This is an automated email from the ASF dual-hosted git repository.
lprimak pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/shiro-site.git
The following commit(s) were added to refs/heads/main by this push:
new 2bd136125 bugfix: fixed javadoc links
2bd136125 is described below
commit 2bd13612594d318b0ba9d356d84598e10badfcd9
Author: lprimak <[email protected]>
AuthorDate: Sun Aug 25 15:40:28 2024 -0500
bugfix: fixed javadoc links
---
src/site/assets/.htaccess | 4 +++
src/site/content/architecture.adoc | 4 +--
src/site/content/cachemanager.adoc | 8 +++---
src/site/content/caching.adoc | 10 +++----
src/site/content/testing.adoc | 2 +-
src/site/content/web.adoc | 50 +++++++++++++++++------------------
src/site/content/webapp-tutorial.adoc | 6 ++---
7 files changed, 44 insertions(+), 40 deletions(-)
diff --git a/src/site/assets/.htaccess b/src/site/assets/.htaccess
index 9fb5c740e..3ecc52d2c 100644
--- a/src/site/assets/.htaccess
+++ b/src/site/assets/.htaccess
@@ -51,6 +51,10 @@ RedirectMatch /static/(.*)/tools/apidocs/(.*)
/static/$1/shiro-tools/$2
RedirectMatch /static/1.1.0(.*) /static/current$1
RedirectMatch /static/1.0.0-incubating(.*) /static/current$1
+# Rediect Javadoc
+RedirectMatch /static/current/apidocs/shiro-(.*)/(.*)
https://javadoc.io/doc/org.apache.shiro/shiro-$1/latest/$2
+RedirectMatch /static/current/apidocs/(.*)
https://javadoc.io/doc/org.apache.shiro/shiro-core/latest/$1
+
# latest
RedirectMatch /static/current(.*) /static/2.0.0$1
RedirectMatch /static/latest(.*) /static/2.0.0$1
diff --git a/src/site/content/architecture.adoc
b/src/site/content/architecture.adoc
index 964217799..f20d37f0f 100644
--- a/src/site/content/architecture.adoc
+++ b/src/site/content/architecture.adoc
@@ -58,10 +58,10 @@ The `SessionManager` knows how to create and manage user
`Session` lifecycles to
** *SessionDAO*
(link:static/current/apidocs/org/apache/shiro/session/mgt/eis/SessionDAO.html[org.apache.shiro.session.mgt.eis.SessionDAO])
The `SessionDAO` performs `Session` persistence (CRUD) operations on behalf of
the `SessionManager`. This allows any data store to be plugged in to the
Session Management infrastructure.
-* *CacheManager*
(link:static/current/apidocs/org/apache/shiro/cache/CacheManager.html[org.apache.shiro.cache.CacheManager])
+* *CacheManager*
(link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/CacheManager.html[org.apache.shiro.cache.CacheManager])
The `CacheManager` creates and manages `Cache` instance lifecycles used by
other Shiro components. Because Shiro can access many back-end data sources for
authentication, authorization and session management, caching has always been a
first-class architectural feature in the framework to improve performance while
using these data sources. Any of the modern open-source and/or enterprise
caching products can be plugged in to Shiro to provide a fast and efficient
user-experience.
-* *Cryptography*
(link:static/current/apidocs/org/apache/shiro/crypto/package-summary.html[org.apache.shiro.crypto.*])
+* *Cryptography*
(link:static/current/apidocs/shiro-crypto-cipher/org/apache/shiro/crypto/cipher/package-summary.html[org.apache.shiro.crypto.cipher.*])
Cryptography is a natural addition to an enterprise security framework.
Shiro's `crypto` package contains easy-to-use and understand representations of
crytographic Ciphers, Hashes (aka digests) and different codec implementations.
All the classes in this package are carefully designed to be very easy to use
and easy to understand. Anyone who has used Java's native cryptography support
knows it can be a challenging animal to tame. Shiro's crypto APIs simplify the
complicated Java mechani [...]
