Author: bdemers
Date: Wed Oct 19 14:24:58 2016
New Revision: 1765607
URL: http://svn.apache.org/viewvc?rev=1765607&view=rev
Log:
updating info, tip, warning, and danger panels
Modified:
shiro/site/publish/10-minute-tutorial.html
shiro/site/publish/2010/03/18/great-source-comments.html
shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html
shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html
shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
shiro/site/publish/2010/11/03/apache-shiro-110-released.html
shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html
shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html
shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html
shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html
shiro/site/publish/2011/06/30/apache-shiro-login-demo.html
shiro/site/publish/2012/01/24/apache-shiro-120-released.html
shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html
shiro/site/publish/2012/07/29/apache-shiro-121-released.html
shiro/site/publish/2013/05/30/apache-shiro-122-released.html
shiro/site/publish/README.html
shiro/site/publish/about.html
shiro/site/publish/adoption.html
shiro/site/publish/architecture.html
shiro/site/publish/articles.html
shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css
shiro/site/publish/authentication-features.html
shiro/site/publish/authentication-guide.html
shiro/site/publish/authentication.html
shiro/site/publish/authenticator.html
shiro/site/publish/authorization-features.html
shiro/site/publish/authorization.html
shiro/site/publish/authorizer.html
shiro/site/publish/banner.html
shiro/site/publish/cachemanager.html
shiro/site/publish/caching.html
shiro/site/publish/cas.html
shiro/site/publish/codec.html
shiro/site/publish/command-line-hasher.html
shiro/site/publish/commercial-support.html
shiro/site/publish/community.html
shiro/site/publish/concurrency.html
shiro/site/publish/conferences.html
shiro/site/publish/configuration.html
shiro/site/publish/confluence-auto-export.html
shiro/site/publish/contribute.html
shiro/site/publish/core.html
shiro/site/publish/cryptography-features.html
shiro/site/publish/cryptography.html
shiro/site/publish/deprecated-pages.html
shiro/site/publish/developer-resources.html
shiro/site/publish/developers.html
shiro/site/publish/documentation-help-block.html
shiro/site/publish/documentation.html
shiro/site/publish/download.html
shiro/site/publish/events.html
shiro/site/publish/features-overview.html
shiro/site/publish/features.html
shiro/site/publish/forums.html
shiro/site/publish/get-started.html
shiro/site/publish/getting-started-block.html
shiro/site/publish/graduation-resolution.html
shiro/site/publish/guice.html
shiro/site/publish/guides.html
shiro/site/publish/how-to-contribute.html
shiro/site/publish/inclusionslibrary.html
shiro/site/publish/index.html
shiro/site/publish/integration.html
shiro/site/publish/introduction.html
shiro/site/publish/issues.html
shiro/site/publish/java-annotations-list.html
shiro/site/publish/java-annotations.html
shiro/site/publish/java-authentication-guide.html
shiro/site/publish/java-authorization-guide.html
shiro/site/publish/java-cryptography-guide.html
shiro/site/publish/jsp-tag-library.html
shiro/site/publish/license.html
shiro/site/publish/mailing-lists.html
shiro/site/publish/navigation.html
shiro/site/publish/news.html
shiro/site/publish/overview.html
shiro/site/publish/performing-a-release.html
shiro/site/publish/permissions.html
shiro/site/publish/powered-by-shiro.html
shiro/site/publish/privacy-policy.html
shiro/site/publish/quickstart.html
shiro/site/publish/realm.html
shiro/site/publish/reference.html
shiro/site/publish/securitymanager.html
shiro/site/publish/session-management-features.html
shiro/site/publish/session-management.html
shiro/site/publish/sessionmanager.html
shiro/site/publish/sharing-block-small.html
shiro/site/publish/sharing-block.html
shiro/site/publish/site.html
shiro/site/publish/siteheader.html
shiro/site/publish/spring.html
shiro/site/publish/subject.html
shiro/site/publish/support.html
shiro/site/publish/tags.html
shiro/site/publish/team.html
shiro/site/publish/terminology.html
shiro/site/publish/testing.html
shiro/site/publish/tools.html
shiro/site/publish/tutorial.html
shiro/site/publish/version-2-brainstorming.html
shiro/site/publish/web-features.html
shiro/site/publish/web.html
shiro/site/publish/webapp-tutorial.html
shiro/site/publish/what-is-shiro.html
shiro/site/publish/wiki-todos.html
Modified: shiro/site/publish/10-minute-tutorial.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/10-minute-tutorial.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/10-minute-tutorial.html (original)
+++ shiro/site/publish/10-minute-tutorial.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
@@ -71,7 +73,9 @@
<div id="content">
- <h1><a
name="10MinuteTutorial-10MinuteTutorialonApacheShiro"></a>10 Minute Tutorial on
Apache Shiro</h1>
+
+
+<h1><a name="10MinuteTutorial-10MinuteTutorialonApacheShiro"></a>10 Minute
Tutorial on Apache Shiro</h1>
<div class="addthis_toolbox addthis_default_style">
<a class="addthis_button_compact"
href="http://www.addthis.com/bookmark.php?v=250&pubid=ra-4d66ef016022c3bd";>Share</a>
@@ -121,15 +125,21 @@
<col span="1" width="24">
<col span="1">
</colgroup>
+
+
+ <tbody>
<tr>
- <td colspan="1" rowspan="1" valign="top"><img align="middle"
-
src="https://cwiki.apache.org/confluence/images/icons/emoticons/information.png";
- width="16"
height="16" alt="" border="0"></td>
- <td colspan="1" rowspan="1">Shiro can be run in any environment,
from the simplest command line application
- to the biggest enterprise web and clustered applications, but
we'll use the simplest possible example in
- a simple <tt>main</tt> method for this QuickStart so you can
get a feel for the API.
