This is an automated email from the ASF dual-hosted git repository.
lprimak pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/shiro-site.git
The following commit(s) were added to refs/heads/main by this push:
new 616e0b4ee [LINKS] Update some links to https
new bf837df4f Merge pull request #176 from raboof/https-links
616e0b4ee is described below
commit 616e0b4eea418fbe3900c755a45536cf6349ec95
Author: Arnout Engelen <[email protected]>
AuthorDate: Fri Dec 23 10:58:07 2022 +0100
[LINKS] Update some links to https
---
README.adoc | 2 +-
src/site/content/articles.adoc | 12 ++++-----
...sdforum-java-sig-apache-shiro-presentation.adoc | 2 +-
...eveloperworks-introduction-to-apache-shiro.adoc | 2 +-
.../2010/09/20/san-francisco-jug-presentation.adoc | 2 +-
...o-video-and-slide-from-sf-jug-presentation.adoc | 2 +-
.../2011/01/13/apache-shiro-support-for-mule.adoc | 2 +-
.../blog/2011/06/30/apache-shiro-login-demo.adoc | 4 +--
.../blog/2015/08/03/apache-shiro-124-released.adoc | 2 +-
.../blog/2016/05/26/apache-shiro-125-released.adoc | 2 +-
.../blog/2016/07/05/apache-shiro-126-released.adoc | 2 +-
.../blog/2016/09/09/apache-shiro-132-released.adoc | 2 +-
.../2016/11/14/apache-shiro-140rc2-released.adoc | 2 +-
src/site/content/community.adoc | 2 +-
src/site/content/configuration.adoc | 10 ++++----
src/site/content/developer-resources.adoc | 4 +--
src/site/content/events.adoc | 2 +-
src/site/content/how-to-contribute.adoc | 6 ++---
src/site/content/integration.adoc | 24 ++++++++---------
src/site/content/jaxrs.adoc | 2 +-
src/site/content/powered-by-shiro.adoc | 10 ++++----
src/site/content/realm.adoc | 2 +-
src/site/content/security-reports.adoc | 2 +-
src/site/content/session-management.adoc | 12 ++++-----
src/site/content/spring-framework.adoc | 4 +--
src/site/content/spring-xml.adoc | 6 ++---
src/site/content/testing.adoc | 4 +--
src/site/content/tutorial.adoc | 6 ++---
src/site/content/web.adoc | 4 +--
src/site/content/webapp-tutorial.adoc | 30 +++++++++++-----------
src/site/templates/menu.ftl | 10 ++++----
31 files changed, 89 insertions(+), 89 deletions(-)
diff --git a/README.adoc b/README.adoc
index 63227a986..fa2dfaf3d 100644
--- a/README.adoc
+++ b/README.adoc
@@ -1,6 +1,6 @@
= Apache Shiro Website Overview
-The Apache Shiro website is a static content website accessible at
http://shiro.apache.org/.
+The Apache Shiro website is a static content website accessible at
https://shiro.apache.org/.
Site content is authored as Markdown, Asciidoc and HTML files.
These files are parsed by the tool `jbake` and renders the content files using
freemarker templates to static `.html` files.
diff --git a/src/site/content/articles.adoc b/src/site/content/articles.adoc
index 4db006f93..88ebd93ce 100644
--- a/src/site/content/articles.adoc
+++ b/src/site/content/articles.adoc
@@ -47,17 +47,17 @@ Once you've gotten your feet wet, you might find these
useful too:
**
https://mrdwnotes.wordpress.com/2011/11/28/using-apache-shiro-security-to-allow-login-via-facebook-part-2/[Part
2]
* *Apache Shiro - a blog series by Meri*
-** http://meri-stuff.blogspot.com/2011/03/apache-shiro-part-1-basics.html[Part
1 - Basics] on 27 March 2011
-**
http://meri-stuff.blogspot.com/2011/04/apache-shiro-part-2-realms-database-and.html[Part
2 - Realms, Database and PGP Certificates] on 18 April 2011
-**
http://meri-stuff.blogspot.com/2011/12/apache-shiro-part-3-cryptography.html[Part
3 - Cryptography] on 4 December 2011
+**
https://meri-stuff.blogspot.com/2011/03/apache-shiro-part-1-basics.html[Part 1
- Basics] on 27 March 2011
+**
https://meri-stuff.blogspot.com/2011/04/apache-shiro-part-2-realms-database-and.html[Part
2 - Realms, Database and PGP Certificates] on 18 April 2011
+**
https://meri-stuff.blogspot.com/2011/12/apache-shiro-part-3-cryptography.html[Part
3 - Cryptography] on 4 December 2011
* *https://stormpath.com/blog/new-rbac-resource-based-access-control[The New
RBAC: Resource-Based Access Control]* by Les Hazlewood on 9 May 2011
-* *http://blog.xebia.com/author/yamsellem/[HTTP Authentication and Security
with Apache Shiro]* blog article by yamsellem on 18 April 2011.
+* *https://blog.xebia.com/author/yamsellem/[HTTP Authentication and Security
with Apache Shiro]* blog article by yamsellem on 18 April 2011.
-*
*http://spring-java-ee.blogspot.com/2011/04/using-shiro-for-authorization-via-cdi.html[Using
Shiro for Authorization via CDI Interceptors then Easily Test with
Arquillian]* blog article by Hendy Irawan on 16 April 2011.
+*
*https://spring-java-ee.blogspot.com/2011/04/using-shiro-for-authorization-via-cdi.html[Using
Shiro for Authorization via CDI Interceptors then Easily Test with
Arquillian]* blog article by Hendy Irawan on 16 April 2011.
* *https://github.com/mulesoft-labs/mule-module-shiro/[Apache Shiro Support
for Mule]* by Dan Diephouse on 10 January 2011.
-* *http://techbeats.deluan.com/apache-shiro-tags-for-jsffacelets[Apache Shiro
tags for JSF - Securing Your JSF Pages]* by Deluan Quintão on 1 November 2010.
+* *https://techbeats.deluan.com/apache-shiro-tags-for-jsffacelets[Apache Shiro
tags for JSF - Securing Your JSF Pages]* by Deluan Quintão on 1 November 2010.
* *Shiro DevNexus 2009 Presentation* by Jeremy Haile:
(link:files/articles/Ki-DevNexus-2009.pdf?version=1&modificationDate=1246602947000[PDF])
(link:files/articles/Ki-DevNexus-2009.key.zip?version=1&modificationDate=1246602947000[Keynote])
(link:files/articles/Ki-DevNexus-2009.ppt.zip?version=1&modificationDate=1246602947000[Powerpoint])
diff --git
a/src/site/content/blog/2010/06/01/sdforum-java-sig-apache-shiro-presentation.adoc
b/src/site/content/blog/2010/06/01/sdforum-java-sig-apache-shiro-presentation.adoc
index 203edae94..e61983a92 100644
---
a/src/site/content/blog/2010/06/01/sdforum-java-sig-apache-shiro-presentation.adoc
+++
b/src/site/content/blog/2010/06/01/sdforum-java-sig-apache-shiro-presentation.adoc
@@ -6,5 +6,5 @@ Les Hazlewood
:jbake-tags: blog, release
:idprefix:
-Tonight, 1 June 2010, Les Hazlewood
link:http://www.sdforum.org/index.cfm?fuseaction=Calendar.eventDetail&eventID=13671&pageId=471[will
present] Apache Shiro to the SDForum Java SIG in Palo Alto, California.
+Tonight, 1 June 2010, Les Hazlewood
link:https://www.sdforum.org/index.cfm?fuseaction=Calendar.eventDetail&eventID=13671&pageId=471[will
present] Apache Shiro to the SDForum Java SIG in Palo Alto, California.
Please come if you can!
diff --git
a/src/site/content/blog/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.adoc
b/src/site/content/blog/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.adoc
index 7f6c2f8b4..70d1b67e8 100644
---
a/src/site/content/blog/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.adoc
+++
b/src/site/content/blog/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.adoc
@@ -6,5 +6,5 @@ Les Hazlewood
:jbake-tags: blog
:idprefix:
-Nathan Good wrote
link:http://www.ibm.com/developerworks/web/library/wa-apacheshiro/[an article]
introducing some of Apache Shiro's capabilities.