* *Realms*
(link:static/current/apidocs/org/apache/shiro/realm/Realm.html[org.apache.shiro.realm.Realm])
diff --git a/src/site/content/cachemanager.adoc
b/src/site/content/cachemanager.adoc
index 0aac1efc8..7dba1e2e6 100644
--- a/src/site/content/cachemanager.adoc
+++ b/src/site/content/cachemanager.adoc
@@ -9,9 +9,9 @@
Shiro has three important cache interfaces:
-*
link:static/current/apidocs/org/apache/shiro/cache/CacheManager.html[`+CacheManager+`]
-* link:static/current/apidocs/org/apache/shiro/cache/Cache.html[`+Cache+`]
-*
link:static/current/apidocs/org/apache/shiro/cache/CacheManagerAware.html[`+CacheManagerAware+`]
+*
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/CacheManager.html[`+CacheManager+`]
+*
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/Cache.html[`+Cache+`]
+*
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/CacheManagerAware.html[`+CacheManagerAware+`]
A `+CacheManager+` returns `+Cache+` instances and various Shiro components
use those `+Cache<+` instances to cache data as necessary.
Any Shiro component that implements `+CacheManager+` will automatically
receive a configured `+CacheManager+`, where it can be used to acquire
`+Cache+` instances.
@@ -33,7 +33,7 @@ securityManager.cacheManager = $cacheManager
# realms have been set with the cacheManager instance
----
-We have an out-of-the-box
link:static/current/apidocs/org/apache/shiro/cache/ehcache/EhCacheManager.html[`+EhCacheManager+`]
implementation, so you can use that today if you wanted.
+We have an out-of-the-box
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/ehcache/EhCacheManager.html[`+EhCacheManager+`]
implementation, so you can use that today if you wanted.
Otherwise, you can implement your own `+CacheManager+` (e.g. with Coherence,
etc.) and configure it as above, and you’ll be good to go.
== Authorization Cache Invalidation
[[CacheManager-AuthorizationCacheInvalidation]]
diff --git a/src/site/content/caching.adoc b/src/site/content/caching.adoc
index 63094a876..5d7c1e185 100644
--- a/src/site/content/caching.adoc
+++ b/src/site/content/caching.adoc
@@ -21,12 +21,12 @@ end-user to configure any cache mechanism they prefer.
Shiro has three important cache interfaces:
-*
link:static/current/apidocs/org/apache/shiro/cache/CacheManager.html[`+CacheManager+`]
+*
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/CacheManager.html[`+CacheManager+`]
- The primary Manager component for all caching, it returns `+Cache+`
instances.
-* link:static/current/apidocs/org/apache/shiro/cache/Cache.html[`+Cache+`]
+*
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/Cache.html[`+Cache+`]
- Maintains key/value pairs
-*
link:static/current/apidocs/org/apache/shiro/cache/CacheManagerAware.html[`+CacheManagerAware+`]
+*
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/CacheManagerAware.html[`+CacheManagerAware+`]
- Implemented by components wishing to receive and use a CacheManager
instance
@@ -67,12 +67,12 @@ own.
=== `+MemoryConstrainedCacheManager+`
The
-link:static/current/apidocs/org/apache/shiro/cache/MemoryConstrainedCacheManager.html[`+MemoryConstrainedCacheManager+`]
+link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/MemoryConstrainedCacheManager.html[`+MemoryConstrainedCacheManager+`]
is a `+CacheManager+` implementation suitable for single-JVM production
environments.
It is not clustered/distributed, so if your application spans across more than
one JVM (e.g. web app running on multiple web servers), and you want cache
entries to be accessible across JVMs, you will need to use a distributed cache
implement instead.
-The `+MemoryConstrainedCacheManager+` manages
link:static/current/apidocs/org/apache/shiro/cache/MapCache.html[`+MapCache+`]
instances, one `+MapCache+` instance per named cache.
+The `+MemoryConstrainedCacheManager+` manages
link:static/current/apidocs/shiro-cache/org/apache/shiro/cache/MapCache.html[`+MapCache+`]
instances, one `+MapCache+` instance per named cache.
Each `+MapCache+` instance is backed by a Shiro
link:static/current/apidocs/org/apache/shiro/util/SoftHashMap.html[`+SoftHashMap+`]
which can auto-resize itself based on an application’s runtime memory
constraints/needs (by leveraging JDK
https://docs.oracle.com/javase/7/docs/api/java/lang/ref/SoftReference.html[`+SoftReference+`]
instances).
