官方文档:

https://shiro.apache.org/reference.html

https://shiro.apache.org/java-authentication-guide.html

Terminology you’ll need

  • Subject - Security specific user ‘view’ of an application user. It can be a human being, a third-party process, a server connecting to you application, or even a cron job. Basically, it is anything or anyone communicating with your application.

  • Principals - A subjects identifying attributes. First name, last name, social security number, username

  • Credentials - secret data that are used to verify identities. Passwords, Biometric data, x509 certificates,

  • Realms - Security specific DAO, data access object, software component that talks to a backend data source. If you have usernames and password in LDAP, then you would have an LDAP Realm that would communicate with LDAP. The idea is that you would use a realm per back-end data source and Shiro would know how to coordinate with these realms together to do what you have to do.

First, we need to acquire the currently executing user, referred to as the subject.

  A subject is just a security specific view of the user—-it can be a human, a process, cron job, doesn’t matter.

About "READMEMBER ME"

In Shiro, the Subject object supports two methods : isRemembered() and isAuthenticated().

A “remembered” subject has an identity (it is not anonymous) and their identifying attributes,referred to as principals, are remembered from a successful authentication during a previous session.

An authenticated subject has proved their identity during their current session.

  If a subject is remembered, it DOES NOT mean they are authenticated.  

Login/Logout

 //With most of Shiro, you'll always want to make sure you're working with the currently

 //executing user, referred to as the subject

 Subject currentUser = SecurityUtils.getSubject();

 //Authenticate the subject by passing

 //the user name and password token

 //into the login method

 currentUser.login(token);

 //Your Code Here

 currentUser.logout(); //removes all identifying information and invalidates their session too.

rich exception hierarchy

丰富的异常层级(机制)

 try {

     currentUser.login(token);

 } catch  ( UnknownAccountException uae ) { ...

 } catch  ( IncorrectCredentialsException ice ) { ...

 } catch  ( LockedAccountException lae ) { ...

 } catch  ( ExcessiveAttemptsException eae ) { ...

 } ...  your own ...

 } catch ( AuthenticationException ae ) {

     //unexpected error?

 }

 //No problems, show authenticated view…

词汇部分

译:

Again really, really easy   非常非常简单/容易

retain         保留

authentication attempt     验证尝试.n

hierarchy        等级制度、层次、层级、阶层、层次结构

integration         整合;集成

音:

[E] Shiro 官方文档阅读笔记 The Reading Notes of Shiro's Offical Docs的更多相关文章

  1. python2.7官方文档阅读笔记

    官方地址:https://docs.python.org/2.7/tutorial/index.html 本笔记只记录本人不熟悉的知识点 The Python Tutorial Index 1 Whe ...

  2. 保存与恢复变量和模型,tensorflow官方文档阅读笔记

    官方中文文档的网址先贴出来:https://tensorflow.google.cn/programmers_guide/saved_model tf.train.Saver 类别提供了保存和恢复模型 ...

  3. Effective Go(官方文档)笔记

    Effective Go(官方文档)笔记 自己主动局部变量提升(编译期完毕?):return &...; 内置函数: new/make copy, append delete range(这是 ...

  4. pm2 官方文档 学习笔记

    一.安装 1.安装 npm install pm2 -g 2.更新 npm install pm2 -g && pm2 update pm2 update 是为了刷新 PM2 的守护进 ...

  5. vue.js 2.0 官方文档学习笔记 —— 01. vue 介绍

    这是我的vue.js 2.0的学习笔记,采取了将官方文档中的代码集中到一个文件的形式.目的是保存下来,方便自己查阅. !官方文档:https://cn.vuejs.org/v2/guide/ 01. ...

  6. Vue2.0 官方文档学习笔记

    VUE2.0官方文档 基础部分: 1.VUE简介 Vue是一个基于MVVM的框架,其中M代表数据处理层,V代表视图层即我们在Vue组件中的html部分,VM即M和V的结合层,处理M层相应的逻辑数据,在 ...

  7. django官方文档读书笔记

    写在前面:这算是第二次读英文原文文档,第一次是读scrapy,感觉还是要做笔记,好记性不如烂笔头,现在已经忘了scrapy文档讲了什么了,心疼.以后要多读多写 经过半年的基础学习(懒,拖延)终于来到w ...

  8. Less 官方文档学习笔记

    LESS 是css的一种扩展,它的编辑器是基于node.js 的less.js,将less文件编译成css文件(可压缩). 其中的概念: 变量:定义变量来代替某个值,只能编译一次,本质是“常量”.例如 ...

  9. Spark监控官方文档学习笔记

    任务的监控和使用 有几种方式监控spark应用:Web UI,指标和外部方法 Web接口 每个SparkContext都会启动一个web UI,默认是4040端口,用来展示一些信息: 一系列调度的st ...

随机推荐

  1. 给 VS2017、VS2019 安装 ILSpy 插件

    关于 ILSpy is the open-source .NET assembly browser and decompiler. ILSpy 主页地址:https://github.com/icsh ...

  2. Dapper - 一款轻量级对象关系映射(ORM)组件,DotNet 下

    Dapper - a simple object mapper for .Net Official Github clone: https://github.com/SamSaffron/dapper ...

  3. DevExpress的TreeList实现节点上添加自定义右键菜单并实现删除节点功能

    场景 Winform控件-DevExpress18下载安装注册以及在VS中使用: https://blog.csdn.net/BADAO_LIUMANG_QIZHI/article/details/1 ...

  4. JQuery 遍历table中的checkbox 并对行数据进行校验

    JQuery中confirm的使用 $(document).ready(function () { $("#Btn_Print").click(function () { var ...

  5. JS读取xml

    xml文件 <?xml version="1.0" encoding="utf-8"?> <root> <data id=&quo ...

  6. 基于WEB的网上购物系统-ssh源码

    基于WEB的网上购物系统主要功能包括:前台用户登录退出.注册.在线购物.修改个人信息.后台商品管理等等.本系统结构如下:(1)商品浏览模块:        实现浏览最新商品        实现按商品名 ...

  7. FastReport的模板文件frx文件啊怎样打开并编辑修改

    场景 FastReport安装包下载.安装.去除使用限制以及工具箱中添加控件: https://blog.csdn.net/BADAO_LIUMANG_QIZHI/article/details/10 ...

  8. Java执行shell脚本并返回结果两种方法的完整代码

    Java执行shell脚本并返回结果两种方法的完整代码 简单的是直接传入String字符串,这种不能执行echo 或者需要调用其他进程的命令(比如调用postfix发送邮件命令就不起作用) 执行复杂的 ...

  9. 关于css中的定位

    关于前端的几种定位方式 近期自己感觉自己对于前端定位的知识还是不是太理解,所以自己就在这里做一个总结 1.元素的定位属性主要包括定位模式和边偏移两部分. 边偏移属性 描述 top       bott ...

  10. git合并单个节点

    有两个分支 # git branch -a * branchA branchB A分支合并B分支单个节点 # git log commit 6b4f9e1e1a1e1ed3e7ca3a1f15ce1f ...