shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lhazlew...@apache.org
Subject svn commit: r1481417 [1/13] - in /shiro/site: ./ 2010/ 2011/ 2012/ assets/ templates/ trunk/ trunk/2010/ trunk/2010/03/ trunk/2010/03/18/ trunk/2010/06/ trunk/2010/06/01/ trunk/2010/09/ trunk/2010/09/14/ trunk/2010/09/20/ trunk/2010/09/24/ trunk/2010/1...
Date Sat, 11 May 2013 21:10:45 GMT
Author: lhazlewood
Date: Sat May 11 21:10:40 2013
New Revision: 1481417

URL: http://svn.apache.org/r1481417
Log:
Moving site dir into trunk/branches/tags/publish structure

Added:
    shiro/site/trunk/
    shiro/site/trunk/10-minute-tutorial.html
    shiro/site/trunk/2010/
    shiro/site/trunk/2010/03/
    shiro/site/trunk/2010/03/18/
    shiro/site/trunk/2010/03/18/great-source-comments.html
    shiro/site/trunk/2010/06/
    shiro/site/trunk/2010/06/01/
    shiro/site/trunk/2010/06/01/apache-shiro-100-incubating-released.html
    shiro/site/trunk/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
    shiro/site/trunk/2010/09/
    shiro/site/trunk/2010/09/14/
    shiro/site/trunk/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
    shiro/site/trunk/2010/09/20/
    shiro/site/trunk/2010/09/20/san-francisco-jug-presentation.html
    shiro/site/trunk/2010/09/24/
    shiro/site/trunk/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
    shiro/site/trunk/2010/11/
    shiro/site/trunk/2010/11/03/
    shiro/site/trunk/2010/11/03/apache-shiro-110-released.html
    shiro/site/trunk/2011/
    shiro/site/trunk/2011/01/
    shiro/site/trunk/2011/01/06/
    shiro/site/trunk/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
    shiro/site/trunk/2011/01/13/
    shiro/site/trunk/2011/01/13/apache-shiro-support-for-mule.html
    shiro/site/trunk/2011/02/
    shiro/site/trunk/2011/02/10/
    shiro/site/trunk/2011/02/10/apache-shiro-integration-for-grails-113-released.html
    shiro/site/trunk/2011/02/28/
    shiro/site/trunk/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
    shiro/site/trunk/2011/03/
    shiro/site/trunk/2011/03/14/
    shiro/site/trunk/2011/03/14/infoq-article-on-apache-shiro.html
    shiro/site/trunk/2011/05/
    shiro/site/trunk/2011/05/24/
    shiro/site/trunk/2011/05/24/the-new-rbac-resource-based-access-control.html
    shiro/site/trunk/2011/06/
    shiro/site/trunk/2011/06/30/
    shiro/site/trunk/2011/06/30/apache-shiro-login-demo.html
    shiro/site/trunk/2012/
    shiro/site/trunk/2012/01/
    shiro/site/trunk/2012/01/24/
    shiro/site/trunk/2012/01/24/apache-shiro-120-released.html
    shiro/site/trunk/2012/03/
    shiro/site/trunk/2012/03/13/
    shiro/site/trunk/2012/03/13/whats-new-in-apache-shiro-12.html
    shiro/site/trunk/2012/07/
    shiro/site/trunk/2012/07/29/
    shiro/site/trunk/2012/07/29/apache-shiro-121-released.html
    shiro/site/trunk/about.html
    shiro/site/trunk/adoption.html
    shiro/site/trunk/architecture.html
    shiro/site/trunk/articles.html
    shiro/site/trunk/assets/
    shiro/site/trunk/assets/css/
    shiro/site/trunk/assets/css/confluence.css
    shiro/site/trunk/assets/css/normalize.css
    shiro/site/trunk/assets/css/style.css
    shiro/site/trunk/assets/images/
    shiro/site/trunk/assets/images/Mule.JPG   (with props)
    shiro/site/trunk/assets/images/SHIRO.psd   (with props)
    shiro/site/trunk/assets/images/SecurityManagerMultiRealm.png   (with props)
    shiro/site/trunk/assets/images/ShiroArchitecture.last.png   (with props)
    shiro/site/trunk/assets/images/ShiroArchitecture.png   (with props)
    shiro/site/trunk/assets/images/ShiroAuthenticationSequence.png   (with props)
    shiro/site/trunk/assets/images/ShiroAuthorizationSequence.png   (with props)
    shiro/site/trunk/assets/images/ShiroBasicArchitecture.last.png   (with props)
    shiro/site/trunk/assets/images/ShiroBasicArchitecture.png   (with props)
    shiro/site/trunk/assets/images/ShiroFeatures.png   (with props)
    shiro/site/trunk/assets/images/ShiroFeatures_Authentication.png   (with props)
    shiro/site/trunk/assets/images/ShiroFeatures_Authorization.png   (with props)
    shiro/site/trunk/assets/images/ShiroIcon.psd   (with props)
    shiro/site/trunk/assets/images/ShiroLogo2.xcf   (with props)
    shiro/site/trunk/assets/images/adoption/
    shiro/site/trunk/assets/images/adoption/apache-camel-6.png   (with props)
    shiro/site/trunk/assets/images/adoption/apache-camel_107x50.png   (with props)
    shiro/site/trunk/assets/images/adoption/click.png   (with props)
    shiro/site/trunk/assets/images/adoption/click_142x43.png   (with props)
    shiro/site/trunk/assets/images/adoption/grails_152x40.png   (with props)
    shiro/site/trunk/assets/images/adoption/grails_163x43.png   (with props)
    shiro/site/trunk/assets/images/adoption/katasoft_logo_145x42.png   (with props)
    shiro/site/trunk/assets/images/adoption/servicemixlogo_160x40.png   (with props)
    shiro/site/trunk/assets/images/adoption/sonatype.gif   (with props)
    shiro/site/trunk/assets/images/adoption/sonatype_153x43.gif   (with props)
    shiro/site/trunk/assets/images/adoption/spring_103x60.png   (with props)
    shiro/site/trunk/assets/images/adoption/spring_112x65.png   (with props)
    shiro/site/trunk/assets/images/adoption/spring_258x151.png   (with props)
    shiro/site/trunk/assets/images/adoption/stripes_122x32.png   (with props)
    shiro/site/trunk/assets/images/adoption/stripes_141x37.png   (with props)
    shiro/site/trunk/assets/images/adoption/stripes_160x42.png   (with props)
    shiro/site/trunk/assets/images/adoption/tapestry.gif   (with props)
    shiro/site/trunk/assets/images/adoption/tapestry_136x50.gif   (with props)
    shiro/site/trunk/assets/images/adoption/tynamo.png   (with props)
    shiro/site/trunk/assets/images/adoption/tynamo_120x50.png   (with props)
    shiro/site/trunk/assets/images/adoption/vaadin.png   (with props)
    shiro/site/trunk/assets/images/adoption/vaadin_167x40.png   (with props)
    shiro/site/trunk/assets/images/adoption/wicket.png   (with props)
    shiro/site/trunk/assets/images/adoption/wicket_136x50.png   (with props)
    shiro/site/trunk/assets/images/adoption/zk_48x48.png   (with props)
    shiro/site/trunk/assets/images/apache-shiro-logo.png   (with props)
    shiro/site/trunk/assets/images/articles/
    shiro/site/trunk/assets/images/articles/Ki-DevNexus-2009.key.zip   (with props)
    shiro/site/trunk/assets/images/articles/Ki-DevNexus-2009.pdf   (with props)
    shiro/site/trunk/assets/images/articles/Ki-DevNexus-2009.ppt.zip   (with props)
    shiro/site/trunk/assets/images/authentication.png   (with props)
    shiro/site/trunk/assets/images/authorization.png   (with props)
    shiro/site/trunk/assets/images/back.jpg   (with props)
    shiro/site/trunk/assets/images/crypt.png   (with props)
    shiro/site/trunk/assets/images/download.png   (with props)
    shiro/site/trunk/assets/images/download_old.png   (with props)
    shiro/site/trunk/assets/images/favicon.ico   (with props)
    shiro/site/trunk/assets/images/favicon128.png   (with props)
    shiro/site/trunk/assets/images/favicon128whitebg.png   (with props)
    shiro/site/trunk/assets/images/favicon16.png   (with props)
    shiro/site/trunk/assets/images/favicon16whitebg.png   (with props)
    shiro/site/trunk/assets/images/favicon32.png   (with props)
    shiro/site/trunk/assets/images/favicon32whitebg.png   (with props)
    shiro/site/trunk/assets/images/favicon64.png   (with props)
    shiro/site/trunk/assets/images/favicon64whitebg.png   (with props)
