Apache Shiro is an open source software under ASF (Shiro is pronounced as "shee-roh", which means "Castle" in Japanese), providing a powerful and flexible Security framework. Securing any application—from command-line applications and mobile applications to large-scale web and enterprise applications.
(Recommended tutorial: apache)
Apache Shiro provides authentication, authorization, encryption and session management functions, hiding complex issues and providing a clear and intuitive API Make it easy for developers to develop their own program security code. And to achieve this goal, there is no need to rely on third-party frameworks, containers or services. Of course, it can also be integrated with these environments, making it usable in any environment.
Shiro focuses on what the Shiro development team calls the "four security cornerstones" - Authentication, Authorization, Session Management and Cryptography:
Authentication: User identification. Sometimes seen as "login", it is an action for users to prove who they are.
Authorization: The access control process, such as determining "who" can access "what".
Session Management (Session Management): Manage user sessions (sessions) ), even in environments without WEB or EJB containers. Manage users' time-related status.
Encryption (Cryptography): Use encryption algorithms to protect data more securely and prevent data from being peeped.
In addition, there are some additional functions to support and enhance, such as:
Web support: Web program security can be easily implemented using Shiro's web support API;
Caching: Caching is a first-class citizen in Apache Shiro's API, ensuring that security authentication actions are fast and efficient.
Concurrency: Apache Shiro supports multi-threading;
Testing: supports testing to help you develop unit and comprehensive test programs to ensure that your code performs as you expect safety certificate.
"Run As": Allows users to use other user identities (if allowed), which is very useful in performing certain administrative tasks.
"Remember Me": Remember the user's identity throughout the session. The user only needs to log in when the program forces a login.
The above is the detailed content of Introduction to Apache Shiro. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
