Polygene™
Introduction
Tutorials
Javadoc
Samples
Core
Libraries
Extensions
Tools
Glossary 

Shiro Web Security

code

docs

tests

This library provides integration with the Apache Shiro Java Security Framework.

Note

This library only contains web related information. Most of the documentation can be found in the Shiro Security Library that this very library leverages.

“Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.” says the Apache Shiro website.

We invite you to read the comprehensive Apache Shiro documentation, we will mostly discuss Polygene™ related matters here.

Table 40. Artifact

Group IDArtifact IDVersion

org.apache.polygene.libraries

org.apache.polygene.library.shiro-web

3.0.0-SNAPSHOT


Servlet Context

In a servlet context, being through the Servlet Library, the HTTP Library or your custom Polygene™ application bootstrap, plain Shiro is usable. A WebEnvironment must be globally available and ShiroFilter must be registered.

If you use a custom Polygene™ application boostrap or the Servlet Library you can directly use Shiro’s provided EnvironmentLoaderListener and ShiroFilter.

If you use the HTTP Library you can either directly use Shiro classes or use the assembly API as follows:

new JettyServiceAssembler().withConfig( configModule, Visibility.layer ).assemble( module );
  [...snip...]

new HttpShiroAssembler()
    .withConfig( configModule, Visibility.layer )
    .assemble( module );