    shiro/site/trunk/assets/images/faviconwhitebg.ico   (with props)
    shiro/site/trunk/assets/images/footer-shield.png   (with props)
    shiro/site/trunk/assets/images/integration.png   (with props)
    shiro/site/trunk/assets/images/join-email.png   (with props)
    shiro/site/trunk/assets/images/logos.png   (with props)
    shiro/site/trunk/assets/images/nav-buttons.png   (with props)
    shiro/site/trunk/assets/images/press_zklogo1.png   (with props)
    shiro/site/trunk/assets/images/session.png   (with props)
    shiro/site/trunk/assets/images/shiro_bullet_24x24.png   (with props)
    shiro/site/trunk/assets/images/shiro_logo_484x170.png   (with props)
    shiro/site/trunk/assets/images/topbar.jpg   (with props)
    shiro/site/trunk/assets/images/web-integration.png   (with props)
    shiro/site/trunk/assets/js/
    shiro/site/trunk/assets/js/jquery_googleanalytics/
    shiro/site/trunk/assets/js/jquery_googleanalytics/jquery.google-analytics.js
    shiro/site/trunk/authentication-features.html
    shiro/site/trunk/authentication-guide.html
    shiro/site/trunk/authentication.html
    shiro/site/trunk/authenticator.html
    shiro/site/trunk/authorization-features.html
    shiro/site/trunk/authorization.html
    shiro/site/trunk/authorizer.html
    shiro/site/trunk/banner.html
    shiro/site/trunk/cachemanager.html
    shiro/site/trunk/caching.html
    shiro/site/trunk/cas.html
    shiro/site/trunk/codec.html
    shiro/site/trunk/command-line-hasher.html
    shiro/site/trunk/commercial-support.html
    shiro/site/trunk/community.html
    shiro/site/trunk/concurrency.md
    shiro/site/trunk/conferences.md
    shiro/site/trunk/config.scms.groovy
    shiro/site/trunk/configuration.html
    shiro/site/trunk/confluence-auto-export.html
    shiro/site/trunk/contribute.html
    shiro/site/trunk/core.html
    shiro/site/trunk/cryptography-features.html
    shiro/site/trunk/cryptography.html
    shiro/site/trunk/deprecated-pages.html
    shiro/site/trunk/developer-resources.html
    shiro/site/trunk/developers.html
    shiro/site/trunk/documentation-help-block.html
    shiro/site/trunk/documentation.html
    shiro/site/trunk/download.html
    shiro/site/trunk/events.html
    shiro/site/trunk/features-overview.html
    shiro/site/trunk/features.html
    shiro/site/trunk/forums.html
    shiro/site/trunk/getting-started-block.html
    shiro/site/trunk/graduation-resolution.html
    shiro/site/trunk/guice.html
    shiro/site/trunk/guides.html
    shiro/site/trunk/how-to-contribute.html
    shiro/site/trunk/inclusionslibrary.html
    shiro/site/trunk/index.html
    shiro/site/trunk/integration.html
    shiro/site/trunk/introduction.html
    shiro/site/trunk/issues.html
    shiro/site/trunk/java-annotations-list.html
    shiro/site/trunk/java-annotations.html
    shiro/site/trunk/java-authentication-guide.html
    shiro/site/trunk/java-authorization-guide.html
    shiro/site/trunk/java-cryptography-guide.html
    shiro/site/trunk/jsp-tag-library.html
    shiro/site/trunk/license.html
    shiro/site/trunk/mailing-lists.html
    shiro/site/trunk/navigation.html
    shiro/site/trunk/news.html
    shiro/site/trunk/overview.html
    shiro/site/trunk/performing-a-release.html
    shiro/site/trunk/permissions.html
    shiro/site/trunk/powered-by-shiro.html
    shiro/site/trunk/privacy-policy.html
    shiro/site/trunk/quickstart.html
    shiro/site/trunk/realm.html
    shiro/site/trunk/reference.html
    shiro/site/trunk/securitymanager.html
    shiro/site/trunk/session-management-features.html
    shiro/site/trunk/session-management.html
    shiro/site/trunk/sessionmanager.html
    shiro/site/trunk/sharing-block-small.html
    shiro/site/trunk/sharing-block.html
    shiro/site/trunk/shiroConfluenceAutoExportTemplate.vhtml.txt
    shiro/site/trunk/site.html
    shiro/site/trunk/siteheader.html
    shiro/site/trunk/spring.html
    shiro/site/trunk/subject.html
    shiro/site/trunk/support.md
    shiro/site/trunk/tags.html
    shiro/site/trunk/team.html
    shiro/site/trunk/templates/
    shiro/site/trunk/templates/default.vtl
    shiro/site/trunk/terminology.html
    shiro/site/trunk/testing.html
    shiro/site/trunk/tools.html
    shiro/site/trunk/tutorial.html
    shiro/site/trunk/version-2-brainstorming.html
    shiro/site/trunk/web-features.html
    shiro/site/trunk/web.html
    shiro/site/trunk/what-is-shiro.html
    shiro/site/trunk/wiki-todos.html
Removed:
    shiro/site/10-minute-tutorial.html
    shiro/site/2010/
    shiro/site/2011/
    shiro/site/2012/
    shiro/site/about.html
    shiro/site/adoption.html
    shiro/site/architecture.html
    shiro/site/articles.html
    shiro/site/assets/
    shiro/site/authentication-features.html
    shiro/site/authentication-guide.html
    shiro/site/authentication.html
    shiro/site/authenticator.html
    shiro/site/authorization-features.html
    shiro/site/authorization.html
    shiro/site/authorizer.html
    shiro/site/banner.html
    shiro/site/cachemanager.html
    shiro/site/caching.html
    shiro/site/cas.html
    shiro/site/codec.html
    shiro/site/command-line-hasher.html
    shiro/site/commercial-support.html
    shiro/site/community.html
    shiro/site/concurrency.md
    shiro/site/conferences.md
    shiro/site/config.scms.groovy
    shiro/site/configuration.html
    shiro/site/confluence-auto-export.html
    shiro/site/contribute.html
    shiro/site/core.html
    shiro/site/cryptography-features.html
    shiro/site/cryptography.html
    shiro/site/deprecated-pages.html
    shiro/site/developer-resources.html
    shiro/site/developers.html
    shiro/site/documentation-help-block.html
    shiro/site/documentation.html
    shiro/site/download.html
    shiro/site/events.html
    shiro/site/features-overview.html
    shiro/site/features.html
    shiro/site/forums.html
    shiro/site/getting-started-block.html
    shiro/site/graduation-resolution.html
    shiro/site/guice.html
    shiro/site/guides.html
    shiro/site/how-to-contribute.html
    shiro/site/inclusionslibrary.html
    shiro/site/index.html
    shiro/site/integration.html
    shiro/site/introduction.html
    shiro/site/issues.html
    shiro/site/java-annotations-list.html
    shiro/site/java-annotations.html
    shiro/site/java-authentication-guide.html
    shiro/site/java-authorization-guide.html
    shiro/site/java-cryptography-guide.html
    shiro/site/jsp-tag-library.html
    shiro/site/license.html
    shiro/site/mailing-lists.html
    shiro/site/navigation.html
    shiro/site/news.html
    shiro/site/overview.html
    shiro/site/performing-a-release.html
    shiro/site/permissions.html
    shiro/site/powered-by-shiro.html
    shiro/site/privacy-policy.html
    shiro/site/quickstart.html
    shiro/site/realm.html
    shiro/site/reference.html
    shiro/site/securitymanager.html
    shiro/site/session-management-features.html
    shiro/site/session-management.html
    shiro/site/sessionmanager.html
    shiro/site/sharing-block-small.html
    shiro/site/sharing-block.html
    shiro/site/shiroConfluenceAutoExportTemplate.vhtml.txt
    shiro/site/site.html
    shiro/site/siteheader.html
    shiro/site/spring.html
    shiro/site/subject.html
    shiro/site/support.md
    shiro/site/tags.html
    shiro/site/team.html
    shiro/site/templates/
    shiro/site/terminology.html
    shiro/site/testing.html
    shiro/site/tools.html
    shiro/site/tutorial.html
    shiro/site/version-2-brainstorming.html
    shiro/site/web-features.html
    shiro/site/web.html
    shiro/site/what-is-shiro.html
    shiro/site/wiki-todos.html