+Nathan Good wrote
link:https://www.ibm.com/developerworks/web/library/wa-apacheshiro/[an article]
introducing some of Apache Shiro's capabilities.
Thanks Nathan!
diff --git
a/src/site/content/blog/2010/09/20/san-francisco-jug-presentation.adoc
b/src/site/content/blog/2010/09/20/san-francisco-jug-presentation.adoc
index 8d7aecf87..fc5c5cd36 100644
--- a/src/site/content/blog/2010/09/20/san-francisco-jug-presentation.adoc
+++ b/src/site/content/blog/2010/09/20/san-francisco-jug-presentation.adoc
@@ -6,5 +6,5 @@ Les Hazlewood
:jbake-tags: blog
:idprefix:
-On 12 October jbake.content.blog.2010 at 6:30 pm PDT, Les Hazlewood will
present link:http://www.sfjava.org/calendar/13539905/[Super Simple Application
Security with Apache Shiro] to the San Francisco Java User Group.
+On 12 October jbake.content.blog.2010 at 6:30 pm PDT, Les Hazlewood will
present link:https://www.sfjava.org/calendar/13539905/[Super Simple Application
Security with Apache Shiro] to the San Francisco Java User Group.
Please RSVP if you wish to attend - seats are limited!
diff --git
a/src/site/content/blog/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.adoc
b/src/site/content/blog/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.adoc
index 9d4f0f39c..162376101 100644
---
a/src/site/content/blog/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.adoc
+++
b/src/site/content/blog/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.adoc
@@ -18,4 +18,4 @@ video::5ZepGFzYHpE[youtube,width=800,height=600,title="Super
Simple Application
<iframe src="//www.slideshare.net/slideshow/embed_code/key/iWMvMDFWwd2jvF"
width="595" height="485" frameborder="0" marginwidth="0" marginheight="0"
scrolling="no" style="border:1px solid #CCC; border-width:1px;
margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div
style="margin-bottom:5px"> <strong> <a
href="//www.slideshare.net/marakana/simple-application" title="Super simple
application security with Apache Shiro" target="_blank">Super simple
application security with A [...]
++++
-Courtesy of Aleksandar and Max at the link:http://www.sfjava.org/[SF JUG].
+Courtesy of Aleksandar and Max at the link:https://www.sfjava.org/[SF JUG].
diff --git
a/src/site/content/blog/2011/01/13/apache-shiro-support-for-mule.adoc
b/src/site/content/blog/2011/01/13/apache-shiro-support-for-mule.adoc
index b03375ceb..d19069d0a 100644
--- a/src/site/content/blog/2011/01/13/apache-shiro-support-for-mule.adoc
+++ b/src/site/content/blog/2011/01/13/apache-shiro-support-for-mule.adoc
@@ -9,4 +9,4 @@ Alex Salazar
Mule now has integration with Apache Shiro.
Thanks to Dan Diephouse at link:https://developer.mulesoft.com[MuleSoft] for
the great blog post.
-link:http://blogs.mulesoft.com/dev/mule-dev/apache-shiro-support-for-mule/apache-shiro-support-for-mule.adoc[http://blogs.mulesoft.com/dev/mule-dev/apache-shiro-support-for-mule/]
+link:https://blogs.mulesoft.com/dev/mule-dev/apache-shiro-support-for-mule/apache-shiro-support-for-mule.adoc[https://blogs.mulesoft.com/dev/mule-dev/apache-shiro-support-for-mule/]
diff --git a/src/site/content/blog/2011/06/30/apache-shiro-login-demo.adoc
b/src/site/content/blog/2011/06/30/apache-shiro-login-demo.adoc
index 3839acfcc..b3ee8844c 100644
--- a/src/site/content/blog/2011/06/30/apache-shiro-login-demo.adoc
+++ b/src/site/content/blog/2011/06/30/apache-shiro-login-demo.adoc
@@ -6,7 +6,7 @@ Les Hazlewood
:jbake-tags: blog, youtube, video
:idprefix:
-link:http://raibledesigns.com/[Matt Raible,role="external
external-link",rel=external] has posted a really nice blog article and video
demonstrating a login use case with Apache Shiro.
-Check out the
link:http://raibledesigns.com/rd/entry/java_web_application_security_part2["Java
Web Application Security - Part III: Apache Shiro Login Demo",role="external"]
blog post and the video:
+link:https://raibledesigns.com/[Matt Raible,role="external
external-link",rel=external] has posted a really nice blog article and video
demonstrating a login use case with Apache Shiro.
+Check out the
link:https://raibledesigns.com/rd/entry/java_web_application_security_part2["Java
Web Application Security - Part III: Apache Shiro Login Demo",role="external"]
blog post and the video:
video::4LD4mF5ex2U[youtube,title="Java EE Security
Demo",width=800,height=600,lang=en]
diff --git a/src/site/content/blog/2015/08/03/apache-shiro-124-released.adoc
b/src/site/content/blog/2015/08/03/apache-shiro-124-released.adoc
index 9777e34b1..0a48bd1a0 100644
--- a/src/site/content/blog/2015/08/03/apache-shiro-124-released.adoc
+++ b/src/site/content/blog/2015/08/03/apache-shiro-124-released.adoc
@@ -14,7 +14,7 @@ This release includes
https://issues.apache.org/jira/secure/ReleaseNote.jspa?pro
Release binaries (.jars) are also available through Maven Central and source
bundles through Apache distribution mirrors.
-For more information on http://shiro.apache.org/documentation.html[Shiro,
please read the
+For more information on https://shiro.apache.org/documentation.html[Shiro,
please read the
documentation.]
Enjoy!
diff --git a/src/site/content/blog/2016/05/26/apache-shiro-125-released.adoc
b/src/site/content/blog/2016/05/26/apache-shiro-125-released.adoc
index 2319cb54b..0422b202c 100644
--- a/src/site/content/blog/2016/05/26/apache-shiro-125-released.adoc
+++ b/src/site/content/blog/2016/05/26/apache-shiro-125-released.adoc
@@ -14,7 +14,7 @@ This release includes
https://issues.apache.org/jira/secure/ReleaseNote.jspa?pro
Release binaries (.jars) are also available through Maven Central and source
bundles through Apache distribution mirrors.
-For more information on http://shiro.apache.org/documentation.html[Shiro,
please read the
+For more information on https://shiro.apache.org/documentation.html[Shiro,
please read the
documentation.]
Enjoy!
diff --git a/src/site/content/blog/2016/07/05/apache-shiro-126-released.adoc
b/src/site/content/blog/2016/07/05/apache-shiro-126-released.adoc
index eb8d600a2..6b0cf4b50 100644
--- a/src/site/content/blog/2016/07/05/apache-shiro-126-released.adoc
+++ b/src/site/content/blog/2016/07/05/apache-shiro-126-released.adoc
@@ -14,7 +14,7 @@ This release includes
https://issues.apache.org/jira/secure/ReleaseNote.jspa?ver
Release binaries (.jars) are also available through Maven Central and source
bundles through Apache distribution mirrors.
-For more information on http://shiro.apache.org/documentation.html[Shiro,
please read the
+For more information on https://shiro.apache.org/documentation.html[Shiro,
please read the
documentation.]
Enjoy!
diff --git a/src/site/content/blog/2016/09/09/apache-shiro-132-released.adoc
b/src/site/content/blog/2016/09/09/apache-shiro-132-released.adoc
index 5a912d9b2..b2ae4970e 100644
--- a/src/site/content/blog/2016/09/09/apache-shiro-132-released.adoc
+++ b/src/site/content/blog/2016/09/09/apache-shiro-132-released.adoc
@@ -11,7 +11,7 @@ The Shiro team is pleased to announce the release of Apache
Shiro version 1.3.2.
This security release contains 1 fix since the 1.3.1 release.
