!"#$%&''()*"+,-%./*01)2$%%3)24%&'"*4/%.4)1,%5/#%6"7(/3,,8%!"#$%&'(%)*+',*+-&$.'
.2/'%HI%C,((/*+-;%B1 )-* )'"(#%J%C 1/8/-+"(#% UsernamePasswordToken token = new UsernamePasswordToken(username, password); //”Rem
.2/'%KI%.0@?)##),-%Subject currentUser = SecurityUtils.getSubject(); currentUser.login(token);
.2/'%LI%M1"-2%&**/##%,1%6"-8(/%G")(01/ %%try { currentUser.login(token); } catch (UnknownAccountException uae ){ ... } ca
6,3%8,/#%)2%3,1=:%(>D-&$.' 5=+<)8W.+B&8X'
6,3%8,/#%)2%3,1=:%(>D-&$.'(&$>*).:;#8#<&*'5=+<)8W.+B&8X'
6,3%8,/#%)2%3,1=:%(>D-&$.'(&$>*).:;#8#<&*'!>.%&89$#.+*'5=+<)8W.+B&8X'
6,3%8,/#%)2%3,1=:%(>D-&$.'(&$>*).:;#8#<&*'!>.%&89$#.+*'Y&#=3'['5=+<)8W.+B&8X'\&ap
6,3%8,/#%)2%3,1=:%(>D-&$.'(&$>*).:;#8#<&*'!>.%&89$#.+*'Y&#=3'['5=+<)8W.+B&8X'!>
&024,1)7"+,-%P&D'(>""+*.'!>Q)=)#*:'H&#.>*&4'(&44)+8';#8#<&3&8.'!&
&024,1)7"+,-%E/F-/8%,*+$&44'+?'7&.&*3)8)8<'_A%+'$#8'7+'A%#.`'!G!'!$$&44'/+8.*
• 67&89.:';#8#<&3&8.'#87'!$$&44'/+8.*+='!,6'• (&$>*).:'?+*'your'#""
B/1?)##),-#%E/F-/8%• ;+4.'#.+3)$'4&$>*).:'&=&3&8.''• E&4$*)D&4'*&4+>*$&'typ
D,(/#%E/F-/8%• 63"=)$).'+*'NQ"=)$).'$+84.*>$.'• 63"=)$).K'^#3&'+8=:'• NQ"=)$).K'
O#/1#%E/F-/8%• 0%&'_A%+`'+?'.%&'#""=)$#9+8'• 'P%#.'&#$%'>4&*'$#8'7+&a
&024,1)7"+,-%G/"201/#%• (>D-&$.T$&8.*)$'W$>**&8.'>4&*X'• /%&$B4'D#4&7'+8&apo
6,3%2,%&024,1)7/%3)24%.4)1,%;>=9"=&'3T'+?'$%&$B)8<'#$$&44'$+8.*+=K'• ,*+<*#33#9$#=
B1,;1"??"+*%&024,1)7"+,-% //get the current Subject Subject currentUser = SecurityUtils.getSubject(); if (currentUser.hasRole(
B1,;1"??"+*%&024,1)7"+,-%Subject currentUser = SecurityUtils.getSubject(); Permission deleteUser = new UserPermission(“jsmith
B1,;1"??"+*%&024,1)7"+,-%String perm = “user:delete:jsmith”; if(currentUser.isPermitted(perm)){ //show the ‘delete user’ butto
&--,2"+,-%&024,1)7"+,-%@RequiresRoles( “teller” ) public void openAccount(Account a) { //do something in here that //only
&--,2"+,-%&024,1)7"+,-%@RequiresPermissions(“account:create”) public void openAccount(Account a) { //create the account } ,&am
Explosive Growth in Apache Shiro Aug 2012 Dec 2010 300K DOWNLOADS • !""=)$#9+8'4&$>*).:'?*#3&A+*B'• !(H'0I,
!-2/1'1)#/%./##),-%Q"-";/?/-2%P&D'(>""+*.'!>Q)=)#*:'H&#.>*&4'!>.%+*)R#9+8'!&
./##),-%Q"-";/?/-2%E/F-/8%;#8#<)8<'.%&'=)?&$:$=&'+?'(>D-&$.T4"&$)O$'.&3"
./##),-%Q"-";/?/-2%G/"201/#%• Z&.&*+<&8&+>4'$=)&8.'#$$&44'• ,1a1La](N'D#4&7&apo
&*R0)1)-;%"-8%C1/"+-;%./##),-#%Subject currentUser = SecurityUtils.getSubject() //guarantee a session Session session = subject.get
./##),-%&BS%getStartTimestamp() getLastAccessTime() getAttribute(key) setAttribute(key, value) get/setTimeout(long) touch() ...
C1$'2,;1"'4$%P&D'(>""+*.'!>Q)=)#*:'H&#.>*&4'!>.%+*)R#9+8'!>.%&89$#9+8
C1$'2,;1"'4$%E/F-/8%,*+.&$98<')8?+*3#9+8'?*+3'>87&4)*&7'#$$&44'D:'%)7)8<').