Added: shiro/site/trunk/10-minute-tutorial.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/10-minute-tutorial.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/10-minute-tutorial.html (added)
+++ shiro/site/trunk/10-minute-tutorial.html Sat May 11 21:10:40 2013
@@ -0,0 +1,337 @@
+<h1><a name="10MinuteTutorial-10MinuteTutorialonApacheShiro"></a>10 Minute Tutorial on Apache Shiro</h1>
+
+<div class="addthis_toolbox addthis_default_style">
+    <a class="addthis_button_compact" href="http://www.addthis.com/bookmark.php?v=250&amp;pubid=ra-4d66ef016022c3bd">Share</a>
+    <span class="addthis_separator">|</span>
+    <a class="addthis_button_preferred_1"></a>
+    <a class="addthis_button_preferred_2"></a>
+    <a class="addthis_button_preferred_3"></a>
+    <a class="addthis_button_preferred_4"></a>
+</div>
+<script type="text/javascript">var addthis_config = {"data_track_clickback": true};</script>
+<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=ra-4d66ef016022c3bd"></script>
+
+
+<h2><a name="10MinuteTutorial-Introduction"></a>Introduction</h2>
+
+<p>Welcome to Apache Shiro's 10 Minute Tutoral! </p>
+
+<p>By going through this quick and simple tutorial you should fully understand how a developer uses Shiro in their
+    application. And you should be able to do it in under 10 minutes.</p>
+
+<h2><a name="10MinuteTutorial-Overview"></a>Overview</h2>
+
+<p>What is Apache Shiro?</p>
+
+<p>Apache Shiro is a powerful and easy to use Java security framework that offers developers an intuitive yet
+    comprehensive solution to authentication, authorization, cryptography, and session management.</p>
+
+<p>In practical terms, it achieves to manage all facets of your application's security, while keeping out of the way as
+    much as possible. It is built on sound interface-driven design and OO principles, enabling custom behavior wherever
+    you can imagine it. But with sensible defaults for everything, it is as "hands off" as application security can be.
+    At least that's what we strive for.</p>
+
+<p>What can Apache Shiro do?</p>
+
+<p>A lot <img align="middle" class="emoticon" src="https://cwiki.apache.org/confluence/images/icons/emoticons/smile.gif"
+              height="20" width="20" alt="" border="0">. But we don't want to bloat the QuickStart. Please check out our
+    <a href="features.html" title="Features">Features</a> page if you'd like to see what it can do for you. Also, if
+    you're curious on how we got started and why we exist, please see the <a href="what-is-shiro.html"
+                                                                             title="What is Shiro">Shiro History and
+        Mission</a> page.</p>
+
+<p>Ok. Now let's actually do something!</p>
+
+<div class="panelMacro">
+    <table class="infoMacro">
+        <colgroup span="1">
+            <col span="1" width="24">
+            <col span="1">
+        </colgroup>
+        <tr>
+            <td colspan="1" rowspan="1" valign="top"><img align="middle"
+                                                          src="https://cwiki.apache.org/confluence/images/icons/emoticons/information.gif"
+                                                          width="16" height="16" alt="" border="0"></td>
+            <td colspan="1" rowspan="1">Shiro can be run in any environment, from the simplest command line application
+                to the biggest enterprise web and clustered applications, but we'll use the simplest possible example in
+                a simple <tt>main</tt> method for this QuickStart so you can get a feel for the API.
+            </td>
+        </tr>
+    </table>
+</div>
+
+<h2><a name="10MinuteTutorial-Download"></a>Download</h2>
+
+<ol>
+    <li>Ensure you have JDK 1.5+ and Maven 2.2+ installed.</li>
+    <li>Download the lastest "Source Code Distribution" from the <a href="download.html" title="Download">Download</a>
+        page. In this example, we're using the 1.1.0 release distribution.
+    </li>
+    <li>Unzip the source package:
+        <div class="code panel" style="border-width: 1px;">
+            <div class="codeContent panelContent">
+<pre class="code-java">
+&gt; unzip shiro-root-1.2.0-source-release.zip
+</pre>
+            </div>
+        </div>
+    </li>
+    <li>Enter the quickstart directory:
+        <div class="code panel" style="border-width: 1px;">
+            <div class="codeContent panelContent">
+<pre class="code-java">
+&gt; cd shiro-root-1.2.0/samples/quickstart
+</pre>
+            </div>
+        </div>
+    </li>
+    <li>Run the QuickStart:
+        <div class="code panel" style="border-width: 1px;">
+            <div class="codeContent panelContent">
+<pre class="code-java">
+&gt; mvn compile exec:java
+</pre>
+            </div>
+        </div>
+        <p>This target will just print out some log messages to let you know what is going on and then exit. While
+            reading this quickstart, feel free to look at the code found under <tt>samples/quickstart/src/main/java/Quickstart.java</tt>.
+            Change that file and run the above <tt>mvn compile exec:java</tt> command as often as you like.</p></li>
+</ol>
+
+
+<h2><a name="10MinuteTutorial-Quickstart.java"></a>Quickstart.java</h2>
+
+<p>The <tt>Quickstart.java</tt> file referenced above contains all the code that will get you familiar with the API. Now
+    lets break it down in chunks here so you can easily understand what is going on.</p>
+
+<p>In almost all environments, you can obtain the currently executing user via the following call:</p>
+
+<p></p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+Subject currentUser = SecurityUtils.getSubject();
+</pre>
+    </div>
+</div>
+
+<p>Using <tt><a class="external-link"
+                href="static/current/apidocs/org/apache/shiro/SecurityUtils.html">SecurityUtils</a>.<a
+        class="external-link" href="static/current/apidocs/org/apache/shiro/SecurityUtils.html#getSubject()">getSubject()</a></tt>,
+    we can obtain the currently executing <tt><a class="external-link"
+                                                 href="static/current/apidocs/org/apache/shiro/subject/Subject.html">Subject</a></tt>.
+    A <em>Subject</em> is just a security-specific "view" of an application User. We actually wanted to call it 'User'
+    since that "just makes sense", but we decided against it: too many applications have existing APIs that already have
+    their own User classes/frameworks, and we didn't want to conflict with those. Also, in the security world, the term
+    <tt>Subject</tt> is actually the recognized nomenclature. Ok, moving on...</p>
+
+<p>The <tt>getSubject()</tt> call in a standalone application might return a <tt>Subject</tt> based on user data in an
+    application-specific location, and in a server environment (e.g. web app), it acquires the <tt>Subject</tt> based on
+    user data associated with current thread or incoming request.</p>
+
+<p>Now that you have a <tt>Subject</tt>, what can you do with it?</p>
+
+<p>If you want to make things available to the user during their current session with the application, you can get their
+    session:</p>
+
+<p></p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+Session session = currentUser.getSession();
+session.setAttribute( <span class="code-quote">"someKey"</span>, <span class="code-quote">"aValue"</span> );
+</pre>
+    </div>
+</div>
+
+<p>The <tt>Session</tt> is a Shiro-specific instance that provides most of what you're used to with regular HttpSessions
+    but with some extra goodies and one <b>big</b> difference: it does not require an HTTP environment!</p>
+
+<p>If deploying inside a web application, by default the <tt>Session</tt> will be <tt>HttpSession</tt> based. But, in a
+    non-web environment, like this simple Quickstart, Shiro will automatically use its Enterprise Session Management by
+    default. This means you get to use the same API in your applications, in any tier, regardless of deployment
+    environment. This opens a whole new world of applications since any application requiring sessions does not need to
+    be forced to use the <tt>HttpSession</tt> or EJB Stateful Session Beans. And, any client technology can now share
+    session data.</p>
+
+<p>So now you can acquire a <tt>Subject</tt> and their <tt>Session</tt>. What about the <em>really</em> useful stuff
+    like checking if they are allowed to do things, like checking against roles and permissions?</p>
+