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6802[CVE-2016-6802]:
+https://www.cve.org/CVERecord?id=CVE-2016-6802[CVE-2016-6802]:
Apache Shiro before 1.3.2, when using a non-root servlet context path,
specifically crafted requests can be used to by pass some security servlet
filters, resulting in unauthorized access.
diff --git a/src/site/content/blog/2016/11/14/apache-shiro-140rc2-released.adoc
b/src/site/content/blog/2016/11/14/apache-shiro-140rc2-released.adoc
index 8356a95ad..213480ea8 100644
--- a/src/site/content/blog/2016/11/14/apache-shiro-140rc2-released.adoc
+++ b/src/site/content/blog/2016/11/14/apache-shiro-140rc2-released.adoc
@@ -16,7 +16,7 @@ Of Note:
* The core has been broken up into a fewer smaller modules (lang, crypto,
config), but package names remain the same.
Maven, Gradle, and Ivy users will NOT be affected.
* New
https://github.com/apache/shiro/tree/shiro-root-1.4.0-RC2/support/spring-boot[modules]
for Spring Boot
-* New
http://search.maven.org/#artifactdetails%7Corg.apache.shiro%7Cshiro-servlet-plugin%7C1.4.0-RC2%7Cjar[servlet
fragment module]
+* New
https://search.maven.org/#artifactdetails%7Corg.apache.shiro%7Cshiro-servlet-plugin%7C1.4.0-RC2%7Cjar[servlet
fragment module]
* New module for JAX-RS (based off https://github.com/silb/shiro-jersey)
* Guice 4 support
* Shiro.ini string interpolation
diff --git a/src/site/content/community.adoc b/src/site/content/community.adoc
index c52928e61..11edd2b3c 100644
--- a/src/site/content/community.adoc
+++ b/src/site/content/community.adoc
@@ -31,4 +31,4 @@ At the Shiro project we make it easy for anyone to join our
great community and
*
*https://issues.apache.org/jira/issues/?jql=project%20%3D%20SHIRO%20AND%20status%20%3D%20Open%20ORDER%20BY%20priority%20DESC[Issue
Tracker]* - Once you're ready to contribute, this is a good place to see what
needs to get done
-* *http://www.apache.org/foundation/sponsorship.html[Donate to ASF]* - Shiro
is a project under the Apache Software Foundation, a non-profit that relies on
donations and community support
+* *https://www.apache.org/foundation/sponsorship.html[Donate to ASF]* - Shiro
is a project under the Apache Software Foundation, a non-profit that relies on
donations and community support
diff --git a/src/site/content/configuration.adoc
b/src/site/content/configuration.adoc
index 6643c3e1a..cf0289f2d 100644
--- a/src/site/content/configuration.adoc
+++ b/src/site/content/configuration.adoc
@@ -14,7 +14,7 @@ Shiro is designed to work in any environment, from simple
command-line applicati
[NOTE]
====
.Many Configuration Options
-Shiro's `SecurityManager` implementations and all supporting components are
all JavaBeans compatible. This allows Shiro to be configured with practically
any configuration format such as regular Java, XML (Spring, JBoss, Guice, etc),
link:http://www.yaml.org[YAML], JSON, Groovy Builder markup, and more.
+Shiro's `SecurityManager` implementations and all supporting components are
all JavaBeans compatible. This allows Shiro to be configured with practically
any configuration format such as regular Java, XML (Spring, JBoss, Guice, etc),
link:https://yaml.org[YAML], JSON, Groovy Builder markup, and more.
====
[#Configuration-ProgrammaticConfiguration]
@@ -101,7 +101,7 @@ SecurityUtils.setSecurityManager(securityManager);
[#Configuration-INIConfiguration-CreatingSecurityManagerFromINI-Instance]
==== SecurityManager from an INI instance
-The INI configuration can be constructed programmatically as well if desired
via the
link:static/current/apidocs/org/apache/shiro/config/Ini.html[`org.apache.shiro.config.Ini`]
class. The Ini class functions similarly to the JDK
http://download.oracle.com/javase/6/docs/api/java/util/Properties.html[`java.util.Properties`]
class, but additionally supports segmentation by section name.
+The INI configuration can be constructed programmatically as well if desired
via the
link:static/current/apidocs/org/apache/shiro/config/Ini.html[`org.apache.shiro.config.Ini`]
class. The Ini class functions similarly to the JDK
https://download.oracle.com/javase/6/docs/api/java/util/Properties.html[`java.util.Properties`]
class, but additionally supports segmentation by section name.
For example:
@@ -128,7 +128,7 @@ Now that we know how to construct a `SecurityManager` from
INI configuration, le
[#Configuration-INIConfiguration-Sections]
=== INI Sections
-INI is basically a text configuration consisting of key/value pairs organized
by uniquely-named sections. Keys are unique per section only, not over the
entire configuration (unlike the JDK
http://java.sun.com/javase/6/docs/api/java/util/Properties.html[Properties]).
Each section may be viewed like a single `Properties` definition however.
+INI is basically a text configuration consisting of key/value pairs organized
by uniquely-named sections. Keys are unique per section only, not over the
entire configuration (unlike the JDK
https://java.sun.com/javase/6/docs/api/java/util/Properties.html[Properties]).
Each section may be viewed like a single `Properties` definition however.
Commented lines can start with either with an Octothorpe (# - aka the 'hash',
'pound' or 'number' sign) or a Semi-colon (';')
@@ -230,7 +230,7 @@ myRealm.setUsername("jsmith");
How is this possible? It assumes that all objects are
https://en.wikipedia.org/wiki/JavaBean[Java Beans]-compatible
https://en.wikipedia.org/wiki/Plain_Old_Java_Object[POJO]s.
-Under the covers, Shiro by default uses Apache Commons
http://commons.apache.org/proper/commons-beanutils/[BeanUtils] to do all the
heavy lifting when setting these properties. So although INI values are text,
BeanUtils knows how to convert the string values to the proper primitive types
and then invoke the corresponding JavaBeans setter method.
+Under the covers, Shiro by default uses Apache Commons
https://commons.apache.org/proper/commons-beanutils/[BeanUtils] to do all the
heavy lifting when setting these properties. So although INI values are text,
BeanUtils knows how to convert the string values to the proper primitive types
and then invoke the corresponding JavaBeans setter method.
[#Configuration-INIConfiguration-Sections-Main-DefiningObject-SettingProperties-ReferenceValues]
======= Reference Values
@@ -272,7 +272,7 @@ The graph traversal can be as deep as necessary:
`object.property1.property2....
[NOTE]
====
.BeanUtils Property Support
-Any property assignment operation supported by the BeanUtils.
link:https://commons.apache.org/proper/commons-beanutils/apidocs/org/apache/commons/beanutils/BeanUtils.html#setProperty-java.lang.Object-java.lang.String-java.lang.Object-[setProperty]
method will work in Shiro's [main] section, including set/list/map element
assignments. See the
link:http://commons.apache.org/proper/commons-beanutils[Apache Commons
BeanUtils Website] and documentation for more information.
+Any property assignment operation supported by the BeanUtils.
link:https://commons.apache.org/proper/commons-beanutils/apidocs/org/apache/commons/beanutils/BeanUtils.html#setProperty-java.lang.Object-java.lang.String-java.lang.Object-[setProperty]
method will work in Shiro's [main] section, including set/list/map element
assignments. See the
link:https://commons.apache.org/proper/commons-beanutils[Apache Commons
BeanUtils Website] and documentation for more information.
