code
docs
tests
This library provides integration with the Apache Shiro Java Security Framework.
This library only contains web related information. Most of the documentation can be found in the Shiro Security Library that this very library leverages.
“Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.” says the Apache Shiro website.
We invite you to read the comprehensive Apache Shiro documentation, we will mostly discuss Zest™ related matters here.
In a servlet context, being through the Servlet Library, the HTTP Library or your custom Zest™ application bootstrap, plain Shiro is usable. A WebEnvironment must be globally available and ShiroFilter must be registered.
If you use a custom Zest™ application boostrap or the Servlet Library you can directly use Shiro’s provided EnvironmentLoaderListener and ShiroFilter.
If you use the HTTP Library you can either directly use Shiro classes or use the assembly API as follows:
new JettyServiceAssembler().withConfig( configModule, Visibility.layer ).assemble( module ); [...snip...] new HttpShiroAssembler(). withConfig( configModule, Visibility.layer ). assemble( module );