Apache Shiro Learning---Introduction

Apache Shiro is a security framework for Java. Shiro can be very easy to develop a good enough application, not only can be used in the javase environment, but also can be used in the Java EE environment.

The basic function points are as follows:

Authentication : identity Authentication/login, verify that the user has the corresponding identity;

Authorization : authorization, which is authentication of permissions, verifies that a authenticated user has a permission, that is, whether a user can do something, as usual: Verifying that a user has a role. or fine-grained verification that a user has a certain permission on a resource;

Session Manager : session management, that is, after the user logs on is a session, before exiting, all its information is in the session, the session can be normal javase environment, or it can be a web environment;

Cryptography : encryption, protection of data security, such as password encryption stored in the database, rather than plaintext storage;

Web Support : Web support, can be very easy to integrate into the web environment;

Caching: Cache, such as user login, its user information, the role/permissions do not need to check every time, this can improve efficiency;

Concurrency :Shiro supports concurrent authentication for multi-threaded applications, such as opening another thread in one thread to automatically propagate the past;

Testing : provide testing support;

Run as : allows one user to pretend to access the identity of another user (if they allow it);

Remember Me : Remember me, this is a very common feature, that is, once logged in, the next time you come back without logging in.

Apache Shiro Learning---Introduction