====
[#Configuration-INIConfiguration-Sections-Main-DefiningObject-SettingProperties-ByteArrayValues]
diff --git a/src/site/content/developer-resources.adoc
b/src/site/content/developer-resources.adoc
index 1b57f2c62..9fc092919 100644
--- a/src/site/content/developer-resources.adoc
+++ b/src/site/content/developer-resources.adoc
@@ -25,7 +25,7 @@ Active development is done in the `main` branch, and
maintenance typically on th
[#DeveloperResources-BuildingfromGit]
=== Building from Git
-For Shiro cutting-edge development, you can clone the code from Git and build
it using http://maven.apache.org[Maven] 3.6+:
+For Shiro cutting-edge development, you can clone the code from Git and build
it using https://maven.apache.org[Maven] 3.6+:
1. Check out the code:
+
@@ -33,7 +33,7 @@ For Shiro cutting-edge development, you can clone the code
from Git and build it
----
git clone https://github.com/apache/shiro.git
----
-2. Build the project using http://maven.apache.org[Maven] 3.6+:
+2. Build the project using https://maven.apache.org[Maven] 3.6+:
+
[source,bash]
----
diff --git a/src/site/content/events.adoc b/src/site/content/events.adoc
index 0f7ec7621..22cc1c25d 100644
--- a/src/site/content/events.adoc
+++ b/src/site/content/events.adoc
@@ -28,7 +28,7 @@ https://www.devnexus.com/s/presentations#1138
=== San Francisco Java User Group: Super Simple Application Security with
Apache Shiro
October 12, 2010, San Francisco, CA
-http://www.meetup.com/sfjava/
+https://www.meetup.com/sfjava/
=== SDForum: Securing Applications with Apache Shiro
diff --git a/src/site/content/how-to-contribute.adoc
b/src/site/content/how-to-contribute.adoc
index 27440effc..9767b5bcf 100644
--- a/src/site/content/how-to-contribute.adoc
+++ b/src/site/content/how-to-contribute.adoc
@@ -25,7 +25,7 @@ Or you can participate with resource donations:
* conference presentations
* publicity
* software
-* general hardware/money
http://www.apache.org/foundation/thanks.html[donations] via the
http://www.apache.org[Apache Software Foundation]
+* general hardware/money
https://www.apache.org/foundation/thanks.html[donations] via the
https://www.apache.org[Apache Software Foundation]
You can get your local working copy of the link:download.html[latest and
greatest code] by following the directions in link:download.html[Download]
page. Review the To Do list in the
https://issues.apache.org/jira/browse/SHIRO[issue tracker] and then choose a
task that interests you.
@@ -157,7 +157,7 @@ After submitting pull request, you should receive a
response within a few days.
== Git Committers
-After a developer has consistently provided contributions such as code,
documentation and discussion, and demonstrated commitment, then the rest of the
dev community may vote to grant this developer commit access to the Git
repository. See the http://www.apache.org/dev/[ASF developers resources] and
especially the http://www.apache.org/dev/version-control.html[Source code
repositories].
+After a developer has consistently provided contributions such as code,
documentation and discussion, and demonstrated commitment, then the rest of the
dev community may vote to grant this developer commit access to the Git
repository. See the https://www.apache.org/dev/[ASF developers resources] and
especially the https://www.apache.org/dev/version-control.html[Source code
repositories].
== Contributing as a Non-Committer
@@ -171,7 +171,7 @@ This is a collection of tips for contributing to the
project in a manner that is
=== Links
-* http://www.apache.org/dev/contrib-email-tips.html[Tips for email
contributors].
+* https://www.apache.org/dev/contrib-email-tips.html[Tips for email
contributors].
* Old questions and answers in
https://shiro.apache.org/mailing-lists.html[archives].
There are no dumb questions. But browse, search and learn from mailing list
archives. Research your topic thoroughly before beginning to discuss a new
development issue.
diff --git a/src/site/content/integration.adoc
b/src/site/content/integration.adoc
index 836c20253..c97414f73 100644
--- a/src/site/content/integration.adoc
+++ b/src/site/content/integration.adoc
@@ -41,16 +41,16 @@ from https://nerderg.com/[nerdEng].
+
Adds easy authentication and access control to Grails applications.
-* *http://isis.apache.org[Apache Isis]*
+* *https://isis.apache.org[Apache Isis]*
+
-from http://apache.org/[Apache].
+from https://apache.org/[Apache].
+
Apache Isis is a full-stack framework for rapidly developing domain driven
apps and RESTful APIs in Java.
-http://isis.apache.org/documentation.html#security[It uses Apache Shiro] for
authentication and authorization.
+https://isis.apache.org/documentation.html#security[It uses Apache Shiro] for
authentication and authorization.
-* *http://geode.apache.org/[Apache Geode]*
+* *https://geode.apache.org/[Apache Geode]*
+
-from http://apache.org/[Apache].
+from https://apache.org/[Apache].
+
Using Apache Shiro to secure Geode endpoints like JMX operations, rest
services, web monitoring application, CLI tool, and client server
communications.
@@ -62,7 +62,7 @@ Demo of one way to integrate Shiro with App Engine and Google
Guice, plus front-
* *https://github.com/55minutes/fiftyfive-wicket[55Wicket]*
+
-from http://55minutes.com[55 Minutes]
+from https://55minutes.com[55 Minutes]
+
A nifty set of tools and libraries for enhancing productivity with the Apache
Wicket Java web framework, including Shiro Integration.
@@ -77,7 +77,7 @@ Uses Lift’s sitemap Locs instead of Shiro’s built in web.xml
resource filter
+
from https://github.com/alexxiyang[@alexxiyang].
+
-A http://redis.io/[Redis] Cache Manager implementation.
+A https://redis.io/[Redis] Cache Manager implementation.
* *https://github.com/mythfish/shiro-memcached[Memcached Cache Manager]*
+
@@ -97,13 +97,13 @@ NOTE: This module had been moved into Apache Shiro.
+
from https://github.com/silb[@silb].
+
-A bundle for securing http://www.dropwizard.io/[Dropwizard] with Apache Shiro.
+A bundle for securing https://www.dropwizard.io/[Dropwizard] with Apache Shiro.
* *https://github.com/theborakompanioni/thymeleaf-extras-shiro[Thymeleaf]*
+
from https://github.com/theborakompanioni[@theborakompanioni].
+
-A http://www.thymeleaf.org/[Thymeleaf] dialect for
https://shiro.apache.org[Apache Shiro] https://shiro.apache.org/tags[tags].
+A https://www.thymeleaf.org/[Thymeleaf] dialect for
https://shiro.apache.org[Apache Shiro] https://shiro.apache.org/tags[tags].
* *https://github.com/davidsowerby/krail[Krail]*
+
@@ -113,13 +113,13 @@ Krail provides a framework for rapid Java web development
by combining Vaadin, G
*
*https://github.com/ocpsoft/rewrite/tree/main/security-integration-shiro[Rewrite
Servlet]*
+
-from http://www.ocpsoft.org/rewrite/[ocpsoft].
+from https://www.ocpsoft.org/rewrite/[ocpsoft].
+
A highly configurable URL-rewriting tool for Java EE 6+ and Servlet 2.5+
applications
-*
*http://freedomotic-developer-manual.readthedocs.io/en/latest/plugins/security.html[Freedomotic]*
+*
*https://freedomotic-developer-manual.readthedocs.io/en/latest/plugins/security.html[Freedomotic]*
+
-from http://www.freedomotic.com[freedomotic].
+from https://www.freedomotic.com[freedomotic].
+
An open source, flexible, secure Internet of Things (IoT) development
framework in Java, useful to build and manage modern smart spaces.
diff --git a/src/site/content/jaxrs.adoc b/src/site/content/jaxrs.adoc
index fe0c4b2c1..7ad32cd4c 100644
--- a/src/site/content/jaxrs.adoc
+++ b/src/site/content/jaxrs.adoc
@@ -109,4 +109,4 @@ In the above example, requests to either `/api/shiro` or
`/api/shiro/define` wil
== Want to see more?
-You can find portable JAX-RS application that runs with
https://jersey.java.net/[Jersey], http://resteasy.jboss.org/[RestEasy] or
https://cxf.apache.org[Apache CXF] in the
https://github.com/apache/shiro/tree/main/samples[samples] directory on Github.
