" content="Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management."> @@ -29,6 +30,7 @@ <link rel="icon" type="image/vnd.microsoft.icon" href="./assets/images/favicon.ico"> + <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";> <link rel="stylesheet" type="text/css" href="./assets/css/normalize.css"> <link rel="stylesheet" type="text/css" href="./assets/css/confluence.css" media="screen"> @@ -148,7 +150,7 @@ UsernamePasswordToken token = <p>We use this token to bundle the username and password we acquired in someway in our Java application. Maybe they were submitted via a user web form, an HTTP header, or a command line. In Shiro, it does not matter how you acquire them-- it is protocol agnostic.</p> -<p>In this example, we have decided that we want the application to remember users when they return. So once the token is created, we use Shiro's built-in "Remember-me" feature by setting it to true on the token. This is done using the token's <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/UsernamePasswordToken.html#setRememberMe(boolean)">setRememberMe()</a></tt> method</p> +<p>In this example, we have decided that we want the application to remember users when they return. So once the token is created, we use Shiro's built-in "Remember-me" feature by setting it to true on the token. This is done using the token's <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/UsernamePasswordToken.html\#setRememberMe(boolean)">setRememberMe()</a></tt> method</p> <h3><a name="JavaAuthenticationGuide-Step2Submittheprincipalsandcredentialstoanauthenticationsystem."></a>Step 2 - Submit the principals and credentials to an authentication system.</h3> <p>So we’ve collected the information in a token and set it to remember returning users. The next step is in the Authentication process is to submit the token to an authentication system. Your authentication system is represented in Shiro by security-specific DAOs, that are referred to as <a class="external-link" href="static/current/apidocs/">Realms</a>. For more information on realms please check out the <a class="external-link" href="realm.html">Shiro Realm Guide</a>.</p> @@ -167,11 +169,11 @@ UsernamePasswordToken token = </pre> </div></div> -<p>First, we need to acquire the currently executing user, referred to as the subject. A subject is just a security specific view of the user----it can be a human, a process, cron job, doesn’t matter. In Shiro, there is always a subject instance available to the currently executing thread. The concept of a subject is core to Shiro and most of the framework is centered around working with subjects. In this example, we will name this instance of subject currentUser.</p> +<p>First, we need to acquire the currently executing user, referred to as the subject. A subject is just a security specific view of the user----it can be a human, a process, cron job, doesn&\#8217;t matter. In Shiro, there is always a subject instance available to the currently executing thread. The concept of a subject is core to Shiro and most of the framework is centered around working with subjects. In this example, we will name this instance of subject currentUser.</p> -<p>To acquire the subject, we use the <a class="external-link" href="static/current/apidocs/org/apache/shiro/SecurityUtils.html">SecurityUtils</a> class which is also a core pat of Shiro's API. It will acquire the currently executing user via the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/SecurityUtils.html#getSubject()">getsubject()</a></tt> method call. And we get back a subject instance that is representing who the current user is who is interacting with the system. At this point in the example, the subject currentUser is anonymous. There is no identity associated with them.</p> +<p>To acquire the subject, we use the <a class="external-link" href="static/current/apidocs/org/apache/shiro/SecurityUtils.html">SecurityUtils</a> class which is also a core pat of Shiro's API. It will acquire the currently executing user via the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/SecurityUtils.html\#getSubject()">getsubject()</a></tt> method call. And we get back a subject instance that is representing who the current user is who is interacting with the system. At this point in the example, the subject currentUser is anonymous. There is no identity associated with them.</p> -<p>Now with the user representation in hand, we authenticate them by just calling the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#login(org.apache.shiro.authc.AuthenticationToken))">login()</a></tt> method and submit the token we just constructed a second ago.</p> +<p>Now with the user representation in hand, we authenticate them by just calling the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#login(org.apache.shiro.authc.AuthenticationToken))">login()</a></tt> method and submit the token we just constructed a second ago.</p> <h3><a name="JavaAuthenticationGuide-Step3Allowaccess%2Cretryauthentication%2Corblockaccess"></a>Step 3 - Allow access, retry authentication, or block access</h3> <p>Again really, really easy, single method call. If the <tt>login()</tt> method call is successful, then the user is logged in and associated with a user account or identity. From here, the user can go about using your application and retain their identity through their session or longer since we have set the "Remember Me" in our example.</p> @@ -196,19 +198,57 @@ UsernamePasswordToken token = <p>You can take that method call and wrap it in a try/catch block and you can catch all sort of exceptions if you want to handle them and react accordingly. In addition to a rich set of exceptions that Shiro offers, you can create your own if you need custom functionality. For more information, follow this link documentation on <a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/AuthenticationException.html">AuthenticationException</a>.</p> -<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"; width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Security Tip</b><br clear="none">Security best practice is to give generic login failure messages to users because you do not want to aid an attacker trying to break into your system.</td></tr></table></div> +<div class="panelMacro"> + <table class="tipMacro"> + <colgroup span="1"> + <col span="1" width="24"> + <col span="1"> + </colgroup> + <tbody><tr> + <td colspan="1" rowspan="1" valign="top"> + <i class="fa fa-check-square-o"></i> + </td> + <td colspan="1" rowspan="1"> + <b>Security Tip</b> + <br clear="none"> + Security best practice is to give generic login failure messages to users because you do not want to aid an attacker trying to break into your system. + </td> + </tr> + </tbody> + </table> +</div> <h2><a name="JavaAuthenticationGuide-%22RememberMe%22Support"></a>"Remember Me" Support</h2> <p>As shown in the example above, Shiro supports the notion of "remember me" in adition to the normal login process.  </p> -<p>In Shiro, the Subject object supports two methods : <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isRemembered()">isRemembered()</a></tt> and <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isAuthenticated()">isAuthenticated()</a></tt>.</p> +<p>In Shiro, the Subject object supports two methods : <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isRemembered()">isRemembered()</a></tt> and <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isAuthenticated()">isAuthenticated()</a></tt>.</p> <p>A "remembered" subject has an identity (it is not anonymous) and their identifying attributes,referred to as principals, are remembered from a successful authentication during a previous session.</p> <p>An authenticated subject has proved their identity <em>during their current session</em>.</p> -<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif"; width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Warning</b><br clear="none">If a subject is remembered, it DOES NOT mean they are authenticated.</td></tr></table></div> +<div class="panelMacro"> + <table class="warningMacro"> + <colgroup span="1"> + <col span="1" width="24"> + <col span="1"> + </colgroup> + <tbody> + <tr> + <td colspan="1" rowspan="1" valign="top"> + <i class="fa fa-exclamation-circle"></i> + </td> + + <td colspan="1" rowspan="1"> + <b>Warning</b> + <br clear="none"> + If a subject is remembered, it DOES NOT mean they are authenticated. + </td> + </tr> + </tbody> + </table> +</div> <h3><a name="JavaAuthenticationGuide-RememberedvsAuthenticated"></a>Remembered vs Authenticated</h3> <p>In shiro it is very important to note that a remembered subject is not an authenticated subject. A check against <tt>isAuthenticated()</tt> is a much more strict check because authentication is the process of proving you are who you say you are. When a user is only remembered, the remembered identity gives the system an idea who that user probably is, but in reality, has no way of absolutely guaranteeing if the remembered Subject represents the user currently using the application. Once the subject is authenticated, they are no longer considered only remembered because their identity would have been verified during the current session.</p>
![https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"](https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif"](https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif"](https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif"){kind=link}