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-info-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Note</b>
+ <br clear="none">
+ Shiro can be run in any environment, from the simplest command
line application to the biggest enterprise web and clustered applications, but
we'll use the simplest possible example in a simple <tt>main</tt> method for
this QuickStart so you can get a feel for the API.
</td>
</tr>
+ </tbody>
</table>
</div>
@@ -293,15 +303,17 @@ session.setAttribute( <span class="code-
<col span="1" width="24">
<col span="1">
</colgroup>
- <tr>
- <td colspan="1" rowspan="1" valign="top"><img align="middle"
-
src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.png";
- width="16"
height="16" alt="" border="0"></td>
- <td colspan="1" rowspan="1"><b>Handy Hint</b><br
clear="none">Security best practice is to give generic
- login failure messages to users because you do not want to aid
an attacker trying to break into your
- system.
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Handy Hint</b>
+ <br clear="none">
+ Security best practice is to give generic login failure
messages to users because you do not want to aid an attacker trying to break
into your system.
</td>
</tr>
+ </tbody>
</table>
</div>
Modified: shiro/site/publish/2010/03/18/great-source-comments.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2010/03/18/great-source-comments.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/03/18/great-source-comments.html (original)
+++ shiro/site/publish/2010/03/18/great-source-comments.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html
(original)
+++ shiro/site/publish/2010/06/01/apache-shiro-100-incubating-released.html Wed
Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
---
shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
(original)
+++
shiro/site/publish/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
---
shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
(original)
+++
shiro/site/publish/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html (original)
+++ shiro/site/publish/2010/09/20/san-francisco-jug-presentation.html Wed Oct
19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
---
shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
(original)
+++
shiro/site/publish/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2010/11/03/apache-shiro-110-released.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2010/11/03/apache-shiro-110-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2010/11/03/apache-shiro-110-released.html (original)
+++ shiro/site/publish/2010/11/03/apache-shiro-110-released.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
---
shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
(original)
+++
shiro/site/publish/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html (original)
+++ shiro/site/publish/2011/01/13/apache-shiro-support-for-mule.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
---
shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html
(original)
+++
shiro/site/publish/2011/02/10/apache-shiro-integration-for-grails-113-released.html
Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
---
shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
(original)
+++
shiro/site/publish/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html (original)
+++ shiro/site/publish/2011/03/14/infoq-article-on-apache-shiro.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified:
shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
---
shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html
(original)
+++
shiro/site/publish/2011/05/24/the-new-rbac-resource-based-access-control.html
Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2011/06/30/apache-shiro-login-demo.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2011/06/30/apache-shiro-login-demo.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2011/06/30/apache-shiro-login-demo.html (original)
+++ shiro/site/publish/2011/06/30/apache-shiro-login-demo.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2012/01/24/apache-shiro-120-released.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2012/01/24/apache-shiro-120-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2012/01/24/apache-shiro-120-released.html (original)
+++ shiro/site/publish/2012/01/24/apache-shiro-120-released.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html (original)
+++ shiro/site/publish/2012/03/13/whats-new-in-apache-shiro-12.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2012/07/29/apache-shiro-121-released.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2012/07/29/apache-shiro-121-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2012/07/29/apache-shiro-121-released.html (original)
+++ shiro/site/publish/2012/07/29/apache-shiro-121-released.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
Modified: shiro/site/publish/2013/05/30/apache-shiro-122-released.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/2013/05/30/apache-shiro-122-released.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/2013/05/30/apache-shiro-122-released.html (original)
+++ shiro/site/publish/2013/05/30/apache-shiro-122-released.html Wed Oct 19
14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="../../../assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css"
href="../../../assets/css/normalize.css">
<link rel="stylesheet" type="text/css"
href="../../../assets/css/confluence.css" media="screen">
@@ -71,7 +73,13 @@
<div id="content">
- <p>Dear Apache Shiro Community,</p><p>The Shiro team is pleased to
announce the release of Apache Shiro version 1.2.2. This is the second bug fix
point release after 1.2.0.</p><p>This release includes <a class="external-link"
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&version=12323469";>18
bug fixes</a> since the 1.2.1 release and is available for <a
href="../../../download.html" title="Download">Download</a> now.</p><p>All
binaries (.jars) are available in Maven Central already. Please note that the
Apache mirrors are still updating to reflect the source distribution, but some
mirrors may not be updated yet. If a mirror download link does not work, please
try another or wait another 12 to 24 hours.</p><p>For more information on Shiro
1.2, please read the “<a class="external-link"
href="http://www.stormpath.com/blog/whats-new-apache-shiro-12";
rel="nofollow">What’s new in Apache Shiro 1.2?</a>” article or the
previous
<a class="external-link"
href="../../../2012/01/24/apache-shiro-120-released.html">1.2 release
announcement</a>.</p><p>Enjoy!</p><p>The Apache Shiro Team</p>
+ <p>Dear Apache Shiro Community,</p>
+<p>The Shiro team is pleased to announce the release of Apache Shiro version
1.2.2. This is the second bug fix point release after 1.2.0.</p>
+<p>This release includes <a class="external-link"
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&version=12323469";>18
bug fixes</a> since the 1.2.1 release and is available for <a
href="../../../download.html" title="Download">Download</a> now.</p>
+<p>All binaries (.jars) are available in Maven Central already. Please note
that the Apache mirrors are still updating to reflect the source distribution,
but some mirrors may not be updated yet. If a mirror download link does not
