Stay up to date with the latest news on the Apache Shiro Security Framework
Release binaries (.jars) are also available through Maven Central and source bundles through Apache distribution mirrors. For more information on Shiro, please read the documentation. Enjoy! The Apache Shiro TeamThe Shiro team is pleased to announce the release of Apache Shiro version 1.2.6. This is a bug fix release for 1.2.x.
This release includes 2 bug fixes since the 1.2.5 release and is available for Download now.
Release binaries (.jars) are also available through Maven Central and source bundles through Apache distribution mirrors.
For more information on Shiro, please read the documentation.
Enjoy!
The Apache Shiro Team
The Shiro team is pleased to announce the release of Apache Shiro version 1.2.5. This is a bug fix release for 1.2.x.
This release includes 7 bug fixes since the 1.2.4 release and is available for Download now.
Release binaries (.jars) are also available through Maven Central and source bundles through Apache distribution mirrors.
For more information on Shiro, please read the documentation.
Enjoy!
The Apache Shiro Team
The Shiro team is pleased to announce the release of Apache Shiro version 1.2.4. This is a bug fix release for 1.2.x.
This release includes 5 bug fixes since the 1.2.3 release and is available for Download now.
Release binaries (.jars) are also available through Maven Central and source bundles through Apache distribution mirrors.
For more information on Shiro, please read the documentation.
Enjoy!
The Apache Shiro Team
Dear Apache Shiro Community,
The Shiro team is pleased to announce the release of Apache Shiro version 1.2.2. This is the second bug fix point release after 1.2.0.
This release includes 18 bug fixes since the 1.2.1 release and is available for Download now.
All binaries (.jars) are available in Maven Central already. Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.
For more information on Shiro 1.2, please read the "What's new in Apache Shiro 1.2?" article or the previous 1.2 release announcement.
Enjoy!
The Apache Shiro Team
Dear Apache Shiro Community,
The Shiro team is pleased to announce the release of Apache Shiro version 1.2.1. This is the first bug fix point release after 1.2.0.
This release includes 11 bug fixes since the 1.2.0 release and is available for Download now.
All binaries (.jars) are available in Maven Central already. Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.
For more information on Shiro 1.2, please read the "What's new in Apache Shiro 1.2?" article or the previous 1.2 release announcement.
Enjoy!
The Apache Shiro Team
Here's an article covering some of the main features and enhancements in Apache Shiro 1.2:
http://www.stormpath.com/blog/2012/03/12/whats-new-in-apache-shiro-12.html
Dear Apache Shiro Community,
The Shiro team is pleased to announce the release of Apache Shiro version 1.2.0!
This release includes a number of bug fixes and new features since the 1.1.0 release. The 1.2.0 release is available from the Download page.
All binaries (.jars) are available in Maven Central already. Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.
More complete PasswordService and related config documentation will be added to the Shiro website in the next few days - it was better to release now for the many who are waiting on the release, and follow up with this part of the documentation shortly.
And even more new features! See the 'Resolved Issues' below for a complete list.
There are only a few small cases where breakage could occur - please view the release notes to ensure you mitigate any potential breaking change - particularly if you are using the SecureRandomNumberGenerator
or Shiro's Block Cipher Services (AES, Blowfish):
https://raw.githubusercontent.com/apache/shiro/shiro-root-1.2.0/RELEASE-NOTES
Jira resolved issue report:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&version=12315478
Enjoy!
The Apache Shiro Team
Matt Raible has posted a really nice blog article and video demonstrating a login use case with Apache Shiro. Check out the Java Web Application Security - Part III: Apache Shiro Login Demo blog post and the video:
Hi Shiro community,
The following article helps explain the differences in role-based vs resource-based access control and why Shiro's permission construct (which is based on resources) can be much better for an application:
In our effort to improve the documentation you need to get started with Shiro, we've written a quick Java Authorization Guide for your review. Check out and tell us what you think. And if you haven't already, check out our previous post, the Java Authentication Guide.
Secure your Grails application quickly and easily using the Apache Shiro security framework. Although easy to get started with, this framework gives you a great deal of flexibility and will support your application as it grows.
Mule now has integration with Apache Shiro. Thanks to Dan Diephouse at MuleSoft for the great blog post.
Check out the video from the San Francisco Java User Group presentation on Apache Shiro.
Courtesy of Aleksandar and Max at the SF JUG
Dear Apache Shiro Community,
We are proud and excited to offer Apache Shiro's first release as an Apache Top Level Project, Apache Shiro version 1.1.0.
This release includes a number of bug fixes, new features and one important security vulnerability fix - it is recommended that users upgrade to 1.1.0 as soon as possible.
Version 1.1.0 is available immediately for download here accompanied by associated documentation and Release Notes.
All binaries are available in Maven Central already. Please note that most of the Apache mirrors have been updated to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.
Enjoy!
On Wednesday, September 22nd 2010, the Apache Software Foundation Board voted unanimously to accept Apache Shiro's graduation out of the Incubator and to become a Apache Top Level Project.
Many thanks to the entire community for the continued growth and support, and especially to our Mentors, for helping us navigate the project through the incubation process. Everything is much appreciated and it has been well worth it.
Next steps: It will take us a bit of time to migrate our infrastructure to non-Incubator resources (shiro.apache.org subdomain, Subversion move, etc), so please stay tuned. Hopefully that can be done in the next two weeks. Shortly thereafter, we hope to release Shiro 1.1.
Thanks again to all, and please keep contributing to the project and the mailing lists to continually better the project for everyone!
Best regards,
Les
On 12 October 2010 at 6:30 pm PDT, Les Hazlewood will present Super Simple Application Security with Apache Shiro to the San Francisco Java User Group. Please RSVP if you wish to attend - seats are limited!
Nathan Good wrote an article introducing some of Apache Shiro's capabilities. Thanks Nathan!
Tonight, 1 June 2010, Les Hazlewood will present Apache Shiro to the SDForum Java SIG in Palo Alto, California. Please come if you can!