Because the `+MemoryConstrainedCacheManager+` can auto-resize itself
diff --git a/src/site/content/testing.adoc b/src/site/content/testing.adoc
index 5bce7be56..9dc3e3938 100644
--- a/src/site/content/testing.adoc
+++ b/src/site/content/testing.adoc
@@ -21,7 +21,7 @@ This means three basic things must always occur in order to
support being able t
. The `Subject` instance must be _bound_ to the currently executing thread.
. After the thread is finished executing (or if the thread's execution results
in a `Throwable`), the `Subject` must be _unbound_ to ensure that the thread
remains 'clean' in any thread-pooled environment.
-Shiro has architectural components that perform this bind/unbind logic
automatically for a running application. For example, in a web application, the
root Shiro Filter performs this logic when
link:++https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/servlet/AbstractShiroFilter.html#doFilterInternal(javax.servlet.ServletRequest,javax.servlet.ServletResponse,javax.servlet.FilterChain)++[filtering
a request]. But as test environments and frameworks differ, we need to per
[...]
+Shiro has architectural components that perform this bind/unbind logic
automatically for a running application. For example, in a web application, the
root Shiro Filter performs this logic when
link:++https://shiro.apache.org/static/current/apidocs/shiro-web/org/apache/shiro/web/servlet/AbstractShiroFilter.html#doFilterInternal(javax.servlet.ServletRequest,javax.servlet.ServletResponse,javax.servlet.FilterChain)++[filtering
a request]. But as test environments and frameworks differ, we n [...]
[#Testing-TestSetup]
== Test Setup
diff --git a/src/site/content/web.adoc b/src/site/content/web.adoc
index d9a98b075..c7e72e8e7 100644
--- a/src/site/content/web.adoc
+++ b/src/site/content/web.adoc
@@ -312,7 +312,7 @@ Finally, each filter is free to handle the response however
it wants if its nece
====
Being able to react to path specific configuration, i.e. the
`[optional_configN]` part of a filter token, is a unique feature available to
Shiro filters.
-If you want to create your own `javax.servlet.Filter` implementation that can
also do this, make sure your filter subclasses
link:static/current/apidocs/org/apache/shiro/web/filter/PathMatchingFilter.html[org.apache.shiro.web.filter.PathMatchingFilter].
+If you want to create your own `javax.servlet.Filter` implementation that can
also do this, make sure your filter subclasses
link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/PathMatchingFilter.html[org.apache.shiro.web.filter.PathMatchingFilter].
====
===== Available Filters
@@ -355,24 +355,24 @@ authc.loginUrl = /login.jsp
...
----
-The default Filter instances available automatically are defined by the
link:static/current/apidocs/org/apache/shiro/web/filter/mgt/DefaultFilter.html[DefaultFilter
enum] and the enum's `name` field is the name available for configuration.
They are:
+The default Filter instances available automatically are defined by the
link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/mgt/DefaultFilter.html[DefaultFilter
enum] and the enum's `name` field is the name available for configuration.
They are:
|===
|Filter Name |Class
-|anon
|link:static/current/apidocs/org/apache/shiro/web/filter/authc/AnonymousFilter.html[org.apache.shiro.web.filter.authc.AnonymousFilter]
-|authc
|link:static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[org.apache.shiro.web.filter.authc.FormAuthenticationFilter]
-|authcBasic
|link:static/current/apidocs/org/apache/shiro/web/filter/authc/BasicHttpAuthenticationFilter.html[org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter]
-|authcBearer
|link:static/current/apidocs/org/apache/shiro/web/filter/authc/BearerHttpAuthenticationFilter.html[org.apache.shiro.web.filter.authc.BearerHttpAuthenticationFilter]
-|invalidRequest
|link:static/current/apidocs/org/apache/shiro/web/filter/InvalidRequestFilter.html[org.apache.shiro.web.filter.InvalidRequestFilter]
-|logout
|link:static/current/apidocs/org/apache/shiro/web/filter/authc/LogoutFilter.html[org.apache.shiro.web.filter.authc.LogoutFilter]
-|noSessionCreation
|link:static/current/apidocs/org/apache/shiro/web/filter/session/NoSessionCreationFilter.html[org.apache.shiro.web.filter.session.NoSessionCreationFilter]
-|perms
|link:static/current/apidocs/org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html[org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter]
-|port
|link:static/current/apidocs/org/apache/shiro/web/filter/authz/PortFilter.html[org.apache.shiro.web.filter.authz.PortFilter]
-|rest
|link:static/current/apidocs/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html[org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter]
-|roles
|link:static/current/apidocs/org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html[org.apache.shiro.web.filter.authz.RolesAuthorizationFilter]