work, please try another or wait another 12 to 24 hours.</p>
+<p>For more information on Shiro 1.2, please read the “<a
class="external-link"
href="http://www.stormpath.com/blog/whats-new-apache-shiro-12";
rel="nofollow">What’s new in Apache Shiro 1.2?</a>” article or the
previous <a class="external-link"
href="../../../2012/01/24/apache-shiro-120-released.html">1.2 release
announcement</a>.</p>
+<p>Enjoy!</p>
+<p>The Apache Shiro Team</p>
</div>
Modified: shiro/site/publish/README.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/README.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/README.html (original)
+++ shiro/site/publish/README.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
@@ -71,7 +73,13 @@
<div id="content">
- <h1>Apache Shiro Website Overview</h1><p>The Apache Shiro website
is a static content website accessible at <a
href="http://shiro.apache.org";>http://shiro.apache.org</a></p><p>Site content
is authored as Markdown and HTML files. These files are scanned by a tool that
applies a page template to each file’s contents as necessary, and the
rendered static .html files are output to a <code>publish</code>
directory.</p><p>Publishing site changes is as simple as committing any changes
in the <code>publish</code> directory to version control. ASF infrastructure
will see the commit and automatically push the changes to the ASF’s
production webservers.</p><h2>Generating and Publishing</h2><p>The tool used to
generate the static content is <a
href="https://github.com/lhazlewood/scms";>SCMS</a>. Once scms is installed and
in your <code>$PATH</code>, generating and publishing the site on the command
line is easy.</p><p>The following example assumes you have SVN commit perm
issions to the <code>publish</code> directory, typically because your are an
Apache Shiro project committer:</p>
+ <h1><a href="#apache-shiro-website-overview"
name="apache-shiro-website-overview">Apache Shiro Website Overview</a></h1>
+<p>The Apache Shiro website is a static content website accessible at <a
href="http://shiro.apache.org";>http://shiro.apache.org</a></p>
+<p>Site content is authored as Markdown and HTML files. These files are
scanned by a tool that applies a page template to each file’s contents as
necessary, and the rendered static .html files are output to a
<code>publish</code> directory.</p>
+<p>Publishing site changes is as simple as committing any changes in the
<code>publish</code> directory to version control. ASF infrastructure will see
the commit and automatically push the changes to the ASF’s production
webservers.</p>
+<h2><a href="#generating-and-publishing"
name="generating-and-publishing">Generating and Publishing</a></h2>
+<p>The tool used to generate the static content is <a
href="https://github.com/lhazlewood/scms";>SCMS</a>. Once scms is installed and
in your <code>$PATH</code>, generating and publishing the site on the command
line is easy.</p>
+<p>The following example assumes you have SVN commit permissions to the
<code>publish</code> directory, typically because your are an Apache Shiro
project committer:</p>
<pre><code>cd site
# This next command will take a few seconds, be patient :)
scms trunk publish
Modified: shiro/site/publish/about.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/about.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/about.html (original)
+++ shiro/site/publish/about.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
Modified: shiro/site/publish/adoption.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/adoption.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/adoption.html (original)
+++ shiro/site/publish/adoption.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
Modified: shiro/site/publish/architecture.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/architecture.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/architecture.html (original)
+++ shiro/site/publish/architecture.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
@@ -174,7 +176,25 @@ and more.</li></ul>
<p>The <tt>SecurityManager</tt> implementations and are also JavaBeans
compatible, which allows you (or a configuration mechanism) to easily customize
the pluggable components via standard JavaBeans accessor/mutator methods
(get*/set*). This means the Shiro's architectural modularity can translate
into very easy configuration for custom behavior.</p>
-<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Easy Configuration</b><br clear="none">Because of JavaBeans
compatibility, it is very easy to configure the <tt>SecurityManager</tt> with
custom components via any mechanism that supports JavaBeans-style
configuration, such as <a href="spring.html" title="Spring">Spring</a>, Guice,
JBoss, etc.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="tipMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Easy Configuration</b>
+ <br clear="none">
+ Because of JavaBeans compatibility, it is very easy to
configure the <tt>SecurityManager</tt> with custom components via any mechanism
that supports JavaBeans-style configuration, such as <a href="spring.html"
title="Spring">Spring</a>, Guice, JBoss, etc.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<p>We will cover <a href="configuration.html"
title="Configuration">Configuration</a> next.</p>
Modified: shiro/site/publish/articles.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/articles.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/articles.html (original)
+++ shiro/site/publish/articles.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
Modified: shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css
URL:
http://svn.apache.org/viewvc/shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css (original)
+++ shiro/site/publish/assets/css/gh-pages/gh-fork-ribbon.css Wed Oct 19
14:24:58 2016
@@ -31,6 +31,10 @@
top: 3.23em;
right: -3.23em;
+ -webkit-box-sizing: content-box;
+ -moz-box-sizing: content-box;
+ box-sizing: content-box;
+
-webkit-transform: rotate(45deg);
-moz-transform: rotate(45deg);
-ms-transform: rotate(45deg);
Modified: shiro/site/publish/authentication-features.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/authentication-features.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authentication-features.html (original)
+++ shiro/site/publish/authentication-features.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
@@ -71,7 +73,10 @@
<div id="content">
- <h1>Apache Shiro Authentication Features</h1><p>Authentication is
the process of identity verification– you are trying to verify a user is
who they say they are. To do so, a user needs to provide some sort of proof of
identity that your system understands and trusts. </p><p>The Shiro framework is
designed to make authentication as clean and intuitive as possible while
providing a rich set of features. Below is a highlight of the Shiro
authentication features.</p><h2>Features</h2>
+ <h1><a href="#apache-shiro-authentication-features"
name="apache-shiro-authentication-features">Apache Shiro Authentication
Features</a></h1>
+<p>Authentication is the process of identity verification– you are
trying to verify a user is who they say they are. To do so, a user needs to
provide some sort of proof of identity that your system understands and trusts.