+You can find portable JAX-RS application that runs with
https://jersey.java.net/[Jersey], https://resteasy.dev/[RestEasy] or
https://cxf.apache.org[Apache CXF] in the
https://github.com/apache/shiro/tree/main/samples[samples] directory on Github.
diff --git a/src/site/content/powered-by-shiro.adoc
b/src/site/content/powered-by-shiro.adoc
index 2c2d62fa3..6ab1d7787 100644
--- a/src/site/content/powered-by-shiro.adoc
+++ b/src/site/content/powered-by-shiro.adoc
@@ -34,15 +34,15 @@ Stormpath builds software products that make application
security easy for devel
Using Shiro in a large scale external web application for authentication,
authorization, and custom Session clustering in an enterprise clustered cache
-=== http://mulesoft.com[MuleSoft]
+=== https://www.mulesoft.com[MuleSoft]
-The company behind http://mulesoft.org[Mule], MuleSoft is behind the leading
open source middleware, making integration and managing applications easier for
everyone.
+The company behind https://developer.mulesoft.com[Mule], MuleSoft is behind
the leading open source middleware, making integration and managing
applications easier for everyone.
Mule uses Shiro to provide authentication and authorization to hosted services
and resources. This allows users to secure HTTP/REST services, Web Services,
message queues, data and file access with the simplicity of Shiro.
[#PoweredbyShiro-Sonatype]
-=== http://www.sonatype.com[Sonatype]
+=== https://www.sonatype.com[Sonatype]
-The company behind link:http://maven.apache.org[Maven Central], Sonatype
streamlines infrastructure and development workflows for Maven-centric
development environments.
+The company behind link:https://maven.apache.org[Maven Central], Sonatype
streamlines infrastructure and development workflows for Maven-centric
development environments.
-* Sonatype uses Shiro to secure
link:http://www.sonatype.com/nexus-professional.html[Nexus], the leading
open-source and professional Maven repository manager.
+* Sonatype uses Shiro to secure
link:https://www.sonatype.com/nexus-professional.html[Nexus], the leading
open-source and professional Maven repository manager.
diff --git a/src/site/content/realm.adoc b/src/site/content/realm.adoc
index 3715a6eee..0a8d261ce 100644
--- a/src/site/content/realm.adoc
+++ b/src/site/content/realm.adoc
@@ -16,7 +16,7 @@ As such, implementations of the `Realm` interface use data
source-specific APIs
[TIP]
====
-A Realm is essentially a security-specific
link:http://en.wikipedia.org/wiki/Data_Access_Object[DAO].
+A Realm is essentially a security-specific
link:https://en.wikipedia.org/wiki/Data_Access_Object[DAO].
====
Because most of these data sources usually store both authentication data
(credentials such as passwords) as well as authorization data (such as roles or
permissions), every Shiro `Realm` can perform _both_ authentication and
authorization operations.
diff --git a/src/site/content/security-reports.adoc
b/src/site/content/security-reports.adoc
index d195bc0ff..7bcaffc9c 100644
--- a/src/site/content/security-reports.adoc
+++ b/src/site/content/security-reports.adoc
@@ -25,7 +25,7 @@ An overview of the vulnerability handling process is:
* A new release of the Apache Shiro concerned is made that includes the fix.
* The vulnerability is publicly announced.
-A http://www.apache.org/security/committers.html[more detailed description of
the process] has been written for committers. Reporters of security
vulnerabilities may also find it useful.
+A https://www.apache.org/security/committers.html[more detailed description of
the process] has been written for committers. Reporters of security
vulnerabilities may also find it useful.
== Apache Shiro Vulnerability Reports
diff --git a/src/site/content/session-management.adoc
b/src/site/content/session-management.adoc
index 4168e7dd8..155dfbea8 100644
--- a/src/site/content/session-management.adoc
+++ b/src/site/content/session-management.adoc
@@ -201,7 +201,7 @@ If you 're not writing a custom *SessionDAO*, definitely
enable EHCache in your
[NOTE]
====
.Container-Independent Session Clustering
-EHCache is also a nice choice if you quickly need container-independent
session clustering. You can transparently plug in
link:http://www.terracotta.org/[TerraCotta] behind EHCache and have a
container-independent clustered session cache. No more worrying about Tomcat,
JBoss, Jetty, WebSphere or WebLogic specific session clustering ever again!
+EHCache is also a nice choice if you quickly need container-independent
session clustering. You can transparently plug in
link:https://www.terracotta.org/[TerraCotta] behind EHCache and have a
container-independent clustered session cache. No more worrying about Tomcat,
JBoss, Jetty, WebSphere or WebLogic specific session clustering ever again!
====
Enabling EHCache for sessions is very easy. First, ensure that you have the
`shiro-ehcache-<version>.jar` file in your classpath (see the
link:download.html[Download] page or use Maven or Ant+Ivy).
@@ -282,7 +282,7 @@ Just ensure that a corresponding entry in `ehcache.xml`
matches that name and yo
Shiro's `SessionDAO` implementations use an internal
link:static/current/apidocs/org/apache/shiro/session/mgt/eis/SessionIdGenerator.html[`SessionIdGenerator`]
component to generate a new Session ID every time a new session is created.
The ID is generated, assigned to the newly created `Session` instance, and then
the `Session` is saved via the `SessionDAO`.
-The default `SessionIdGenerator` is a
link:static/current/apidocs/org/apache/shiro/session/mgt/eis/JavaUuidSessionIdGenerator.html[`JavaUuidSessionIdGenerator`],
which generates `String` IDs based on Java
http://download.oracle.com/javase/6/docs/api/java/util/UUID.html[`UUIDs`]. This
implementation is suitable for all production environments.
+The default `SessionIdGenerator` is a
link:static/current/apidocs/org/apache/shiro/session/mgt/eis/JavaUuidSessionIdGenerator.html[`JavaUuidSessionIdGenerator`],
which generates `String` IDs based on Java
https://download.oracle.com/javase/6/docs/api/java/util/UUID.html[`UUIDs`].
This implementation is suitable for all production environments.
If this does not meet your needs, you can implement the `SessionIdGenerator`
interface and configure the implementation on Shiro's `SessionDAO` instance.
For example, in `shiro.ini`:
@@ -310,7 +310,7 @@ Session orphans, if they are not regularly purged, will
fill up the session data
[#SessionManagement-SessionManager-SessionValidationScheduling-DefaultSessionValidationScheduler]
==== Default SessionValidationScheduler
-The default `SessionValidationScheduler` usable in all environments is the
link:static/current/apidocs/org/apache/shiro/session/mgt/ExecutorServiceSessionValidationScheduler.html[`ExecutorServiceSessionValidationScheduler`]
which uses a JDK
http://docs.oracle.com/javase/6/docs/api/java/util/concurrent/ScheduledExecutorService.html[`ScheduledExecutorService`]
to control how often the validation should occur.
+The default `SessionValidationScheduler` usable in all environments is the
link:static/current/apidocs/org/apache/shiro/session/mgt/ExecutorServiceSessionValidationScheduler.html[`ExecutorServiceSessionValidationScheduler`]
which uses a JDK
https://docs.oracle.com/javase/6/docs/api/java/util/concurrent/ScheduledExecutorService.html[`ScheduledExecutorService`]
to control how often the validation should occur.
By default, this implementation will perform validation once per hour. You can
change the rate at which validation occurs by specifying a *new* instance of
`ExecutorServiceSessionValidationScheduler` and specifying a different interval
(in milliseconds):
@@ -406,7 +406,7 @@ Because of Shiro's POJO-based N-tiered architecture,
enabling Session clustering
*Distributed Caches*
-Distributed Caches such as
http://www.ehcache.org/documentation/2.7/configuration/distributed-cache-configuration.html[Ehcache+TerraCotta],
http://www.gigaspaces.com/[GigaSpaces]
http://www.oracle.com/technetwork/middleware/coherence/overview/index.html[Oracle
Coherence], and http://memcached.org/[Memcached] (and many others) already
solve the distributed-data-at-the-persistence-level problem. Therefore enabling
Session clustering in Shiro is as simple as configuring Shiro to use a distr
[...]
+Distributed Caches such as
https://www.ehcache.org/documentation/2.7/configuration/distributed-cache-configuration.html[Ehcache+TerraCotta],
https://www.gigaspaces.com/[GigaSpaces]
https://www.oracle.com/technetwork/middleware/coherence/overview/index.html[Oracle
Coherence], and https://memcached.org/[Memcached] (and many others) already
solve the distributed-data-at-the-persistence-level problem. Therefore enabling
Session clustering in Shiro is as simple as configuring Shiro to use a d [...]