-|ssl
|link:static/current/apidocs/org/apache/shiro/web/filter/authz/SslFilter.html[org.apache.shiro.web.filter.authz.SslFilter]
-|user
|link:static/current/apidocs/org/apache/shiro/web/filter/authc/UserFilter.html[org.apache.shiro.web.filter.authc.UserFilter]
+|anon
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authc/AnonymousFilter.html[org.apache.shiro.web.filter.authc.AnonymousFilter]
+|authc
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[org.apache.shiro.web.filter.authc.FormAuthenticationFilter]
+|authcBasic
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authc/BasicHttpAuthenticationFilter.html[org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter]
+|authcBearer
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authc/BearerHttpAuthenticationFilter.html[org.apache.shiro.web.filter.authc.BearerHttpAuthenticationFilter]
+|invalidRequest
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/InvalidRequestFilter.html[org.apache.shiro.web.filter.InvalidRequestFilter]
+|logout
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authc/LogoutFilter.html[org.apache.shiro.web.filter.authc.LogoutFilter]
+|noSessionCreation
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/session/NoSessionCreationFilter.html[org.apache.shiro.web.filter.session.NoSessionCreationFilter]
+|perms
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html[org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter]
+|port
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authz/PortFilter.html[org.apache.shiro.web.filter.authz.PortFilter]
+|rest
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html[org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter]
+|roles
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html[org.apache.shiro.web.filter.authz.RolesAuthorizationFilter]
+|ssl
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authz/SslFilter.html[org.apache.shiro.web.filter.authz.SslFilter]
+|user
|link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authc/UserFilter.html[org.apache.shiro.web.filter.authc.UserFilter]
|===
== Enabling and Disabling Filters
@@ -383,13 +383,13 @@ But a new feature added in Shiro 1.2 is the ability to
enable or disable filters
This is a powerful concept because it is often more convenient to enable or
disable a filter based on certain requirements than to change the static filter
chain definition, which would be permanent and inflexible.
-Shiro accomplishes this via its
link:static/current/apidocs/org/apache/shiro/web/servlet/OncePerRequestFilter.html[OncePerRequestFilter]
abstract parent class. All of Shiro's out-of-the-box Filter implementations
subclass this one and therefore are able to be enabled or disabled without
removing them from the filter chain. You can subclass this class for your own
filter implementations if you need this functionality as well*.
+Shiro accomplishes this via its
link:static/current/apidocs/shiro-web/org/apache/shiro/web/servlet/OncePerRequestFilter.html[OncePerRequestFilter]
abstract parent class. All of Shiro's out-of-the-box Filter implementations
subclass this one and therefore are able to be enabled or disabled without
removing them from the filter chain. You can subclass this class for your own
filter implementations if you need this functionality as well*.
*https://issues.apache.org/jira/browse/SHIRO-224[SHIRO-224] will hopefully
enable this feature for any filter, not just those subclassing
`OncePerRequestFilter`. If this is important to you, please vote for the issue.
=== General Enabling/Disabling
-The
link:static/current/apidocs/org/apache/shiro/web/servlet/OncePerRequestFilter.html[OncePerRequestFilter]
(and all of its subclasses) supports enabling/disabling across all requests as
well as on a per-request basis.
+The
link:static/current/apidocs/shiro-web/org/apache/shiro/web/servlet/OncePerRequestFilter.html[OncePerRequestFilter]
(and all of its subclasses) supports enabling/disabling across all requests as
well as on a per-request basis.
General enabling or disabling of a filter for all requests is done by setting
its `enabled` property to true or false. The default setting is `true` since
most filters inherently need to execute if they are configured in a chain.
@@ -419,7 +419,7 @@ This method defaults to returning the value of the
`enabled` property, which is
=== Path-specific Enabling/Disabling
-Shiro's
link:static/current/apidocs/org/apache/shiro/web/filter/PathMatchingFilter.html[PathMatchingFilter]
(a subclass of `OncePerRequestFilter` has the ability to react to
configuration based on a _specific path_ being filtered. This means you can
enable or disable a filter based on the path and the path-specific
configuration in addition to the incoming request and response.