</p>
+<p>The Shiro framework is designed to make authentication as clean and
intuitive as possible while providing a rich set of features. Below is a
highlight of the Shiro authentication features.</p>
+<h2><a href="#features" name="features">Features</a></h2>
<table align="right" width="275" style="margin-left: 20px; margin-bottom:
20px; border-style: solid; border-width: 2px; border-color: navy"
cellpadding="10px">
<tr>
@@ -96,12 +101,18 @@
</tr>
</table>
<ul>
- <li><p><strong>Subject Based</strong> - Almost everything you do in Shiro is
based on the currently executing user, called a Subject. And you can easily
retrieve the Subject anywhere in your code. This makes it easier for you to
understand and work with Shiro in your applications.</p></li>
- <li><p><strong>Single Method call</strong> - The authentication process is a
single method call. Needing only one method call keeps the API simple and your
application code clean, saving you time and effort.</p></li>
- <li><p><strong>Rich Exception Hierarchy</strong> - Shiro offers a rich
exception hierarchy to offered detailed explanations for why a login failed.
The hierarchy can help you more easily diagnose code bugs or customer services
issues related to authentication. In addition, the richness can help you create
more complex authentication functionality if needed.</p></li>
- <li><p><strong>‘Remember Me’ built in</strong> - Standard in the
Shiro API is the ability to remember your users if they return to your
application. You can offer a better user experience to your them with minimal
development effort.</p></li>
- <li><p><strong>Pluggable data sources</strong> - Shiro uses pluggable data
access objects (DAOs), called Realms, to connect to security data sources like
LDAP and Active Directory. To help you avoid building and maintaining
integrations yourself, Shiro provides out-of-the-box realms for popular data
sources like LDAP, Active Directory, and JDBC. If needed, you can also create
your own realms to support specific functionality not included in the basic
realms.</p></li>
- <li><p><strong>Login with one or more realms</strong> - Using Shiro, you can
easily authenticate a user against one or more realms and return one unified
view of their identity. In addition, you can customize the authentication
process with Shiro’s notion of an authentication strategy. The strategies
can be setup in configuration files so changes don’t require source code
modifications– reducing complexity and maintenance effort.</p></li>
+ <li>
+ <p><strong>Subject Based</strong> - Almost everything you do in Shiro is
based on the currently executing user, called a Subject. And you can easily
retrieve the Subject anywhere in your code. This makes it easier for you to
understand and work with Shiro in your applications.</p></li>
+ <li>
+ <p><strong>Single Method call</strong> - The authentication process is a
single method call. Needing only one method call keeps the API simple and your
application code clean, saving you time and effort.</p></li>
+ <li>
+ <p><strong>Rich Exception Hierarchy</strong> - Shiro offers a rich exception
hierarchy to offered detailed explanations for why a login failed. The
hierarchy can help you more easily diagnose code bugs or customer services
issues related to authentication. In addition, the richness can help you create
more complex authentication functionality if needed.</p></li>
+ <li>
+ <p><strong>‘Remember Me’ built in</strong> - Standard in the
Shiro API is the ability to remember your users if they return to your
application. You can offer a better user experience to your them with minimal
development effort.</p></li>
+ <li>
+ <p><strong>Pluggable data sources</strong> - Shiro uses pluggable data
access objects (DAOs), called Realms, to connect to security data sources like
LDAP and Active Directory. To help you avoid building and maintaining
integrations yourself, Shiro provides out-of-the-box realms for popular data
sources like LDAP, Active Directory, and JDBC. If needed, you can also create
your own realms to support specific functionality not included in the basic
realms.</p></li>
+ <li>
+ <p><strong>Login with one or more realms</strong> - Using Shiro, you can
easily authenticate a user against one or more realms and return one unified
view of their identity. In addition, you can customize the authentication
process with Shiro’s notion of an authentication strategy. The strategies
can be setup in configuration files so changes don’t require source code
modifications– reducing complexity and maintenance effort.</p></li>
</ul>
</div>
Modified: shiro/site/publish/authentication-guide.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/authentication-guide.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authentication-guide.html (original)
+++ shiro/site/publish/authentication-guide.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
@@ -73,7 +75,29 @@
<p>This page has been moved. You are being redirected.</p>
-<p></p><div class="panelMacro"><table class="noteMacro"><colgroup
span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1"
rowspan="1" valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Redirection Notice</b><br clear="none">This page should redirect
to <a href="java-authentication-guide.html" title="Java Authentication
Guide">Java Authentication Guide</a>.</td></tr></table></div>
+<p></p>
+
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Redirection Notice</b>
+ <br clear="none">
+ This page should redirect to <a
href="java-authentication-guide.html" title="Java Authentication Guide">Java
Authentication Guide</a>.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<script type="text/javascript">
<!--
Modified: shiro/site/publish/authentication.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/authentication.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authentication.html (original)
+++ shiro/site/publish/authentication.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
@@ -85,9 +87,32 @@
<ul><li><b>Principals</b> are a Subject's 'identifying attributes'.