This gives you the flexibility of choosing the exact clustering mechanism that
is suitable for _your_ environment.
@@ -474,7 +474,7 @@ Then at runtime, when the `EnterpriseCacheSessionDAO` needs
the `activeSessionsC
[#SessionManagement-SessionClustering-EhcacheTerracotta]
=== Ehcache + Terracotta
-One such distributed caching solution that people have had success with while
using Shiro is the Ehcache + Terracotta pairing. See the Ehcache-hosted
http://www.ehcache.org/documentation/get-started/about-distributed-cache[Distributed
Caching With Terracotta] documentation for full details of how to enable
distributed caching with Ehcache.
+One such distributed caching solution that people have had success with while
using Shiro is the Ehcache + Terracotta pairing. See the Ehcache-hosted
https://www.ehcache.org/documentation/get-started/about-distributed-cache[Distributed
Caching With Terracotta] documentation for full details of how to enable
distributed caching with Ehcache.
Once you've got Terracotta clustering working with Ehcache, the Shiro-specific
parts are very simple. Read and follow the
<<SessionManagement-SessionManager-Storage-EHCacheSessionDAO,Ehcache
SessionDAO>> documentation, but we'll need to make a few changes
@@ -539,7 +539,7 @@ And remember, *ORDER MATTERS*. By configuring the
`cacheManager` on the `securit
[#SessionManagement-SessionClustering-Zookeeper]
=== Zookeeper
-Users have reported using http://zookeeper.apache.org/[Apache Zookeeper] for
managing/coordinating distributed sessions as well. If you have any
documentation/comments about how this would work, please post them to the Shiro
link:mailing-lists.html[Mailing Lists]
+Users have reported using https://zookeeper.apache.org/[Apache Zookeeper] for
managing/coordinating distributed sessions as well. If you have any
documentation/comments about how this would work, please post them to the Shiro
link:mailing-lists.html[Mailing Lists]
[#SessionManagement-SessionsSubjectState]
== Sessions and Subject State
diff --git a/src/site/content/spring-framework.adoc
b/src/site/content/spring-framework.adoc
index c1e5f595a..948e7c213 100644
--- a/src/site/content/spring-framework.adoc
+++ b/src/site/content/spring-framework.adoc
@@ -6,7 +6,7 @@
:idprefix:
:toc:
-This page covers the ways to integrate Shiro into
link:http://spring.io[Spring]-based applications.
+This page covers the ways to integrate Shiro into
link:https://spring.io[Spring]-based applications.
== Standalone Applications
@@ -206,7 +206,7 @@ public ShiroFilterChainDefinition
shiroFilterChainDefinition() {
== Caching
-Enabling caching is as simple as providing a
link:http://shiro.apache.org/caching.html[CacheManager] bean:
+Enabling caching is as simple as providing a
link:https://shiro.apache.org/caching.html[CacheManager] bean:
[source,java]
----
diff --git a/src/site/content/spring-xml.adoc b/src/site/content/spring-xml.adoc
index 980feed18..612f1f0f4 100644
--- a/src/site/content/spring-xml.adoc
+++ b/src/site/content/spring-xml.adoc
@@ -5,7 +5,7 @@
:jbake-tags: documentation, manual
:idprefix:
-This page covers the ways to integrate Shiro into
http://spring.io[Spring]-based applications.
+This page covers the ways to integrate Shiro into
https://spring.io[Spring]-based applications.
Shiro's JavaBeans compatibility makes it perfectly suited to be configured via
Spring XML or other Spring-based configuration mechanisms. Shiro applications
need an application singleton `SecurityManager` instance. Note that this does
not have to be a _static_ singleton, but there should only be a single instance
used by the application, whether its a static singleton or not.
@@ -171,7 +171,7 @@ When a remote method invocation comes in to a Shiro-enabled
server, the link:sub
</bean>
----
-Once you have defined this bean, you must plug it in to whatever remoting
`Exporter` you are using to export/expose your services. `Exporter`
implementations are defined according to the remoting mechanism/protocol in
use. See Spring's
http://docs.spring.io/spring/docs/2.5.x/reference/remoting.html[Remoting
chapter] on defining `Exporter` beans.
+Once you have defined this bean, you must plug it in to whatever remoting
`Exporter` you are using to export/expose your services. `Exporter`
implementations are defined according to the remoting mechanism/protocol in
use. See Spring's
https://docs.spring.io/spring/docs/2.5.x/reference/remoting.html[Remoting
chapter] on defining `Exporter` beans.
For example, if using HTTP-based remoting (notice the property reference to
the `secureRemoteInvocationExecutor` bean):
@@ -210,4 +210,4 @@ For example, if you were using HTTP-based remoting (notice
the property referenc
While we hope this documentation helps you with the work you're doing with
Apache Shiro, the community is improving and expanding the documentation all
the time. If you'd like to help the Shiro project, please consider correcting,
expanding, or adding documentation where you see a need. Every little bit of
help you provide expands the community and in turn improves Shiro.
-The easiest way to contribute your documentation is to send it to the
http://shiro-user.582556.n2.nabble.com/[User Forum] or the
link:mailing-lists.html[User Mailing List].
\ No newline at end of file
+The easiest way to contribute your documentation is to send it to the
http://shiro-user.582556.n2.nabble.com/[User Forum] or the
link:mailing-lists.html[User Mailing List].
diff --git a/src/site/content/testing.adoc b/src/site/content/testing.adoc
index d6d2a72fc..cd1f10ed7 100644
--- a/src/site/content/testing.adoc
+++ b/src/site/content/testing.adoc
@@ -21,7 +21,7 @@ This means three basic things must always occur in order to
support being able t
. The `Subject` instance must be _bound_ to the currently executing thread.
. After the thread is finished executing (or if the thread's execution results
in a `Throwable`), the `Subject` must be _unbound_ to ensure that the thread
remains 'clean' in any thread-pooled environment.
-Shiro has architectural components that perform this bind/unbind logic
automatically for a running application. For example, in a web application, the
root Shiro Filter performs this logic when
link:++http://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/servlet/AbstractShiroFilter.html#doFilterInternal(javax.servlet.ServletRequest,javax.servlet.ServletResponse,javax.servlet.FilterChain)++[filtering
a request]. But as test environments and frameworks differ, we need to perf
[...]
+Shiro has architectural components that perform this bind/unbind logic
automatically for a running application. For example, in a web application, the
root Shiro Filter performs this logic when
link:++https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/servlet/AbstractShiroFilter.html#doFilterInternal(javax.servlet.ServletRequest,javax.servlet.ServletResponse,javax.servlet.FilterChain)++[filtering
a request]. But as test environments and frameworks differ, we need to per
[...]
[#Testing-TestSetup]
== Test Setup
@@ -134,7 +134,7 @@ Testing to see if Shiro's implementations work in
conjunction with your implemen
[#Testing-ExampleShiroUnitTest]
=== ExampleShiroUnitTest
-Because unit tests are better suited for testing your own logic (and not any
implementations your logic might call), it is a great idea to _mock_ any APIs
that your logic depends on. This works very well with Shiro - you can mock the
`Subject` interface and have it reflect whatever conditions you want your code
under test to react to. We can leverage modern mock frameworks like
http://easymock.org/[EasyMock] and http://site.mockito.org[Mockito] to do this
for us.
+Because unit tests are better suited for testing your own logic (and not any
implementations your logic might call), it is a great idea to _mock_ any APIs
that your logic depends on. This works very well with Shiro - you can mock the
`Subject` interface and have it reflect whatever conditions you want your code
under test to react to. We can leverage modern mock frameworks like
https://easymock.org/[EasyMock] and https://site.mockito.org[Mockito] to do
this for us.