+<p>Well, we can only do those checks for a known user. Our <tt>Subject</tt> instance above represents the current user,
+    but <em>who</em> is the current user? Well, they're anonymous - that is, until they log in at least once. So, let's
+    do that:</p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+<span class="code-keyword">if</span> ( !currentUser.isAuthenticated() ) {
+    <span class="code-comment">//collect user principals and credentials in a gui specific manner 
+</span>    <span class="code-comment">//such as username/password html form, X509 certificate, OpenID, etc.
+</span>    <span class="code-comment">//We'll use the username/password example here since it is the most common.
+</span>    <span class="code-comment">//(<span class="code-keyword">do</span> you know what movie <span
+        class="code-keyword">this</span> is from? ;)
+</span>    UsernamePasswordToken token = <span class="code-keyword">new</span> UsernamePasswordToken(<span
+        class="code-quote">"lonestarr"</span>, <span class="code-quote">"vespa"</span>);
+    <span class="code-comment">//<span class="code-keyword">this</span> is all you have to <span
+            class="code-keyword">do</span> to support 'remember me' (no config - built in!):
+</span>    token.setRememberMe(<span class="code-keyword">true</span>);
+    currentUser.login(token);
+}
+</pre>
+    </div>
+</div>
+
+<p>That's it! It couldn't be easier.</p>
+
+<p>But what if their login attempt fails? You can catch all sorts of specific exceptions that tell you exactly what
+    happened and allows you to handle and react accordingly:</p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+<span class="code-keyword">try</span> {
+    currentUser.login( token );
+    <span class="code-comment">//<span class="code-keyword">if</span> no exception, that's it, we're done!
+</span>} <span class="code-keyword">catch</span> ( UnknownAccountException uae ) {
+    <span class="code-comment">//username wasn't in the system, show them an error message?
+</span>} <span class="code-keyword">catch</span> ( IncorrectCredentialsException ice ) {
+    <span class="code-comment">//password didn't match, <span class="code-keyword">try</span> again?
+</span>} <span class="code-keyword">catch</span> ( LockedAccountException lae ) {
+    <span class="code-comment">//account <span class="code-keyword">for</span> that username is locked - can't login.  Show them a message?
+</span>} 
+    ... more types exceptions to check <span class="code-keyword">if</span> you want ...
+} <span class="code-keyword">catch</span> ( AuthenticationException ae ) {
+    <span class="code-comment">//unexpected condition - error?
+</span>}
+</pre>
+    </div>
+</div>
+
+<p>There are many different types of exceptions you can check, or throw your own for custom conditions Shiro might not
+    account for. See the <a class="external-link"
+                            href="static/current/apidocs/org/apache/shiro/authc/AuthenticationException.html">AuthenticationException
+        JavaDoc</a> for more. </p>
+
+<div class="panelMacro">
+    <table class="tipMacro">
+        <colgroup span="1">
+            <col span="1" width="24">
+            <col span="1">
+        </colgroup>
+        <tr>
+            <td colspan="1" rowspan="1" valign="top"><img align="middle"
+                                                          src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif"
+                                                          width="16" height="16" alt="" border="0"></td>
+            <td colspan="1" rowspan="1"><b>Handy Hint</b><br clear="none">Security best practice is to give generic
+                login failure messages to users because you do not want to aid an attacker trying to break into your
+                system.
+            </td>
+        </tr>
+    </table>
+</div>
+
+<p>Ok, so by now, we have a logged in user. What else can we do?</p>
+
+<p>Let's say who they are:</p>
+
+<p></p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+<span class="code-comment">//print their identifying principal (in <span class="code-keyword">this</span> <span
+        class="code-keyword">case</span>, a username):
+</span>log.info( <span class="code-quote">"User ["</span> + currentUser.getPrincipal() + <span class="code-quote">"] logged in successfully."</span> );
+</pre>
+    </div>
+</div>
+
+<p>We can also test to see if they have specific role or not:</p>
+
+<p></p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+<span class="code-keyword">if</span> ( currentUser.hasRole( <span class="code-quote">"schwartz"</span> ) ) {
+    log.info(<span class="code-quote">"May the Schwartz be with you!"</span> );
+} <span class="code-keyword">else</span> {
+    log.info( <span class="code-quote">"Hello, mere mortal."</span> );
+}
+</pre>
+    </div>
+</div>
+
+<p>We can also see if they have a permission to act on a certain type of entity:</p>
+
+<p></p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+<span class="code-keyword">if</span> ( currentUser.isPermitted( <span class="code-quote">"lightsaber:weild"</span> ) ) {
+    log.info(<span class="code-quote">"You may use a lightsaber ring.  Use it wisely."</span>);
+} <span class="code-keyword">else</span> {
+    log.info(<span class="code-quote">"Sorry, lightsaber rings are <span class="code-keyword">for</span> schwartz masters only."</span>);
+}
+</pre>
+    </div>
+</div>
+
+<p>Also, we can perform an extremely powerful <em>instance-level</em> permission check - the ability to see if the user
+    has the ability to access a specific instance of a type:</p>
+
+<p></p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+<span class="code-keyword">if</span> ( currentUser.isPermitted( <span class="code-quote">"winnebago:drive:eagle5"</span> ) ) {
+    log.info(<span
+        class="code-quote">"You are permitted to 'drive' the 'winnebago' with license plate (id) 'eagle5'.  "</span> +
+                <span class="code-quote">"Here are the keys - have fun!"</span>);
+} <span class="code-keyword">else</span> {
+    log.info(<span class="code-quote">"Sorry, you aren't allowed to drive the 'eagle5' winnebago!"</span>);
+}
+</pre>
+    </div>
+</div>
+
+<p>Piece of cake, right?</p>
+
+<p>Finally, when the user is done using the application, they can log out:</p>
+
+<p></p>
+
+<div class="code panel" style="border-width: 1px;">
+    <div class="codeContent panelContent">
+<pre class="code-java">
+currentUser.logout(); <span class="code-comment">//removes all identifying information and invalidates their session too.</span>
+</pre>
+    </div>
+</div>
+
+<p>Well, that's the core to using Apache Shiro at the application-developer level. And although there is some pretty
+    sophisticated stuff going on under the hood to make this work so elegantly, that's really all there is to it.</p>
+
+<p>But you might ask yourself, "But who is responsible for getting the user data during a login (usernames and
+    passwords, role and permissions, etc), and who actually performs those security checks during runtime?" Well, you
+    do, by implementing what Shiro calls a <a href="realm.html" title="Realm">Realm</a> and plugging that <tt>Realm</tt>
+    into Shiro's configuration. </p>
+
+<p>However, how you configure a <a href="realm.html" title="Realm">Realm</a> is largely dependent upon your runtime
+    environment. For example, if you run a standalone application, or if you have a web based application, or a Spring
+    or JEE container-based application, or combination thereof. That type of configuration is outside the scope of this
+    QuickStart, since its aim is to get you comfortable with the API and Shiro's concepts.</p>
+
+<p>When you're ready to jump in with a little more detail, you'll definitely want to read the <a
+        href="java-authentication-guide.html" title="Java Authentication Guide">Authentication Guide</a> and <a
+        href="java-authorization-guide.html" title="Java Authorization Guide">Authorization Guide</a>. Then can move
+    onto other <a href="documentation.html" title="Documentation">Documentation</a>, in particularly the <a
+            href="reference.html" title="Reference">Reference Manual</a>, to answer any other questions. You'll also
+    probably want to join the user <a href="mailing-lists.html" title="Mailing Lists">mailing list</a> - you'll find
+    that we have a great community with people willing to help whenever possible.</p>
+
+<p>Thanks for following along. We hope you enjoy using Apache Shiro!</p>
\ No newline at end of file