Principals can be anything that identifies a Subject, such as a first name
(given name), last name (surname or family name), a username, Social Security
Number, etc. Of course things like family names are not very good at uniquely
identifying a <tt>Subject</tt>, so the best principals to use for
authentication are unique for an application - typically a username or email
address.
<br clear="none" class="atl-forced-newline">
<br clear="none" class="atl-forced-newline">
-<div class="panelMacro"><table class="infoMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/information.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Primary Principal</b><br clear="none">While Shiro can represent
any number of principals, Shiro expects an application to have exactly one
'Primary' principal - a single value that uniquely identifies the
<tt>Subject</tt> within the application. This is typically a username, email
address or globally unique user id in most applications.</td></tr></table></div>
-<p><br clear="none" class="atl-forced-newline">
-<br clear="none" class="atl-forced-newline"></p></li><li><b>Credentials</b>
are usually secret values known only by the <tt>Subject</tt> which are used as
supporting evidence that they in fact 'own' the claimed identity. Some common
examples of credentials are passwords, biometric data such as fingerprints and
retina scans, and X.509 certificates.</li></ul>
+
+<div class="panelMacro">
+ <table class="infoMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+
+
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-info-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Primary Principal</b>
+ <br clear="none">
+ While Shiro can represent any number of principals, Shiro
expects an application to have exactly one 'Primary' principal - a single value
that uniquely identifies the <tt>Subject</tt> within the application. This is
typically a username, email address or globally unique user id in most
applications.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
+
+</li><li><b>Credentials</b> are usually secret values known only by the
<tt>Subject</tt> which are used as supporting evidence that they in fact 'own'
the claimed identity. Some common examples of credentials are passwords,
biometric data such as fingerprints and retina scans, and X.509
certificates.</li></ul>
<p>The most common example of a principal/credential pairing is that of a
username and password. The username is the claimed identity, and the password
is the proof matching the claimed identity. If a submitted password matches
what is expected by the application, the application can largely assume that
the user really is who they say they are because no-one else should know the
same password.</p>
@@ -133,13 +158,13 @@ currentUser.login(token);
</pre>
</div></div>
-<p>After acquiring the currently-executing <tt>Subject</tt>, we make a single
<tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html#login(org.apache.shiro.authc.AuthenticationToken)">login</a></tt>
call, passing in the <tt>AuthenticationToken</tt> instance we created
earlier.</p>
+<p>After acquiring the currently-executing <tt>Subject</tt>, we make a single
<tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#login(org.apache.shiro.authc.AuthenticationToken)">login</a></tt>
call, passing in the <tt>AuthenticationToken</tt> instance we created
earlier.</p>
<p>An invocation to the <tt>login</tt> method effectively represents an
authentication attempt.</p>
<h3><a name="Authentication-Step3%3AHandlingSuccessorFailure"></a>Step 3:
Handling Success or Failure</h3>
-<p>If the <tt>login</tt> method returns quietly, that's it - we're done! The
<tt>Subject</tt> has been authenticated. The application thread can continue
uninterrupted and all further calls to <tt>SecurityUtils.getSubject()</tt> will
return the authenticated <tt>Subject</tt> instance, and any calls to
<tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isAuthenticated()">isAuthenticated()</a></tt>
will return <tt>true</tt>.</p>
+<p>If the <tt>login</tt> method returns quietly, that's it - we're done! The
<tt>Subject</tt> has been authenticated. The application thread can continue
uninterrupted and all further calls to <tt>SecurityUtils.getSubject()</tt> will
return the authenticated <tt>Subject</tt> instance, and any calls to
<tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isAuthenticated()">isAuthenticated()</a></tt>
will return <tt>true</tt>.</p>
<p>But what happens if the login attempt failed? For example, what if the
end-user supplied an incorrect password, or accessed the system too many times
and maybe their account is locked?</p>
@@ -164,18 +189,56 @@ currentUser.login(token);
<p>If one of the existing exception classes do not meet your needs, custom
<tt>AuthenticationExceptions</tt> can be created to represent specific failure
scenarios.</p>
-<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Login Failure Tip</b><br clear="none">While your code can react
to specific exceptions and execute logic as necessary, a security best practice
is to only show a generic failure message to an end user in the event of a
failure, for example, "Incorrect username or password.". This ensures no
specific information is available to hackers that may be attempting an attack
vector.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="tipMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Login Failure Tip</b>
+ <br clear="none">
+ While your code can react to specific exceptions and execute
logic as necessary, a security best practice is to only show a generic failure
message to an end user in the event of a failure, for example, "Incorrect
username or password.". This ensures no specific information is available to
hackers that may be attempting an attack vector.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h2><a name="Authentication-Rememberedvs.Authenticated"></a>Remembered vs.