But as stated above, the key in Shiro tests is to remember that any Subject
instance (mock or real) must be bound to the thread during test execution. So
all we need to do is bind the mock Subject to ensure things work as expected.
diff --git a/src/site/content/tutorial.adoc b/src/site/content/tutorial.adoc
index 828e3c8a8..129b707cf 100644
--- a/src/site/content/tutorial.adoc
+++ b/src/site/content/tutorial.adoc
@@ -27,7 +27,7 @@ In this simple example, we'll create a very simple
command-line application that
Apache Shiro was designed from day one to support _any_ application - from the
smallest command-line applications to the largest clustered web applications.
Even though we're creating a simple app for this tutorial, know that the same
usage patterns apply no matter how your application is created or where it is
deployed
====
-This tutorial requires Java 8 or later. We'll also be using Apache
http://maven.apache.org[Maven] as our build tool, but of course this is not
required to use Apache Shiro. You may acquire Shiro's .jars and incorporate
them in any way you like into your application, for example maybe using Apache
http://ant.apache.org[Ant] and http://ant.apache.org/ivy[Ivy].
+This tutorial requires Java 8 or later. We'll also be using Apache
https://maven.apache.org[Maven] as our build tool, but of course this is not
required to use Apache Shiro. You may acquire Shiro's .jars and incorporate
them in any way you like into your application, for example maybe using Apache
https://ant.apache.org[Ant] and https://ant.apache.org/ivy[Ivy].
For this tutorial, please ensure that you are using Maven 3.6.3 or later. You
should be able to type `mvn --version` in a command prompt and see something
similar to the following:
@@ -103,7 +103,7 @@ For now, create a new directory on your filesystem, for
example, *`shiro-tutoria
<version>${versions.latestRelease}</version>
</dependency>
<!-- Shiro uses SLF4J for logging. We'll use the 'simple' binding
- in this example app. See http://www.slf4j.org for more info. -->
+ in this example app. See https://www.slf4j.org for more info. -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
@@ -182,7 +182,7 @@ To that end, Shiro provides a default ‘common denominator’
solution via text
[TIP]
.Many Configuration Options
====
-Shiro's `SecurityManager` implementations and all supporting components are
all JavaBeans compatible. This allows Shiro to be configured with practically
any configuration format such as XML (Spring, JBoss, Guice, etc),
link:http://www.yaml.org/[YAML], JSON, Groovy Builder markup, and more. INI is
just Shiro's 'common denominator' format that allows configuration in any
environment in case other options are not available.
+Shiro's `SecurityManager` implementations and all supporting components are
all JavaBeans compatible. This allows Shiro to be configured with practically
any configuration format such as XML (Spring, JBoss, Guice, etc),
link:https://yaml.org/[YAML], JSON, Groovy Builder markup, and more. INI is
just Shiro's 'common denominator' format that allows configuration in any
environment in case other options are not available.
====
=== `shiro.ini`
diff --git a/src/site/content/web.adoc b/src/site/content/web.adoc
index 7f85ed2ad..5e0ca6a63 100644
--- a/src/site/content/web.adoc
+++ b/src/site/content/web.adoc
@@ -256,7 +256,7 @@ Next we'll cover exactly what these lines mean.
===== URL Path Expressions
-The token on the left of the equals sign (=) is an
http://ant.apache.org[Ant]-style path expression relative to your web
application's context root.
+The token on the left of the equals sign (=) is an
https://ant.apache.org[Ant]-style path expression relative to your web
application's context root.
For example, let's say you had the following `[urls]` line:
@@ -701,7 +701,7 @@ The Tag Library Descriptor (TLD) file is bundled in
`shiro-web.jar` in the `META
[source,html]
----
-<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags"; %>
+<%@ taglib prefix="shiro" uri="https://shiro.apache.org/tags"; %>
----
We've used the `shiro` prefix to indicate the shiro tag library namespace, but
you can assign whatever name you like.
diff --git a/src/site/content/webapp-tutorial.adoc
b/src/site/content/webapp-tutorial.adoc
index 34d048cca..eb0382ce3 100644
--- a/src/site/content/webapp-tutorial.adoc
+++ b/src/site/content/webapp-tutorial.adoc
@@ -109,7 +109,7 @@ Here is what each means:
* `LICENSE`: the project's Apache 2.0 license
* `.travis.yml`: A https://travis-ci.org/[Travis CI] config file in case you
want to run continuous integration on your project to ensure it always builds.
* `.gitignore`: A git ignore file, containing suffixes and directories that
shouldn't be checked in to version control.
-* `src/main/resources/logback.xml`: A simple http://logback.qos.ch/[Logback]
config file. For this tutorial, we've chosen http://www.slf4j.org[SLF4J] as our
logging API and Logback as the logging implementation. This could have easily
been Log4J or JUL.
+* `src/main/resources/logback.xml`: A simple https://logback.qos.ch/[Logback]
config file. For this tutorial, we've chosen https://www.slf4j.org[SLF4J] as
our logging API and Logback as the logging implementation. This could have
easily been Log4J or JUL.
* `src/main/webapp/WEB-INF/web.xml`: Our initial `web.xml` file that we'll
configure soon to enable Shiro.
* `src/main/webapp/include.jsp`: A page that contains common imports and
declarations, included in other JSP pages. This allows us to manage imports and
declarations in one place.
* `src/main/webapp/home.jsp`: our webapp's simple default home page. Includes
`include.jsp` (as will others, as we will soon see).
@@ -148,7 +148,7 @@ Checking out this branch, you will find two changes:
Shiro can be configured in many different ways in a web application, depending
on the web and/or MVC framework you use. For example, you can configure Shiro
via Spring, Guice, Tapestry, and many many more.
-To keep things simple for now, we'll start a Shiro environment by using
Shiro's default (and very simple)
http://shiro.apache.org/configuration.html[INI-based configuration].
+To keep things simple for now, we'll start a Shiro environment by using
Shiro's default (and very simple)
https://shiro.apache.org/configuration.html[INI-based configuration].
If you checked out the `step1` branch, you'll see the contents of this new
`src/main/webapp/WEB-INF/shiro.ini` file (header comments removed for brevity):
@@ -168,7 +168,7 @@ securityManager.cacheManager = $cacheManager
This .ini contains simply a `[main]` section with some minimal configuration:
* It defines a new `cacheManager` instance. Caching is an important part of
Shiro's architecture - it reduces constant round-trip communications to various
data stores. This example uses a `MemoryConstrainedCacheManager` which is only
really good for single JVM applications. If your application is deployed across
multiple hosts (e.g. a clustered webserver farm), you will want to use a
clustered CacheManager implementation instead.
-* It configures the new `cacheManager` instance on the Shiro
`securityManager`. A Shiro
http://shiro.apache.org/architecture.html[`SecurityManager`] instance always
exists, so it did not need to be defined explicitly.
+* It configures the new `cacheManager` instance on the Shiro
`securityManager`. A Shiro
https://shiro.apache.org/architecture.html[`SecurityManager`] instance always
exists, so it did not need to be defined explicitly.
=== 1b: Enable Shiro in `web.xml`
@@ -197,7 +197,7 @@ We do all of this by adding a few things to the existing
`src/main/webapp/WEB-IN
</filter-mapping>
----
-* The `<listener>` declaration defines a
http://docs.oracle.com/javaee/6/api/javax/servlet/ServletContextListener.html[`ServletContextListener`]
that starts up the Shiro environment (including the Shiro `SecurityManager`)
upon web application startup. By default, this listener automatically knows to
look for our `WEB-INF/shiro.ini` file for Shiro configuration.
+* The `<listener>` declaration defines a
https://docs.oracle.com/javaee/6/api/javax/servlet/ServletContextListener.html[`ServletContextListener`]
that starts up the Shiro environment (including the Shiro `SecurityManager`)
upon web application startup. By default, this listener automatically knows to
look for our `WEB-INF/shiro.ini` file for Shiro configuration.
* The `<filter>` declaration defines the main `ShiroFilter`. This filter
is expected to filter _all_ requests into the web application so Shiro can
peform necessary identity and access control operations before allowing a
request to reach the application.