+Shiro's
link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/PathMatchingFilter.html[PathMatchingFilter]
(a subclass of `OncePerRequestFilter` has the ability to react to
configuration based on a _specific path_ being filtered. This means you can
enable or disable a filter based on the path and the path-specific
configuration in addition to the incoming request and response.
If you need to be able to react to the matching path and the path-specific
configuration to determine if a filter is enabled or disabled, instead of
overriding `OncePerRequestFilter` `isEnabled(request,response)` method, you
would override the `PathMatchingFilter`
`isEnabled(request,response,path,pathConfig)` method instead.
@@ -470,7 +470,7 @@ URL rewriting for `jsessionid` is defined in section
"7.1.3" of the Java Servlet
=== HTTP Strict Transport Security (HSTS)
-The
link:static/current/apidocs/org/apache/shiro/web/filter/authz/SslFilter.html[SslFilter]
(and all of its subclasses) supports enabling/disabling HTTP Strict Transport
Security (HSTS).
+The
link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authz/SslFilter.html[SslFilter]
(and all of its subclasses) supports enabling/disabling HTTP Strict Transport
Security (HSTS).
For example, in shiro.ini:
@@ -523,7 +523,7 @@ The word 'Native' here means that Shiro's own enterprise
session management impl
==== `DefaultWebSessionManager`
-To enable native session management for your web application, you will need to
configure a native web-capable session manager to override the default servlet
container-based one. You can do that by configuring an instance of
link:static/current/apidocs/org/apache/shiro/web/session/mgt/DefaultWebSessionManager.html[`DefaultWebSessionManager`]
on Shiro's `SecurityManager`. For example, in `shiro.ini`:
+To enable native session management for your web application, you will need to
configure a native web-capable session manager to override the default servlet
container-based one. You can do that by configuring an instance of
link:static/current/apidocs/shiro-web/org/apache/shiro/web/session/mgt/DefaultWebSessionManager.html[`DefaultWebSessionManager`]
on Shiro's `SecurityManager`. For example, in `shiro.ini`:
*shiro.ini native web session management*
@@ -549,7 +549,7 @@ After configuring the `DefaultWebSessionManager` instance,
session timeout is co
The `DefaultWebSessionManager` supports two web-specific configuration
properties:
* `sessionIdCookieEnabled` (a boolean)
-* `sessionIdCookie`, a
link:static/current/apidocs/org/apache/shiro/web/servlet/Cookie.html[Cookie]
instance.
+* `sessionIdCookie`, a
link:static/current/apidocs/shiro-web/org/apache/shiro/web/servlet/Cookie.html[Cookie]
instance.
[INFO]
.Cookie as a template
@@ -559,7 +559,7 @@ The `sessionIdCookie` property is essentially a template -
you configure the `Co
====== Session Cookie Configuration
-The DefaultWebSessionManager's `sessionIdCookie` default instance is a
link:static/current/apidocs/org/apache/shiro/web/servlet/SimpleCookie.html[`SimpleCookie`].
This simple implementation allows JavaBeans-style property configuration for
all the relevant properties you would want to configure on an http Cookie.
+The DefaultWebSessionManager's `sessionIdCookie` default instance is a
link:static/current/apidocs/shiro-web/org/apache/shiro/web/servlet/SimpleCookie.html[`SimpleCookie`].
This simple implementation allows JavaBeans-style property configuration for
all the relevant properties you would want to configure on an http Cookie.
For example, you could set the Cookie domain:
@@ -570,7 +570,7 @@ For example, you could set the Cookie domain:
securityManager.sessionManager.sessionIdCookie.domain = foo.com
----
-See the
link:static/current/apidocs/org/apache/shiro/web/servlet/SimpleCookie.html[SimpleCookie
JavaDoc] for additional properties.
+See the
link:static/current/shiro-web/apidocs/org/apache/shiro/web/servlet/SimpleCookie.html[SimpleCookie
JavaDoc] for additional properties.
The cookie's default name is `JSESSIONID` in accordance with the servlet
specification. Additionally, Shiro's cookie supports the
https://en.wikipedia.org/wiki/HTTP_cookie#HttpOnly_cookie[`HttpOnly`] and
https://en.wikipedia.org/wiki/HTTP_cookie#Same-site_cookie[`SameSite`] flags.
