zoukankan      html  css  js  c++  java
  • [E] Shiro 官方文档阅读笔记 The Reading Notes of Shiro's Offical Docs

    官方文档:

    https://shiro.apache.org/reference.html

    https://shiro.apache.org/java-authentication-guide.html

    Terminology you’ll need

    • Subject - Security specific user ‘view’ of an application user. It can be a human being, a third-party process, a server connecting to you application, or even a cron job. Basically, it is anything or anyone communicating with your application.

    • Principals - A subjects identifying attributes. First name, last name, social security number, username

    • Credentials - secret data that are used to verify identities. Passwords, Biometric data, x509 certificates,

    • Realms - Security specific DAO, data access object, software component that talks to a backend data source. If you have usernames and password in LDAP, then you would have an LDAP Realm that would communicate with LDAP. The idea is that you would use a realm per back-end data source and Shiro would know how to coordinate with these realms together to do what you have to do.

    First, we need to acquire the currently executing user, referred to as the subject.

      A subject is just a security specific view of the user—-it can be a human, a process, cron job, doesn’t matter.

     

    About "READMEMBER ME"

    In Shiro, the Subject object supports two methods : isRemembered() and isAuthenticated().

    A “remembered” subject has an identity (it is not anonymous) and their identifying attributes,referred to as principals, are remembered from a successful authentication during a previous session.

    An authenticated subject has proved their identity during their current session.

      If a subject is remembered, it DOES NOT mean they are authenticated.  

    Login/Logout

     1 //With most of Shiro, you'll always want to make sure you're working with the currently 
     2 //executing user, referred to as the subject 
     3 Subject currentUser = SecurityUtils.getSubject();
     4 
     5 //Authenticate the subject by passing 
     6 //the user name and password token 
     7 //into the login method 
     8 currentUser.login(token);
     9 
    10 //Your Code Here
    11 currentUser.logout(); //removes all identifying information and invalidates their session too.
    View Code

    rich exception hierarchy

    丰富的异常层级(机制)

     1 try {
     2     currentUser.login(token);
     3 } catch  ( UnknownAccountException uae ) { ...
     4 } catch  ( IncorrectCredentialsException ice ) { ...
     5 } catch  ( LockedAccountException lae ) { ...
     6 } catch  ( ExcessiveAttemptsException eae ) { ...
     7 } ...  your own ...
     8 } catch ( AuthenticationException ae ) {
     9     //unexpected error?
    10 }
    11 //No problems, show authenticated view…
    View Code

    词汇部分

    译:

    Again really, really easy   非常非常简单/容易

    retain         保留

    authentication attempt     验证尝试.n

    hierarchy        等级制度、层次、层级、阶层、层次结构    

    integration         整合;集成

    音:

    --------蓝天上的云_转载请注明出处.
  • 相关阅读:
    TP3.2框架,实现空模块、空控制器、空操作的页面404替换||同步实现apache报错404页面替换
    调用支付宝PHP接口API实现在线即时支付功能(UTF-8编码)
    JQuery实现的 checkbox 全选;<select>下拉框功能
    使用PHP做移动端 api接口开发方法(适用于TP框架)
    Eclipse jvm启动参数在哪设置
    对 META标签 的一点点了解
    Java反射在整个程序运行中的位置
    Java 为什么要使用反射(通俗易懂的举例)
    粗略介绍Java AQS的实现原理
    Java并发包中线程池的种类和特点介绍
  • 原文地址:https://www.cnblogs.com/yucloud/p/11510690.html
Copyright © 2011-2022 走看看