@@ -237,7 +237,7 @@ Before we can login, or logout, or perform role-based or
permission-based access
We will need to configure Shiro to access a _User Store_ of some type, so it
can look up users to perform login attempts, or check roles for security
decisions, etc. There are many types of user stores that any application might
need to access: maybe you store users in a MySQL database, maybe in MongoDB,
maybe your company stores user accounts in LDAP or Active Directory, maybe you
store them in a simple file, or some other proprietary data store.
-Shiro does this via what it calls a
http://shiro.apache.org/architecture.html[`Realm`]. From Shiro's documentation:
+Shiro does this via what it calls a
https://shiro.apache.org/architecture.html[`Realm`]. From Shiro's
documentation:
____
@@ -466,17 +466,17 @@ At the top of the `[main]` section, there is a new line:
shiro.loginUrl = /login.jsp
----
-This is a special configuration directive that tells Shiro "For any of Shiro's
http://shiro.apache.org/web.html#Web-DefaultFilters[default filters] that have
a `loginUrl` property, I want that property value to be set to `/login.jsp`."
+This is a special configuration directive that tells Shiro "For any of Shiro's
https://shiro.apache.org/web.html#Web-DefaultFilters[default filters] that have
a `loginUrl` property, I want that property value to be set to `/login.jsp`."
-This allows Shiro's default `authc` filter (by default, a
http://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`])
to know about the login page. This is necessary for the
`FormAuthenticationFilter` to work correctly.
+This allows Shiro's default `authc` filter (by default, a
https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`])
to know about the login page. This is necessary for the
`FormAuthenticationFilter` to work correctly.
==== The `[urls]` section
-The `[urls]` section is a new
http://shiro.apache.org/web.html#Web-%7B%7B%5Curls%5C%7D%7D[web-specific INI
section].
+The `[urls]` section is a new
https://shiro.apache.org/web.html#Web-%7B%7B%5Curls%5C%7D%7D[web-specific INI
section].
-This section allows you to use a very succinct name/value pair syntax to tell
shiro how to filter request for any given URL path. All paths in `[urls]` are
relative to the web application's
[`HttpServletRequest.getContextPath()`](http://docs.oracle.com/javaee/1.3/api/javax/servlet/http/HttpServletRequest.html#getContextPath())
value.
+This section allows you to use a very succinct name/value pair syntax to tell
shiro how to filter request for any given URL path. All paths in `[urls]` are
relative to the web application's
[`HttpServletRequest.getContextPath()`](https://docs.oracle.com/javaee/1.3/api/javax/servlet/http/HttpServletRequest.html#getContextPath())
value.
-These name/value pairs offer an extremely powerful way to filter requests,
allowing for all sorts of security rules. A deeper coverage of urls and filter
chains is outside the scope of this document, but please do
http://shiro.apache.org/web.html#Web-%7B%7B%5Curls%5C%7D%7D[read more about it]
if you're interested.
+These name/value pairs offer an extremely powerful way to filter requests,
allowing for all sorts of security rules. A deeper coverage of urls and filter
chains is outside the scope of this document, but please do
https://shiro.apache.org/web.html#Web-%7B%7B%5Curls%5C%7D%7D[read more about
it] if you're interested.
For now, we'll cover the two lines that were added:
@@ -502,7 +502,7 @@ The `step3` branch contains a new
`src/main/webapp/login.jsp` page. This is a si
. There is a `password` form field. The Shiro `authc` filter will
automatically look for a `password` request parameter during login submission.
. There is a `rememberMe` checkbox whose 'checked' state can be a 'truthy'
value (`true`, `t`, `1`, `enabled`, `y`, `yes`, or `on`).
-Our login.jsp form just uses the default `username`, `password`, and
`rememberMe` form field names. These names are configurable if you wish to
change them - see the
http://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`
JavaDoc] for information.
+Our login.jsp form just uses the default `username`, `password`, and
`rememberMe` form field names. These names are configurable if you wish to
change them - see the
https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`
JavaDoc] for information.
=== Step 3c: Run the webapp
@@ -597,7 +597,7 @@ Hi jsmith! (Log out)
Assuming 'jsmith' is the username of the account logged in. 'Log out' is a
hyperlink to the '/logout' url handled by the Shiro `logout` filter.
-As you can see, you can turn off or on entire page sections, features and UI
components. In addition to `<shiro:guest>` and `<shiro:user>`,
Shiro supports http://shiro.apache.org/web.html#Web-taglibrary[many other
useful JSP tags] that you can use to customize the UI based on various things
known about the current `Subject`.
+As you can see, you can turn off or on entire page sections, features and UI
components. In addition to `<shiro:guest>` and `<shiro:user>`,
Shiro supports https://shiro.apache.org/web.html#Web-taglibrary[many other
useful JSP tags] that you can use to customize the UI based on various things
known about the current `Subject`.
=== Step 4c: Run the webapp
@@ -644,7 +644,7 @@ A new `src/main/webapp/account` directory was added. This
directory (and all pat
/account/** = authc
----
-This http://shiro.apache.org/web.html#Web-FilterChainDefinitions[Shiro filter
chain definition] means "Any requests to `/account` (or any of its sub-paths)
must be authenticated".
+This https://shiro.apache.org/web.html#Web-FilterChainDefinitions[Shiro filter
chain definition] means "Any requests to `/account` (or any of its sub-paths)
must be authenticated".
But what happens if someone tries to access that path or any of its children
paths?
@@ -761,7 +761,7 @@ The `<shiro:lacksRole>` tag will only display the
contents if the current
An exercise left to the reader (not a defined step) is to create a new section
of the website and restrict URL access to that section of the website based on
what role is assigned to the current user.
-Hint: Create a
http://shiro.apache.org/web.html#Web-FilterChainDefinitions[filter chain
definition] for that new part of the webapp using the
http://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html[`roles`
filter]
+Hint: Create a
https://shiro.apache.org/web.html#Web-FilterChainDefinitions[filter chain
definition] for that new part of the webapp using the
https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html[`roles`
filter]
=== Step 6d: Run the webapp
@@ -813,7 +813,7 @@ This adds two permissions directly to the Stormpath Account:
* `ship:NCC-1701-D:command`
* `user:jlpicard:edit`
-These use Shiro's http://shiro.apache.org/permissions.html[WildcardPermission]
syntax.
+These use Shiro's
https://shiro.apache.org/permissions.html[WildcardPermission] syntax.
The first basically means _the ability to 'command' the 'ship' with identifier
'NCC-1701-D'_. This is an example of an _instance-level_ permission:
controlling access to a specific _instance_ `NCC-1701-D` of a resource `ship`.
The second is also an instance-level permission that states _the ability to
`edit` the `user` with identifier `jlpicard`_.
diff --git a/src/site/templates/menu.ftl b/src/site/templates/menu.ftl
index 7a948bcdc..15321144e 100644
--- a/src/site/templates/menu.ftl
+++ b/src/site/templates/menu.ftl
@@ -77,11 +77,11 @@
Apache Software Foundation
</a>
<ul class="dropdown-menu" aria-labelledby="navbarDropdown-asf">
- <li><a class="dropdown-item"
href="http://www.apache.org/";>Apache Homepage</a></li>
- <li><a class="dropdown-item"
href="http://www.apache.org/licenses/";>License</a></li>
- <li><a class="dropdown-item"
href="http://www.apache.org/foundation/sponsorship.html";>Sponsorship</a></li>
- <li><a class="dropdown-item"
href="http://www.apache.org/foundation/thanks.html";>Thanks</a></li>
- <li><a class="dropdown-item"
href="http://www.apache.org/security/";>Security</a></li>
+ <li><a class="dropdown-item"
href="https://www.apache.org/";>Apache Homepage</a></li>
+ <li><a class="dropdown-item"
href="https://www.apache.org/licenses/";>License</a></li>
+ <li><a class="dropdown-item"
href="https://www.apache.org/foundation/sponsorship.html";>Sponsorship</a></li>
+ <li><a class="dropdown-item"
href="https://www.apache.org/foundation/thanks.html";>Thanks</a></li>
+ <li><a class="dropdown-item"
href="https://www.apache.org/security/";>Security</a></li>
</ul>
</li>
</ul>