C)'4/1#%E/F-/8%N8$*:"9+8'#87'7&$*:"9+8'7#.#'D#4&7'+8'4%#*&7'+*'">D=)$L"
6"#4/#%E/F-/8%!'+8&TA#:2')**&F&*4)D=&'$+8F&*4)+8'+?'#8')8">.'4+>*$&'W#
C1$'2,;1"'4$%G/"201/#%.)?'()*)2$%• 68.&*?#$&T7*)F&82',1a1'D#4&7'• ()3"=)O&7'A*
&;/-8"%P&D'(>""+*.'!>Q)=)#*:'H&#.>*&4'!>.%&89$#9+8'(&44)+8';#8#<&a
C)'4/1%G/"201/#%• 11'Z)&*#*$%:''a$#/)"%&*(&*F)$&2'!D4.*#$.(:33&.*)$/)"%&*(&*F)$&a
!P"?'(/I%B(")-2/P2%W)3#<&'$+>*.&4:'P)B),&7)#X'
!P"?'(/I%!CV%Q,8/%WXEY%E/N"0(2Z[%W)3#<&'$+>*.&4:'P)B),&7)#X'
!P"?'(/I%.4)1,%E/ N "0(2#%W)3#<&'$+>*.&4:'P)B),&7)#X'
.4)1,\#%C)'4/1./1])*/%S-2/1N"*/%public interface CipherService { ByteSource encrypt(byte[] raw, byte[] key); void encrypt(In
6"#4%G/"201/#%• E&?#>=.')8.&*?#$&')3"=&3&8.#9+84';Eb2'(Z![2'(Z!T]bk2'&.5&apos
.4)1,\#%6"#4%S-2/1N"*/%public interface Hash { byte[] getBytes(); String toHex(); String toBase64(); }
S-20)+]/%^^%6"#4%&BS%//some examples: new Md5Hash(“foo”).toHex(); //File MD5 Hash value for checksum: new Md5Hash( aFile ).toHex(); //store
9/@%.0'',12%9/@%.0'',12%!>Q)=)#*:'H&#.>*&4'/*:".+<*#"%:'(&44)+8';#8#<&3&
9/@%.0'',12%G/"201/#%• ()3"=&'(%)*+H)=.&*'A&D5Q3='7&O8)9+8'• ,*+.&$.4'#=='@YI4
<0)*=%>/1?)-,(,;$%• .0@A/*2%S'(&$>*).:T4"&$)O$'>4&*'UF)&AV'• B1)-*)'"(#'S'(
3/@_P?(%<filter> <filter-name>ShiroFilter</filter-name> <filter-class> org.apache.shiro.web.servlet.IniShiroFilter <
#4)1,_)-)%[main] ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm ldapRealm.userDnTemplate = uid={0},ou=users,dc=mycompany,dc=com ldapRealm.conte
X.B%>";5)@%&024,1)7"+,-%<%@ taglib prefix=“shiro” uri=“http://shiro.apache.org/tags” %> <html> <body>
X.B%>";5)@#%<%@ taglib prefix=“shiro” uri=http://shiro.apache.org/tags %> <!-- Other tags: --> <shiro:guest/> <shiro:use
&0P)()"1$%G/"201/#%P&D'(>""+*.'&0P)()"1$%G/"201/#%/*:".+<*#"%:'(&44)+8&ap
&0P)()"1$%G/"201/#%• 0%*)8<'c'/+8$>**&8$:'/#==#D=&LY>88#D=&'c'NQ&$>.+*LNQ&a
5,;;)-;%^02%18&'3&.%+7K' !""T4"&$)O$'=+<T+>.'=+<)$K'g&?+*&L!m&*'.%&am
C,?)-;%)-%H_L`%K_a%• 0:"&4#?&'NF&8.g>4'• 110g'Z#R&=$#4.'(&44)+8'$=>4.&*)8<'• I+
&''()*"+,-%b%.2,1?'"24%D/"(?%.2,1?'"24I%O#/1%Q"-";/?/-2%&BS%./1])*/%^02U,NU24/U@,P%G/"2
B0@()*%C(,08%.2,1?'"24I%C(,08%E/'(,$?/-2%&''()*"+,-%&''()*"+,-%&''()*"+,-%&
&024/-+*"+,-%P&D'(>""+*.'!>Q)=)#*:'H&#.>*&4'(&44)+8';#8#<&3&8.'!&
>4"-=%d,0Z%• =&4o4.+*3"#.%5$+3'• 0A)J&*K'o=%#R=&A++7'• %J"KLLAAA54.+*3"#.%5$+3'
&024/-+*"+,-%E/F-/8%Identity verification: Proving a user is who he says he is
.4)1,%&024/-+*"+,-%G/"201/#%• (>D-&$.TD#4&7'W$>**&8.'>4&*X'• ()8<=&'3&.%+7&apo
6,3%2,%&024/-+*"2/%3)24%.4)1,%Steps 1. Collect principals & credentials 2. Submit to Authentication System 3. Allow, retry, or block a
Comments to this Manuals