About Apache Shiro

Source: Internet
Author: User
Tags var dump

var dump
Links: https://zhuanlan.zhihu.com/p/23300328

Recently, a project based on Java/C/s architecture, mainly related to authority management. Learn about the Apache Shiro fit to do this. Its official web-based tutorials are well written and intend to translate these tutorials into English, which is the first article. What is Apache Shiro?

Apache Shiro is a powerful, flexible, open source security management framework that handles authentication (authentication), Authorization (authorization), Enterprise session in a very elegant way (corporate sessions?). ) and cryptography () encryption.

Translator: Some of the special nouns in Shiro will not be translated into Chinese, but the translator will give the Chinese interpretation in parentheses according to his own understanding.

Apache Shiro's primary goal is to be easy to get started and easy to understand. In software, security management can be very complex and painful, but Apache Shiro makes it very simple. Here's what Apache Shiro can do:

    • Identify user identities
    • Manage user permissions, for example, to determine whether a user has a role or whether a user is allowed to do a certain action
    • You can use the session API even if you do not have a Web or EJB container
    • Perform some actions when authenticating user identities, rights Management, or session life cycle
    • One or more user rights data sources can be aggregated and displayed uniformly in the form of a user view
    • Enables single sign-on functionality (SSO)
    • The ability to "remember me" is realized without logging in

So what types of applications can Shiro be used in? Small to the command-line program, large to enterprise applications, Shiro can be used in almost any scenario.

Features of Apache Shiro

Apache Shiro is a widely used security management framework with many features. The overall architecture of Shiro is presented, and this series of tutorials will be organized in order of organization.

Shiro's goal is to do a good job of authentication (identity identification), Authorization (Rights Management), session Management (Session Management), cryptography (encryption) Four aspects (this is the four cornerstones of software security).

    • Authentication (identification): sometimes refers to login, identify the user identity
    • Authorization (Rights Management): Determines whether a user has access to something
    • Session Management: Even if not a web app or EJB app, you can still manage sessions with explicit users
    • Cryptography (Encryption): Using encryption algorithms to ensure data security

To support more applications, Shrio has other features:

    • Support for Web Apps
    • Caching: Ensures the speed and efficiency of security management
    • Concurrency: Supports multithreaded applications
    • Testing: The security of the program can be verified through unit testing and integration testing
    • "Run as": Allows a user to assign an identity to another user (commonly used in some administrative management software)
    • "Remember Me": Remembers user identity during session (sessions), requires user logon when only mandatory logon is required

About Apache Shiro

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.