Added: shiro/site/trunk/2010/03/18/great-source-comments.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2010/03/18/great-source-comments.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2010/03/18/great-source-comments.html (added)
+++ shiro/site/trunk/2010/03/18/great-source-comments.html Sat May 11 21:10:40 2013
@@ -0,0 +1 @@
+<p>Apache Shiro is among the <a class="external-link" href="http://www.ohloh.net/p/shiro/factoids/2699226" rel="nofollow">best-commented</a> (top 10%) of all projects tracked by Ohloh!</p>
\ No newline at end of file

Added: shiro/site/trunk/2010/06/01/apache-shiro-100-incubating-released.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2010/06/01/apache-shiro-100-incubating-released.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2010/06/01/apache-shiro-100-incubating-released.html (added)
+++ shiro/site/trunk/2010/06/01/apache-shiro-100-incubating-released.html Sat May 11 21:10:40 2013
@@ -0,0 +1,24 @@
+<h1><a name="ApacheShiro1.0.0-incubatingReleased%21-ApacheShiro1.0.0incubatingReleased%21"></a>Apache Shiro 1.0.0-incubating Released!</h1>
+
+<div class="addthis_toolbox addthis_default_style">
+<a class="addthis_button_compact" href="http://www.addthis.com/bookmark.php?v=250&amp;pubid=ra-4d66ef016022c3bd">Share</a>
+<span class="addthis_separator">|</span>
+<a class="addthis_button_preferred_1"></a>
+<a class="addthis_button_preferred_2"></a>
+<a class="addthis_button_preferred_3"></a>
+<a class="addthis_button_preferred_4"></a>
+</div>
+<script type="text/javascript">var addthis_config = {"data_track_clickback":true};</script>
+<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=ra-4d66ef016022c3bd"></script>
+
+<p>Dear Apache Shiro Community,</p>
+
+<p>We are proud and excited to offer Apache Shiro's first stable release as an Apache Incubator podling!</p>
+
+<p>Version 1.0.0-incubating is available immediately for download <a href="../../../download.html" title="Download">here</a> accompanied by <a href="../../../documentation.html" title="Documentation">associated documentation</a> and <a class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&amp;styleName=Html&amp;version=12314078">Release Notes</a>.</p>
+
+<p>Thank you so much to the Apache community and the Apache Incubator for helping us move toward our first release.  A very special thanks goes to our user community and early adopters for helping us refine our first stable release.</p>
+
+<p>Best Regards,</p>
+
+<p>Les Hazlewood</p>
\ No newline at end of file

Added: shiro/site/trunk/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html (added)
+++ shiro/site/trunk/2010/06/01/sdforum-java-sig-apache-shiro-presentation.html Sat May 11 21:10:40 2013
@@ -0,0 +1 @@
+<p>Tonight, 1 June 2010, Les Hazlewood <a class="external-link" href="http://www.sdforum.org/index.cfm?fuseaction=Calendar.eventDetail&amp;eventID=13671&amp;pageId=471" rel="nofollow">will present</a> Apache Shiro to the SDForum Java SIG in Palo Alto, California.  Please come if you can!</p>
\ No newline at end of file

Added: shiro/site/trunk/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html (added)
+++ shiro/site/trunk/2010/09/14/ibm-developerworks-introduction-to-apache-shiro.html Sat May 11 21:10:40 2013
@@ -0,0 +1 @@
+<p>Nathan Good wrote <a class="external-link" href="http://www.ibm.com/developerworks/web/library/wa-apacheshiro/" rel="nofollow">an article</a> introducing some of Apache Shiro's capabilities.  Thanks Nathan!</p>
\ No newline at end of file

Added: shiro/site/trunk/2010/09/20/san-francisco-jug-presentation.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2010/09/20/san-francisco-jug-presentation.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2010/09/20/san-francisco-jug-presentation.html (added)
+++ shiro/site/trunk/2010/09/20/san-francisco-jug-presentation.html Sat May 11 21:10:40 2013
@@ -0,0 +1 @@
+<p>On 12 October 2010 at 6:30 pm PDT, Les Hazlewood will present <a class="external-link" href="http://www.sfjava.org/calendar/13539905/" rel="nofollow">Super Simple Application Security with Apache Shiro</a> to the San Francisco Java User Group.  Please RSVP if you wish to attend - seats are limited!</p>
\ No newline at end of file

Added: shiro/site/trunk/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html (added)
+++ shiro/site/trunk/2010/09/24/apache-shiro-becomes-an-apache-top-level-project.html Sat May 11 21:10:40 2013
@@ -0,0 +1,11 @@
+<p>On Wednesday, September 22nd 2010, the Apache Software Foundation Board voted unanimously to accept Apache Shiro's graduation out of the Incubator and to become a Apache Top Level Project.</p>
+
+<p>Many thanks to the entire community for the continued growth and support, and especially to our Mentors, for helping us navigate the project through the incubation process.  Everything is much appreciated and it has been well worth it.</p>
+
+<p>Next steps:  It will take us a bit of time to migrate our infrastructure to non-Incubator resources (shiro.apache.org subdomain, Subversion move, etc), so please stay tuned.  Hopefully that can be done in the next two weeks.  Shortly thereafter, we hope to release Shiro 1.1.</p>
+
+<p>Thanks again to all, and please keep contributing to the project and the mailing lists to continually better the project for everyone!</p>
+
+<p>Best regards,</p>
+
+<p>Les</p>
\ No newline at end of file