The `sessionIdCookie` sets `HttpOnly` to `true` and `SameSite` to `LAX` by
default for extra security.
@@ -626,7 +626,7 @@ SecurityUtils.getSubject().login(token);
=== Form-based Login
-For web applications, the `authc` filter is by default a
link:static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`].
This supports reading the 'rememberMe' boolean as a form/request parameter. By
default, it expects the request param to be named `rememberMe`. Here is an
example shiro.ini config supporting this:
+For web applications, the `authc` filter is by default a
link:static/current/apidocs/shiro-web/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`].
This supports reading the 'rememberMe' boolean as a form/request parameter. By
default, it expects the request param to be named `rememberMe`. Here is an
example shiro.ini config supporting this:
[source,ini]
----
@@ -680,7 +680,7 @@ securityManager.rememberMeManager.cookie.maxAge = blah
...
----
-See the
link:static/current/apidocs/org/apache/shiro/web/mgt/CookieRememberMeManager.html[`CookieRememberMeManager`]
and the supporting
link:static/current/apidocs/src-html/org/apache/shiro/web/servlet/SimpleCookie.html[`SimpleCookie`]
JavaDoc for configuration properties.
+See the
link:static/current/apidocs/shiro-web/org/apache/shiro/web/mgt/CookieRememberMeManager.html[`CookieRememberMeManager`]
and the supporting
link:static/current/apidocs/src-html/org/apache/shiro/web/servlet/SimpleCookie.html[`SimpleCookie`]
JavaDoc for configuration properties.
=== Custom `RememberMeManager`
diff --git a/src/site/content/webapp-tutorial.adoc
b/src/site/content/webapp-tutorial.adoc
index 52af113cb..5c12dcbb3 100644
--- a/src/site/content/webapp-tutorial.adoc
+++ b/src/site/content/webapp-tutorial.adoc
@@ -468,7 +468,7 @@ shiro.loginUrl = /login.jsp
This is a special configuration directive that tells Shiro "For any of Shiro's
https://shiro.apache.org/web.html#Web-DefaultFilters[default filters] that have
a `loginUrl` property, I want that property value to be set to `/login.jsp`."
-This allows Shiro's default `authc` filter (by default, a
https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`])
to know about the login page. This is necessary for the
`FormAuthenticationFilter` to work correctly.
+This allows Shiro's default `authc` filter (by default, a
https://shiro.apache.org/static/current/apidocs/web/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`])
to know about the login page. This is necessary for the
`FormAuthenticationFilter` to work correctly.
==== The `[urls]` section
@@ -502,7 +502,7 @@ The `step3` branch contains a new
`src/main/webapp/login.jsp` page. This is a si
. There is a `password` form field. The Shiro `authc` filter will
automatically look for a `password` request parameter during login submission.
. There is a `rememberMe` checkbox whose 'checked' state can be a 'truthy'
value (`true`, `t`, `1`, `enabled`, `y`, `yes`, or `on`).
-Our login.jsp form just uses the default `username`, `password`, and
`rememberMe` form field names. These names are configurable if you wish to
change them - see the
https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`
JavaDoc] for information.
+Our login.jsp form just uses the default `username`, `password`, and
`rememberMe` form field names. These names are configurable if you wish to
change them - see the
https://shiro.apache.org/static/current/apidocs/web/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.html[`FormAuthenticationFilter`
JavaDoc] for information.
=== Step 3c: Run the webapp
@@ -761,7 +761,7 @@ The `<shiro:lacksRole>` tag will only display the
contents if the current
An exercise left to the reader (not a defined step) is to create a new section
of the website and restrict URL access to that section of the website based on
what role is assigned to the current user.
-Hint: Create a
https://shiro.apache.org/web.html#Web-FilterChainDefinitions[filter chain
definition] for that new part of the webapp using the
https://shiro.apache.org/static/current/apidocs/org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html[`roles`
filter]
+Hint: Create a
https://shiro.apache.org/web.html#Web-FilterChainDefinitions[filter chain
definition] for that new part of the webapp using the
https://shiro.apache.org/static/current/apidocs/web/org/apache/shiro/web/filter/authz/RolesAuthorizationFilter.html[`roles`
filter]
=== Step 6d: Run the webapp