Authenticated</h2>
<p>As shown in the example above, Shiro supports the notion of "remember me"
in addition to the normal login process. It is worth pointing out at this time
that Shiro makes a very precise distinction between a <em>remembered</em>
Subject and an actual <em>authenticated</em> Subject: </p>
-<ul><li><b>Remembered</b>: A remembered <tt>Subject</tt> is not anonymous and
has a known identity (i.e. <tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html#getPrincipals()">getPrincipals()</a></tt>
is non-empty). But this identity is remembered from a previous authentication
during a <b>previous</b> session. A subject is considered remembered if
<tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isRemembered()">isRemembered()</a></tt>
returns <tt>true</tt>.
+<ul><li><b>Remembered</b>: A remembered <tt>Subject</tt> is not anonymous and
has a known identity (i.e. <tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#getPrincipals()">getPrincipals()</a></tt>
is non-empty). But this identity is remembered from a previous authentication
during a <b>previous</b> session. A subject is considered remembered if
<tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isRemembered()">isRemembered()</a></tt>
returns <tt>true</tt>.
<br clear="none" class="atl-forced-newline">
-<br clear="none" class="atl-forced-newline"></li><li><b>Authenticated</b>: An
authenticated <tt>Subject</tt> is one that has been successfully authenticated
(i.e. the <tt>login</tt> method was invoked without throwing an exception)
<em>during the Subject's current session</em>. A subject is considered
authenticated if <tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html#isAuthenticated()">isAuthenticated()</a></tt>
returns <tt>true</tt>.</li></ul>
+<br clear="none" class="atl-forced-newline"></li><li><b>Authenticated</b>: An
authenticated <tt>Subject</tt> is one that has been successfully authenticated
(i.e. the <tt>login</tt> method was invoked without throwing an exception)
<em>during the Subject's current session</em>. A subject is considered
authenticated if <tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#isAuthenticated()">isAuthenticated()</a></tt>
returns <tt>true</tt>.</li></ul>
-<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Mutually Exclusive</b><br clear="none">Remembered and
authenticated states are mutually exclusive - a <tt>true</tt> value for one
indicates a <tt>false</tt> value for the other and vice
versa.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Mutually Exclusive</b>
+ <br clear="none">
+ Remembered and authenticated states are mutually exclusive - a
<tt>true</tt> value for one indicates a <tt>false</tt> value for the other and
vice versa.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h3><a name="Authentication-Whythedistinction%3F"></a>Why the distinction?</h3>
@@ -203,7 +266,7 @@ currentUser.login(token);
<h2><a name="Authentication-LoggingOut"></a>Logging Out</h2>
-<p>The opposite of authenticating is releasing all known identifying state.
When the <tt>Subject</tt> is done interacting with the application, you can
call <tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html#logout()">logout()</a></tt>
to relinquish all identifying information:</p>
+<p>The opposite of authenticating is releasing all known identifying state.
When the <tt>Subject</tt> is done interacting with the application, you can
call <tt>subject.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#logout()">logout()</a></tt>
to relinquish all identifying information:</p>
<div class="code panel" style="border-width: 1px;"><div class="codeContent
panelContent">
<pre class="code-java">
@@ -215,7 +278,27 @@ currentUser.logout(); <span class="code-
<p>After a <tt>Subject</tt> logs-out, the <tt>Subject</tt> instance is
considered anonymous again and, except for web applications, can be re-used for
<tt>login</tt> again if desired.</p>
-<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Web Application Notice</b><br clear="none">Because remembered
identity in web applications is often persisted with cookies, and cookies can
only be deleted before a Response body is committed, it is highly recommended
to redirect the end-user to a new view or page immediately after calling
<tt>subject.logout()</tt>. This guarantees that any security-related cookies
are deleted as expected. This is a limitation of how HTTP cookies function and
not a limitation of Shiro.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="warningMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-exclamation-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Web Application Notice</b>
+ <br clear="none">
+ Because remembered identity in web applications is often
persisted with cookies, and cookies can only be deleted before a Response body
is committed, it is highly recommended to redirect the end-user to a new view
or page immediately after calling <tt>subject.logout()</tt>. This guarantees
that any security-related cookies are deleted as expected. This is a limitation
of how HTTP cookies function and not a limitation of Shiro.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<p><a name="Authentication-sequence"></a></p>
<h2><a name="Authentication-AuthenticationSequence"></a>Authentication
Sequence</h2>
@@ -235,12 +318,32 @@ currentUser.logout(); <span class="code-
<b>Step 2</b>: The <tt>Subject</tt> instance, typically a <tt><a
class="external-link"
href="static/current/apidocs/org/apache/shiro/subject/support/DelegatingSubject.html">DelegatingSubject</a></tt>
(or a subclass) delegates to the application's <tt>SecurityManager</tt> by
calling <tt>securityManager.login(token)</tt>, where the actual authentication
work begins.
<br clear="none" class="atl-forced-newline">
<br clear="none" class="atl-forced-newline">
-<b>Step 3</b>: The <tt>SecurityManager</tt>, being a basic 'umbrella'
component, receives the token and simply delegates to its internal <tt><a
class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html">Authenticator</a></tt>
instance by calling <tt>authenticator.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html#authenticate(org.apache.shiro.authc.AuthenticationToken)">authenticate(token)</a></tt>.
This is almost always a <tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/pam/ModularRealmAuthenticator.html">ModularRealmAuthenticator</a></tt>
instance, which supports coordinating one or more <tt>Realm</tt> instances
during authentication. The <tt>ModularRealmAuthenticator</tt> essentially
provides a <a class="external-link"
href="http://en.wikipedia.org/wiki/Pluggable_Authentication_Modules";
rel="nofollow">PAM</a>-style paradigm for Apache Shiro (where each <tt>Re
alm</tt> is a 'module' in PAM terminology).