Added: shiro/site/trunk/2010/11/03/apache-shiro-110-released.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2010/11/03/apache-shiro-110-released.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2010/11/03/apache-shiro-110-released.html (added)
+++ shiro/site/trunk/2010/11/03/apache-shiro-110-released.html Sat May 11 21:10:40 2013
@@ -0,0 +1,11 @@
+<p>Dear Apache Shiro Community,</p>
+
+<p>We are proud and excited to offer Apache Shiro's first release as an Apache Top Level Project, Apache Shiro version 1.1.0.</p>
+
+<p>This release includes a number of bug fixes, new features and one important security vulnerability fix - it is recommended that users upgrade to 1.1.0 as soon as possible.</p>
+
+<p>Version 1.1.0 is available immediately for download <a href="../../../download.html" title="Download">here</a> accompanied by <a href="../../../documentation.html" title="Documentation">associated documentation</a> and <a class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12314742&amp;styleName=Html&amp;projectId=12310950">Release Notes</a>.</p>
+
+<p>All binaries are available in Maven Central already.  Please note that most of the Apache mirrors have been updated to reflect the source distribution, but some mirrors may not be updated yet.  If a mirror download link does not work, please try another or wait another 12 to 24 hours.</p>
+
+<p>Enjoy!</p>
\ No newline at end of file

Added: shiro/site/trunk/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html (added)
+++ shiro/site/trunk/2011/01/06/apache-shiro-video-and-slide-from-sf-jug-presentation.html Sat May 11 21:10:40 2013
@@ -0,0 +1,13 @@
+<p>Check out the video from the San Francisco Java User Group presentation on Apache Shiro.</p>
+
+<h2><a name="ApacheShiroVideoandSlidefromSFJUGPresentation-Video"></a>Video</h2>
+
+<object width="640" height="385"><param valuetype="data" name="movie" value="http://www.youtube.com/v/5ZepGFzYHpE?fs=1&amp;hl=en_US"><param valuetype="data" name="allowFullScreen" value="true"><param valuetype="data" name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/5ZepGFzYHpE?fs=1&amp;hl=en_US" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed></object>
+
+
+<h2><a name="ApacheShiroVideoandSlidefromSFJUGPresentation-Slides"></a>Slides</h2>
+
+<object id="__sse5521015" width="425" height="355"><param valuetype="data" name="movie" value="http://static.slidesharecdn.com/swf/ssplayer2.swf?doc=apacheshiropresentation-20101013-101021174352-phpapp01&amp;stripped_title=simple-application&amp;userName=marakana"><param valuetype="data" name="allowFullScreen" value="true"><param valuetype="data" name="allowScriptAccess" value="always"><embed name="__sse5521015" src="http://static.slidesharecdn.com/swf/ssplayer2.swf?doc=apacheshiropresentation-20101013-101021174352-phpapp01&amp;stripped_title=simple-application&amp;userName=marakana" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="355"></embed></object>
+
+
+<p>Courtesy of Aleksandar and Max at the <a class="external-link" href="http://www.sfjava.org/" rel="nofollow">SF JUG</a></p>
\ No newline at end of file

Added: shiro/site/trunk/2011/01/13/apache-shiro-support-for-mule.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2011/01/13/apache-shiro-support-for-mule.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2011/01/13/apache-shiro-support-for-mule.html (added)
+++ shiro/site/trunk/2011/01/13/apache-shiro-support-for-mule.html Sat May 11 21:10:40 2013
@@ -0,0 +1,3 @@
+<p>Mule now has integration with Apache Shiro.  Thanks to Dan Diephouse at <a class="external-link" href="http://www.mulesoft.org" rel="nofollow">MuleSoft</a> for the great blog post.  </p>
+
+<p><a class="external-link" href="http://blogs.mulesoft.org/apache-shiro-support-for-mule/" rel="nofollow">http://blogs.mulesoft.org/apache-shiro-support-for-mule/</a></p>
\ No newline at end of file

Added: shiro/site/trunk/2011/02/10/apache-shiro-integration-for-grails-113-released.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2011/02/10/apache-shiro-integration-for-grails-113-released.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2011/02/10/apache-shiro-integration-for-grails-113-released.html (added)
+++ shiro/site/trunk/2011/02/10/apache-shiro-integration-for-grails-113-released.html Sat May 11 21:10:40 2013
@@ -0,0 +1,3 @@
+<p>Secure your Grails application quickly and easily using the Apache Shiro security framework. Although easy to get started with, this framework gives you a great deal of flexibility and will support your application as it grows.</p>
+
+<p><a class="external-link" href="http://grails.org/plugin/shiro" rel="nofollow">http://grails.org/plugin/shiro</a></p>
\ No newline at end of file

Added: shiro/site/trunk/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html (added)
+++ shiro/site/trunk/2011/02/28/java-authorization-guide-with-apache-shiro-posted.html Sat May 11 21:10:40 2013
@@ -0,0 +1 @@
+<p>In our effort to improve the documentation you need to get started with Shiro, we've written a quick <a href="../../../java-authorization-guide.html" title="Java Authorization Guide">Java Authorization Guide</a> for your review.  Check out and tell us what you think.  And if you haven't already, check out our previous post, the <a href="../../../java-authentication-guide.html" title="Java Authentication Guide">Java Authentication Guide</a>.</p>
\ No newline at end of file

Added: shiro/site/trunk/2011/03/14/infoq-article-on-apache-shiro.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2011/03/14/infoq-article-on-apache-shiro.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2011/03/14/infoq-article-on-apache-shiro.html (added)
+++ shiro/site/trunk/2011/03/14/infoq-article-on-apache-shiro.html Sat May 11 21:10:40 2013
@@ -0,0 +1 @@
+<p><a class="external-link" href="http://www.infoq.com/articles/apache-shiro" rel="nofollow">http://www.infoq.com/articles/apache-shiro</a></p>
\ No newline at end of file

Added: shiro/site/trunk/2011/05/24/the-new-rbac-resource-based-access-control.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2011/05/24/the-new-rbac-resource-based-access-control.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2011/05/24/the-new-rbac-resource-based-access-control.html (added)
+++ shiro/site/trunk/2011/05/24/the-new-rbac-resource-based-access-control.html Sat May 11 21:10:40 2013
@@ -0,0 +1,5 @@
+<p>Hi Shiro community,</p>
+
+<p>The following article helps explain the differences in role-based vs resource-based access control and why Shiro's permission construct (which is based on resources) can be much better for an application:</p>
+
+<p><a class="external-link" href="http://www.katasoft.com/blog/2011/05/09/new-rbac-resource-based-access-control" rel="nofollow">The New RBAC: Resource-Based Access Control</a></p>
\ No newline at end of file

