The Apache Shiro configuration is divided into four main parts:
Definition and configuration of objects and propertiesFilter configuration for URLsStatic User ConfigurationStatic role ConfigurationWhere dynamic data is typically performed by the user and role in the background, the Shiro configuration typically contains only the first two configurations.
Most o
the configuration file, such as:Java code
[Main]
...
Authcstrategy = Org.apache.shiro.authc.pam.FirstSuccessfulStrategy
SecurityManager.authenticator.authenticationStrategy = $authcStrategy
...
3. Order of RealmBy the authentication strategy just mentioned, you can see that the order of realm in Modularrealmauthenticator has an impact on authentication.Modularrealmauthenticator will read the realm configured in SecurityManager. When the authentication is performed,
"Org.slf4j.impl.StaticLoggerBinder".Slf4j:defaulting to No-operation (NOP) Logger implementationSlf4j:see Http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.This is due to no dependency on adding log4j. We need to add this dependency to Maven and do the following:Opens a. pom file and joins a new dependency in dependenciesSave.Then recompile and re-execute the Exec:javaYou can see that the program is running correctly.001002The output information of
Authorization for multiple realmsStrategyIf a realm does not implement Authorizer, do not validateIf a realm implements AuthorizerOnce the checksum fails, throw authorizationexception immediately.Once the checksum is successful, return true immediatelyPermissionresolver Permissions ResolverUsed to parse a permission string into a permission object, Shiro internally using a permission object for validationDefault Wildcardpermissionresolver (wildcard p
, we can customize the implementation of a authenticatorThen, like the code below, assign this authenticator to the security manager[main] == $authenticatorAuthenticationstrategyatleastonesuccessfulstrategy[Default value]Once a realm verification is successful, all realm authentication authentication information is successfully returned.FirstsuccessfulstrategyAs long as a reaml authentication succeeds, only the authentication information of the first REAML authentication is returned, and the ot
Shiro's design goal is to make the application's security management simpler and more intuitive.Software systems are generally designed to be based on user stories. That is, we design the user interface and the service interface based on how a customer interacts with this software system. For example, you might say, "If a user is logged into our system, I'll show them a button and then click on it to view his own account information." If I'm not logged in, I'll show him a registration button. ”T
First, Shiro certification process
1. Collect Entity/credential information
Copy Code code as follows:
Example using most common scenario of Username/password pair:
Usernamepasswordtoken token = new Usernamepasswordtoken (username, password);
"Remember Me" built-in:
Token.setrememberme (TRUE);
Usernamepasswordtoken supports the most common user name/password authentication mechanism. At the same time, because it implem
ClusterCluster to implement sessionShiro supports distributed cachingWeb Container EnvironmentNative environmentBased on Pojo multilayer architectureSupport for Cluster SessiondaoThe Transparent SessionManagerSupports integration of multiple distributed cache serversEnterprisecachesessiondaoActivesessionscacheThird-party integrationEhcache+terracottaZookeeper4. session and User statusStateful applicationsShiro use session to save authentication status by defaultGet user status through SessionID
Authentication is the process of verifying a user's identity. During the authentication process, the user is required to submit entity information (principals) and credential information (Credentials) to verify that the user is legitimate. The most common "entity/credential" combination is the "username/password" combination.first, the Shiro certification process1. Collect entity/credential information// Example using the most common scenario of Usern
Authorization (Authorization), also called access control, is a process of managing access to resources, that is, in the application summary, who has what permissions (what the user can see, what can be done).In the Itoo project, the first is to consider role-based authorization, when the role of the user changes, not flexible, so in order to better integrate the actual situation of the project, is the use of the method of the string to verify the permissions, of course, for the background of th
Apache Shiro is a powerful and easy-to-integrate open-source rights framework that enables authentication, authorization, encryption, session management, and more. Authentication and authorization are the core of authority control, simply, "certification" is to prove who you are? The general practice of WEB applications is to submit user names and passwords through forms for authentication purposes. Authori
Apache Shiro is a powerful and easy-to-integrate open-source rights framework that enables authentication, authorization, encryption, session management, and more. Authentication and authorization are the core of authority control, simply, "certification" is to prove who you are? The general practice of WEB applications is to submit user names and passwords through forms for authentication purposes. Authori
Apache Shiro is a powerful and easy-to-integrate open-source rights framework that enables authentication, authorization, encryption, session management, and more. Authentication and authorization are the core of authority control, simply, "certification" is to prove who you are? The general practice of WEB applications is to submit user names and passwords through forms for authentication purposes. Authori
Apache Shiro is a framework that can be used for authentication and authorization. This article provides several examples to show how to do this in Java? The application uses Shiro and gives an overview of how to use it in a Grails Web application. To maximize the benefits from this article, you should be accustomed to creating Java applications and installing se
Apache Shiro Rights Management Framework IntroductionApache Shiro's website address is as follows:
http://shiro.apache.org/
Apache Shiro is an easy-to-use, powerful and flexible open source Java Security Framework, hereinafter referred to as Shiro. It cleanly h
Apache Shiro is a framework that can be used for authentication and authorization. This article provides several examples to show how to use Shiro in a Java™ application and gives an overview of how to use it in a Grails Web application. To maximize the benefits from this article, you should be accustomed to creating Java applications and installing several of th
Apache Shiro Authentication)
Authentication: The process of authentication-that is, to prove the real identity of a user. To prove the identity of a user, you must provide the identity information and evidence that the system understands and believes.
You need to provide Shiro with the user's identity (principals) and credentials to determine whether it matches
Preface
Welcome to Apache Shiro for a 10-minute tour!
We hope that this simple and quick example will give you an in-depth understanding of shiro in your application. Well, you can fix it in 10 minutes.
Overview
What is Apache Shiro?
A
1.1 IntroductionApache Shiro is a security framework for Java. Currently, there are more and more people using Apache Shiro, because it is fairly simple, compared to spring security, it may not be as powerful as spring security, but it may not need to be as complex as it actually works. So the use of small and simple Shiro
IntroductionApache Shiro is a powerful and flexible open source security framework that can clearly handle authentication, authorization, enterprise session management, and encryption. The primary goal of Apache Shiro is ease of use and understanding. Sometimes security can be very complex and painful, and the framework should cover up as much complexity as possi
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.