+<b>Step 3</b>: The <tt>SecurityManager</tt>, being a basic 'umbrella'
component, receives the token and simply delegates to its internal <tt><a
class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html">Authenticator</a></tt>
instance by calling <tt>authenticator.</tt><tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html\#authenticate(org.apache.shiro.authc.AuthenticationToken)">authenticate(token)</a></tt>.
This is almost always a <tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/pam/ModularRealmAuthenticator.html">ModularRealmAuthenticator</a></tt>
instance, which supports coordinating one or more <tt>Realm</tt> instances
during authentication. The <tt>ModularRealmAuthenticator</tt> essentially
provides a <a class="external-link"
href="http://en.wikipedia.org/wiki/Pluggable_Authentication_Modules";
rel="nofollow">PAM</a>-style paradigm for Apache Shiro (where each <tt>R
ealm</tt> is a 'module' in PAM terminology).
<br clear="none" class="atl-forced-newline">
<br clear="none" class="atl-forced-newline">
<b>Step 4</b>: If more than one <tt>Realm</tt> is configured for the
application, the <tt>ModularRealmAuthenticator</tt> instance will initiate a
multi-<tt>Realm</tt> authentication attempt utilizing its configured <tt><a
class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/pam/AuthenticationStrategy.html">AuthenticationStrategy</a></tt>.
Before, during and after the <tt>Realms</tt> are invoked for authentication,
the <tt>AuthenticationStrategy</tt> will be called to allow it to react to each
Realm's results. We will cover <tt>AuthenticationStrategies</tt> soon.</p>
-<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Single-Realm Application</b><br clear="none">If only a single
Realm is configured, it is called directly - there is no need for an
<tt>AuthenticationStrategy</tt> in a single-Realm
application.</td></tr></table></div>
-<p><b>Step 5</b>: Each configured <tt>Realm</tt> is consulted to see if it
<tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/realm/Realm.html#supports(org.apache.shiro.authc.AuthenticationToken)">supports</a></tt>
the submitted <tt>AuthenticationToken</tt>. If so, the supporting Realm's
<tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/realm/Realm.html#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo</a></tt>
method will be invoked with the submitted <tt>token</tt>. The
<tt>getAuthenticationInfo</tt> method effectively represents a single
authentication attempt for that particular <tt>Realm</tt>. We will cover the
<tt>Realm</tt> authentication behavior shortly.</p>
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Single-Realm Application</b>
+ <br clear="none">
+ If only a single Realm is configured, it is called directly -
there is no need for an <tt>AuthenticationStrategy</tt> in a single-Realm
application.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
+<p><b>Step 5</b>: Each configured <tt>Realm</tt> is consulted to see if it
<tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/realm/Realm.html\#supports(org.apache.shiro.authc.AuthenticationToken)">supports</a></tt>
the submitted <tt>AuthenticationToken</tt>. If so, the supporting Realm's
<tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/realm/Realm.html\#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo</a></tt>
method will be invoked with the submitted <tt>token</tt>. The
<tt>getAuthenticationInfo</tt> method effectively represents a single
authentication attempt for that particular <tt>Realm</tt>. We will cover the
<tt>Realm</tt> authentication behavior shortly.</p>
<h3><a
name="Authentication-%7B%7BAuthenticator%7D%7D"></a><tt>Authenticator</tt></h3>
@@ -274,7 +377,29 @@ securityManager.authenticator = $authent
<p>Also an <tt>AuthenticationStrategy</tt> is responsible for aggregating the
results from each successful Realm and 'bundling' them into a single <tt><a
class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/AuthenticationInfo.html">AuthenticationInfo</a></tt>
representation. This final aggregate <tt>AuthenticatinoInfo</tt> instance is
what is returned by the <tt>Authenticator</tt> instance and is what Shiro uses
to represent the <tt>Subject</tt>'s final identity (aka Principals).</p>
-<div class="panelMacro"><table class="infoMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/information.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Subject Identity 'View'</b><br clear="none">If you use more than
one Realm in your application to acquire account data from multiple data
sources, the <tt>AuthenticationStrategy</tt> is ultimately responsible for the
final 'merged' view of the Subject's identity that is seen by the
application.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="infoMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+
+
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-info-circle"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Subject Identity 'View'</b>
+ <br clear="none">
+ If you use more than one Realm in your application to acquire
account data from multiple data sources, the <tt>AuthenticationStrategy</tt> is
ultimately responsible for the final 'merged' view of the Subject's identity
that is seen by the application.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<p>Shiro has 3 concrete <tt>AuthenticationStrategy</tt> implementations:</p>
@@ -297,7 +422,25 @@ securityManager.authenticator.authentica
</pre>
</div></div>
-<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Custom AuthenticationStrategy</b><br clear="none">If you wanted
to create your own <tt>AuthenticationStrategy</tt> implementation yourself, you
could use the <tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/pam/AbstractAuthenticationStrategy.html">org.apache.shiro.authc.pam.AbstractAuthenticationStrategy</a></tt>
as a starting point. The <tt>AbstractAuthenticationStrategy</tt> class
automatically implements the 'bundling'/aggregation behavior of merging the
results from each Realm into a single <tt>AuthenticationInfo</tt>