Added: shiro/site/trunk/2011/06/30/apache-shiro-login-demo.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2011/06/30/apache-shiro-login-demo.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2011/06/30/apache-shiro-login-demo.html (added)
+++ shiro/site/trunk/2011/06/30/apache-shiro-login-demo.html Sat May 11 21:10:40 2013
@@ -0,0 +1,4 @@
+<p><a class="external-link" href="http://raibledesigns.com/" rel="nofollow">Matt Raible</a> has posted a really nice blog article and video demonstrating a login use case with Apache Shiro.  Check out the <a class="external-link" href="http://raibledesigns.com/rd/entry/java_web_application_security_part2" rel="nofollow">Java Web Application Security - Part III: Apache Shiro Login Demo</a> blog post and the video:</p>
+
+
+<object width="480" height="390"><param valuetype="data" name="movie" value="http://www.youtube.com/v/4LD4mF5ex2U?version=3&amp;hl=en_US&amp;rel=0"><param valuetype="data" name="allowFullScreen" value="true"><param valuetype="data" name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/4LD4mF5ex2U?version=3&amp;hl=en_US&amp;rel=0" type="application/x-shockwave-flash" width="480" height="390" allowscriptaccess="always" allowfullscreen="true"></embed></object>
\ No newline at end of file

Added: shiro/site/trunk/2012/01/24/apache-shiro-120-released.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2012/01/24/apache-shiro-120-released.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2012/01/24/apache-shiro-120-released.html (added)
+++ shiro/site/trunk/2012/01/24/apache-shiro-120-released.html Sat May 11 21:10:40 2013
@@ -0,0 +1,41 @@
+<p><font color="#222222">Dear Apache Shiro Community,</font></p>
+
+<p><font color="#222222">The Shiro team is pleased to announce the release of Apache Shiro version 1.2.0!</font></p>
+
+<p><font color="#222222">This release includes a number of bug fixes and new features since the&#160;</font><font color="#222222">1.1.0 release. &#160;The 1.2.0 release is available from</font> <font color="#222222"><a href="../../../download.html" title="Download">the Download page</a></font><font color="#222222">.</font></p>
+
+<p><font color="#222222">All binaries (.jars) are available in Maven Central already. &#160;Please&#160;</font><font color="#222222">note that the Apache mirrors are still updating to reflect the source&#160;</font><font color="#222222">distribution, but some mirrors may not be updated yet. &#160;If a mirror&#160;</font><font color="#222222">download link does not work, please try another or wait another 12 to&#160;</font><font color="#222222">24 hours.</font></p>
+
+<h3><a name="ApacheShiro1.2.0Released%21-NewFeatures"></a>New Features</h3>
+
+<ul><li>The ability to disable sessions per filter chain or entirely for an&#160;application.</li><li>Servlet Context Listener initialization in web apps (to allow&#160;components to utilize Shiro before Filter initialization)</li><li>A command line program to securely hash passwords (or any url, file&#160;or stream input for that matter).</li><li>New secure password hash formats that adhere to Modular Crypt Format&#160;conventions. &#160;These secure password hashes can be computed with the&#160;above named command line program and saved in text config (e.g.&#160;shiro.ini) directly. &#160;Plaintext passwords should never be stored. &#160;For&#160;those familiar with the Apache HTTPD passwd program, this achieves the&#160;same benefits.</li><li>A new LogoutFilter, as many apps don't need to show a view during&#160;logout (just logout and redirect to some known location).</li><li>Shiro filters can be enabled or disabled without removing them from&#160;the filter chain - usef
 ul in development (e.g. turn ssl requirement&#160;off in dev, but keep it on in production).</li><li><font color="#222222">A lot of work has gone into making secure password hash storage and&#160;</font><font color="#222222">comparison a much simpler task in Shiro, focused around the new&#160;</font><font color="#222222">concept of a PasswordService. &#160;You can use a PasswordService directly&#160;</font><font color="#222222">in your application code to hash passwords securely. &#160;You can then&#160;</font><font color="#222222">configure a PasswordMatcher on your Realm(s) to use the same&#160;</font><font color="#222222">PasswordService for password comparisons. &#160;See the PasswordService&#160;</font><font color="#222222">JavaDoc for example .ini configuration:</font>
+	<ul><li><font color="#222222">PasswordService:&#160;</font><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/credential/PasswordService.html">static/current/apidocs/org/apache/shiro/authc/credential/PasswordService.html</a></li><li><font color="#222222">PasswordMatcher:&#160;</font><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/credential/PasswordMatcher.html">static/current/apidocs/org/apache/shiro/authc/credential/PasswordMatcher.html</a></li></ul>
+	</li></ul>
+
+
+<p><font color="#222222">More complete PasswordService and related config documentation will be&#160;</font><font color="#222222">added to the Shiro website in the next few days - it was better to&#160;</font><font color="#222222">release now for the many who are waiting on the release, and follow up&#160;</font><font color="#222222">with this part of the documentation shortly.</font></p>
+<ul><li><font color="#222222">Three new 'support' modules:</font>
+	<ul><li><font color="#222222">Apache Karaf features (shiro-features-1.2.0.jar)</font></li><li><font color="#222222">Google Guice:&#160;</font><a class="external-link" href="guice.html">guice.html</a></li><li><font color="#222222">Jasig CAS:&#160;</font><a class="external-link" href="cas.html">cas.html</a></li></ul>
+	</li></ul>
+
+
+<p><font color="#222222">And even more new features! &#160;See the 'Resolved Issues' below for a&#160;</font><font color="#222222">complete list.</font></p>
+
+<h3><a name="ApacheShiro1.2.0Released%21-Backwardsincompatibleorpotentialbreakingchanges"></a>Backwards-incompatible or potential breaking changes</h3>
+
+<p><font color="#222222">There are only a few small cases where breakage could occur - please&#160;</font><font color="#222222">view the release notes to ensure you mitigate any potential breaking&#160;</font><font color="#222222">change - particularly if you are using the SecureRandomNumberGenerator</font><br clear="none">
+<font color="#222222">or Shiro's Block Cipher Services (AES, Blowfish):</font></p>
+
+<p><a class="external-link" href="https://svn.apache.org/repos/asf/shiro/tags/shiro-root-1.2.0/RELEASE-NOTES">https://svn.apache.org/repos/asf/shiro/tags/shiro-root-1.2.0/RELEASE-NOTES</a></p>
+
+<h3><a name="ApacheShiro1.2.0Released%21-ResolvedIssues"></a>Resolved Issues</h3>
+
+<p><font color="#222222">Jira resolved issue report:</font></p>
+
+<p><a class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&amp;version=12315478">https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&amp;version=12315478</a></p>
+
+<p><font color="#222222">Enjoy!</font></p>
+
+
+
+<p><font color="#222222">The Apache Shiro</font> Team</p>
\ No newline at end of file

Added: shiro/site/trunk/2012/03/13/whats-new-in-apache-shiro-12.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2012/03/13/whats-new-in-apache-shiro-12.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2012/03/13/whats-new-in-apache-shiro-12.html (added)
+++ shiro/site/trunk/2012/03/13/whats-new-in-apache-shiro-12.html Sat May 11 21:10:40 2013
@@ -0,0 +1,3 @@
+<p>Here's an article covering some of the main features and enhancements in Apache Shiro 1.2:</p>
+
+<p><a class="external-link" href="http://www.stormpath.com/blog/2012/03/12/whats-new-in-apache-shiro-12.html" rel="nofollow">http://www.stormpath.com/blog/2012/03/12/whats-new-in-apache-shiro-12.html</a></p>
\ No newline at end of file

