zoukankan      html  css  js  c++  java
  • [E] Shiro 官方文档阅读笔记 The Reading Notes of Shiro's Offical Docs

    官方文档:

    https://shiro.apache.org/reference.html

    https://shiro.apache.org/java-authentication-guide.html

    Terminology you’ll need

    • Subject - Security specific user ‘view’ of an application user. It can be a human being, a third-party process, a server connecting to you application, or even a cron job. Basically, it is anything or anyone communicating with your application.

    • Principals - A subjects identifying attributes. First name, last name, social security number, username

    • Credentials - secret data that are used to verify identities. Passwords, Biometric data, x509 certificates,

    • Realms - Security specific DAO, data access object, software component that talks to a backend data source. If you have usernames and password in LDAP, then you would have an LDAP Realm that would communicate with LDAP. The idea is that you would use a realm per back-end data source and Shiro would know how to coordinate with these realms together to do what you have to do.

    First, we need to acquire the currently executing user, referred to as the subject.

      A subject is just a security specific view of the user—-it can be a human, a process, cron job, doesn’t matter.

     

    About "READMEMBER ME"

    In Shiro, the Subject object supports two methods : isRemembered() and isAuthenticated().

    A “remembered” subject has an identity (it is not anonymous) and their identifying attributes,referred to as principals, are remembered from a successful authentication during a previous session.

    An authenticated subject has proved their identity during their current session.

      If a subject is remembered, it DOES NOT mean they are authenticated.  

    Login/Logout

     1 //With most of Shiro, you'll always want to make sure you're working with the currently 
     2 //executing user, referred to as the subject 
     3 Subject currentUser = SecurityUtils.getSubject();
     4 
     5 //Authenticate the subject by passing 
     6 //the user name and password token 
     7 //into the login method 
     8 currentUser.login(token);
     9 
    10 //Your Code Here
    11 currentUser.logout(); //removes all identifying information and invalidates their session too.
    View Code

    rich exception hierarchy

    丰富的异常层级(机制)

     1 try {
     2     currentUser.login(token);
     3 } catch  ( UnknownAccountException uae ) { ...
     4 } catch  ( IncorrectCredentialsException ice ) { ...
     5 } catch  ( LockedAccountException lae ) { ...
     6 } catch  ( ExcessiveAttemptsException eae ) { ...
     7 } ...  your own ...
     8 } catch ( AuthenticationException ae ) {
     9     //unexpected error?
    10 }
    11 //No problems, show authenticated view…
    View Code

    词汇部分

    译:

    Again really, really easy   非常非常简单/容易

    retain         保留

    authentication attempt     验证尝试.n

    hierarchy        等级制度、层次、层级、阶层、层次结构    

    integration         整合;集成

    音:

    --------蓝天上的云_转载请注明出处.
  • 相关阅读:
    JS基础三
    淘宝 NPM 镜像使用
    zepto的tap事件的点透问题的几种解决方案
    Web 通信 之 长连接、长轮询(long polling)(转载)
    命令模式坚决svn树冲突(local unversioned, incoming add upon update)
    svn st 状态详解
    Atom与markdown
    chrome调试创建sq设备进行调试
    webpack 使用教程--实时刷新测试
    前端资源
  • 原文地址:https://www.cnblogs.com/yucloud/p/11510690.html
Copyright © 2011-2022 走看看