instance.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="tipMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody><tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-check-square-o"></i>
+ </td>
+ <td colspan="1" rowspan="1">
+ <b>Custom AuthenticationStrategy</b>
+ <br clear="none">
+ If you wanted to create your own
<tt>AuthenticationStrategy</tt> implementation yourself, you could use the
<tt><a class="external-link"
href="static/current/apidocs/org/apache/shiro/authc/pam/AbstractAuthenticationStrategy.html">org.apache.shiro.authc.pam.AbstractAuthenticationStrategy</a></tt>
as a starting point. The <tt>AbstractAuthenticationStrategy</tt> class
automatically implements the 'bundling'/aggregation behavior of merging the
results from each Realm into a single <tt>AuthenticationInfo</tt> instance.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h3><a name="Authentication-RealmAuthenticationOrder"></a>Realm Authentication
Order</h3>
@@ -351,11 +494,31 @@ securityManager.realms = $fooRealm, $bar
</pre>
</div></div>
-<div class="panelMacro"><table class="noteMacro"><colgroup span="1"><col
span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1"
valign="top"><img align="middle"
src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif";
width="16" height="16" alt="" border="0"></td><td colspan="1"
rowspan="1"><b>Explicit Realm Inclusion</b><br clear="none">When you explicitly
configure the <tt>securityManager.realms</tt> property, <em>only</em> the
referenced realms will be configured on the <tt>SecurityManager</tt>. This
means you could define 5 realms in INI, but only actually use 3 if 3 are
referenced for the <tt>realms</tt> property. This is different than implicit
realm ordering where all available realms will be used.</td></tr></table></div>
+<div class="panelMacro">
+ <table class="noteMacro">
+ <colgroup span="1">
+ <col span="1" width="24">
+ <col span="1">
+ </colgroup>
+ <tbody>
+ <tr>
+ <td colspan="1" rowspan="1" valign="top">
+ <i class="fa fa-warning"></i>
+ </td>
+
+ <td colspan="1" rowspan="1">
+ <b>Explicit Realm Inclusion</b>
+ <br clear="none">
+ When you explicitly configure the
<tt>securityManager.realms</tt> property, <em>only</em> the referenced realms
will be configured on the <tt>SecurityManager</tt>. This means you could
define 5 realms in INI, but only actually use 3 if 3 are referenced for the
<tt>realms</tt> property. This is different than implicit realm ordering where
all available realms will be used.
+ </td>
+ </tr>
+ </tbody>
+ </table>
+</div>
<h2><a name="Authentication-RealmAuthentication"></a>Realm Authentication</h2>
-<p>This chapter covers Shiro's master workflow explaining how an
authentication attempt occurs. The internal workflow of what happens in a
single realm as it is consulted during authentication (i.e. 'Step 5' above) is
covered in the <a href="realm.html" title="Realm">Realm</a> chapter's <a
href="realm.html#Realm-authentication">Realm Authentication</a> section.</p>
+<p>This chapter covers Shiro's master workflow explaining how an
authentication attempt occurs. The internal workflow of what happens in a
single realm as it is consulted during authentication (i.e. 'Step 5' above) is
covered in the <a href="realm.html" title="Realm">Realm</a> chapter's <a
href="realm.html\#Realm-authentication">Realm Authentication</a> section.</p>
<h2><a name="Authentication-Lendahandwithdocumentation"></a>Lend a hand with
documentation </h2>
Modified: shiro/site/publish/authenticator.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/authenticator.html?rev=1765607&r1=1765606&r2=1765607&view=diff
==============================================================================
--- shiro/site/publish/authenticator.html (original)
+++ shiro/site/publish/authenticator.html Wed Oct 19 14:24:58 2016
@@ -15,6 +15,7 @@
limitations under the License.
-->
<html>
+
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Apache Shiro is a powerful and
easy-to-use Java security framework that performs authentication,
authorization, cryptography, and session management.">
@@ -29,6 +30,7 @@
<link rel="icon" type="image/vnd.microsoft.icon"
href="./assets/images/favicon.ico">
+ <link rel="stylesheet" type="text/css"
href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css";>
<link rel="stylesheet" type="text/css" href="./assets/css/normalize.css">
<link rel="stylesheet" type="text/css" href="./assets/css/confluence.css"
media="screen">
@@ -73,12 +75,13 @@
<p>TODO</p>
-<h2><a name="Authenticator-Lendahandwithdocumentation"></a>Lend a hand with
documentation </h2>
+<h2><a name="Lendahandwithdocumentation"></a>Lend a hand with documentation
</h2>
<p>While we hope this documentation helps you with the work you're doing with
Apache Shiro, the community is improving and expanding the documentation all
the time. If you'd like to help the Shiro project, please consider corrected,
expanding, or adding documentation where you see a need. Every little bit of
help you provide expands the community and in turn improves Shiro. </p>
<p>The easiest way to contribute your documentation is to send it to the <a
class="external-link" href="http://shiro-user.582556.n2.nabble.com/";
rel="nofollow">User Forum</a> or the <a href="mailing-lists.html"
title="Mailing Lists">User Mailing List</a>.</p>
+
</div>
</div><!--END WRAPPER-->
![https://cwiki.apache.org/confluence/images/icons/emoticons/information.png"](https://cwiki.apache.org/confluence/images/icons/emoticons/information.png"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/emoticons/check.png"](https://cwiki.apache.org/confluence/images/icons/emoticons/check.png"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"](https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif"](https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/emoticons/information.gif"](https://cwiki.apache.org/confluence/images/icons/emoticons/information.gif"){kind=link}
![https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif"](https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif"){kind=link}