Added: shiro/site/trunk/2012/07/29/apache-shiro-121-released.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/2012/07/29/apache-shiro-121-released.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/2012/07/29/apache-shiro-121-released.html (added)
+++ shiro/site/trunk/2012/07/29/apache-shiro-121-released.html Sat May 11 21:10:40 2013
@@ -0,0 +1,13 @@
+<p>Dear Apache Shiro Community,</p>
+
+<p>The Shiro team is pleased to announce the release of Apache Shiro version 1.2.1.  This is the first bug fix point release after 1.2.0.</p>
+
+<p>This release includes <a class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&amp;version=12319511">11 bug fixes</a> since the 1.2.0 release and is available for <a href="../../../download.html" title="Download">Download</a> now.</p>
+
+<p>All binaries (.jars) are available in Maven Central already.  Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet.  If a mirror download link does not work, please try another or wait another 12 to 24 hours.</p>
+
+<p>For more information on Shiro 1.2, please read the "<a class="external-link" href="http://www.stormpath.com/blog/whats-new-apache-shiro-12" rel="nofollow">What's new in Apache Shiro 1.2?</a>" article or the previous <a class="external-link" href="2012/01/24/apache-shiro-120-released.html">1.2 release announcement</a>.</p>
+
+<p>Enjoy!</p>
+
+<p>The Apache Shiro Team</p>
\ No newline at end of file

Added: shiro/site/trunk/about.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/about.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/about.html (added)
+++ shiro/site/trunk/about.html Sat May 11 21:10:40 2013
@@ -0,0 +1,38 @@
+<h1><a name="About-AboutApacheShiro"></a>About Apache Shiro</h1>
+
+<p>Apache Shiro is is a top level open source project under the <a class="external-link" href="http://www.apache.org">Apache
+    Software Foundation</a>. As a project, Shiro is an application security framework that provides application
+    developers very clean and simple ways of supporting four cornerstones of security in their applications:
+    authentication, authorization, enterprise session management and cryptography. </p>
+
+<p>If you'd like to learn more about Shiro please visit the links below</p>
+
+<ul class="alternate">
+    <li><b><a href="what-is-shiro.html" title="What is Shiro">What is Shiro</a></b> - A deeper look into the project,
+        its mission, and its history
+    </li>
+</ul>
+
+
+<ul class="alternate">
+    <li><b><a href="features.html" title="Features">Features</a></b> - Explore the major features of the project</li>
+</ul>
+
+
+<ul class="alternate">
+    <li><b><a href="news.html" title="News">News</a></b> - Stay up to date on the latest Apache Shiro news</li>
+</ul>
+
+
+<ul class="alternate">
+    <li><b><a href="events.html" title="Events">Events</a></b> - See what Apache Shiro events are coming that you should
+        consider attending
+    </li>
+</ul>
+
+
+<ul class="alternate">
+    <li><b><a href="license.html" title="License">License</a></b> - Review the license under which Shiro is released--
+        Apache Software License, Version 2.0
+    </li>
+</ul>

Added: shiro/site/trunk/adoption.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/adoption.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/adoption.html (added)
+++ shiro/site/trunk/adoption.html Sat May 11 21:10:40 2013
@@ -0,0 +1,5 @@
+<h1><a name="Adoption-ApacheShiroAdoption"></a>Apache Shiro Adoption</h1>
+
+<p>Are you using Shiro to build an application? List your name and company here and let the world know!</p>
+
+<p>The more people that adopt Shiro, the better it becomes, and the more you benefit from it. Help adoption by letting others know how you use it.</p>
\ No newline at end of file

Added: shiro/site/trunk/architecture.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/architecture.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/architecture.html (added)
+++ shiro/site/trunk/architecture.html Sat May 11 21:10:40 2013
@@ -0,0 +1,112 @@
+<h1><a name="Architecture-ApacheShiroArchitecture"></a>Apache Shiro Architecture</h1>
+
+<p>Apache Shiro's design goals are to simplify application security by being intuitive and easy to use.  Shiro's core design models how most people think about application security - in the context of someone (or something) interacting with an application.</p>
+
+<p>Software applications are usually designed based on user stories.  That is, you'll often design user interfaces or service APIs based on how a user would (or should) interact with the software.  For example, you might say, "If the user interacting with my application is logged in, I will show them a button they can click to view their account information.  If they are not logged in, I will show a sign-up button."  </p>
+
+<p>This example statement indicates that applications are largely written to satisfy user requirements and needs.  Even if the 'user' is another software system and not a human being, you still write code to reflect behavior based on who (or what) is currently interacting with your software.</p>
+
+<p>Shiro reflects these concepts in its own design. By matching what is already intuitive for software developers, Apache Shiro remains intuitive and easy to use in practically any application.</p>
+
+<h2><a name="Architecture-HighLevelOverview"></a>High-Level Overview</h2>
+
+<p>At the highest conceptual level, Shiro's architecture has 3 primary concepts: the <tt>Subject</tt>, <tt>SecurityManager</tt> and <tt>Realms</tt>.  The following diagram is a high-level overview of how these components interact, and we'll cover each concept below:</p>
+
+<p><br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+<span class="image-wrap" style="display: block; text-align: center"><img src="assets/images/ShiroBasicArchitecture.png" style="border: 0px solid black"></span>
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></p>
+
+<ul><li><b>Subject</b>: As we've mentioned in our <a href="tutorial.html" title="Tutorial">Tutorial</a>, the <tt>Subject</tt> is essentially a security specific 'view' of the the currently executing user.  Whereas the word 'User' often implies a human being, a <tt>Subject</tt> can be a person, but it could also represent a 3rd-party service, daemon account, cron job, or anything similar - basically anything that is currently interacting with the software.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+<tt>Subject</tt> instances are all bound to (and require) a <tt>SecurityManager</tt>.  When you interact with a <tt>Subject</tt>, those interactions translate to subject-specific interactions with the <tt>SecurityManager</tt>.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li><li><b>SecurityManager</b>: The <tt>SecurityManager</tt> is the heart of Shiro&#8217;s architecture and acts as a sort of 'umbrella&#8217; object that coordinates its internal security components that together form an object graph. However, once the SecurityManager and its internal object graph is configured for an application, it is usually left alone and application developers spend almost all of their time with the <tt>Subject</tt> API.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+We will talk about the <tt>SecurityManager</tt> in detail later on, but it is important to realize that when you interact with a <tt>Subject</tt>, it is really the <tt>SecurityManager</tt> behind the scenes that does all the heavy lifting for any <tt>Subject</tt> security operation.  This is reflected in the basic flow diagram above.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li><li><b>Realms</b>:  Realms act as the &#8216;bridge&#8217; or &#8216;connector&#8217; between Shiro and your application&#8217;s security data. When it comes time to actually interact with security-related data like user accounts to perform authentication (login) and authorization (access control), Shiro looks up many of these things from one or more Realms configured for an application.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+In this sense a Realm is essentially a security-specific <a class="external-link" href="http://en.wikipedia.org/wiki/Data_access_object" rel="nofollow">DAO</a>: it encapsulates connection details for data sources and makes the associated data available to Shiro as needed. When configuring Shiro, you must specify at least one Realm to use for authentication and/or authorization. The <tt>SecurityManager</tt> may be configured with multiple Realms, but at least one is required.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+Shiro provides out-of-the-box Realms to connect to a number of security data sources (aka directories) such as LDAP, relational databases (JDBC), text configuration sources like INI and properties files, and more. You can plug-in your own Realm implementations to represent custom data sources if the default Realms do not meet your needs.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+Like other internal components, the Shiro <tt>SecurityManager</tt> manages how Realms are used to acquire security and identity data to be represented as <tt>Subject</tt> instances.</li></ul>
+
+
+<h2><a name="Architecture-DetailedArchitecture"></a>Detailed Architecture</h2>
+
+<p>The following diagram shows Shiro's core architectural concepts followed by short summaries of each:</p>
+
+<p><span class="image-wrap" style="display: block; text-align: center"><img src="assets/images/ShiroArchitecture.png" style="border: 0px solid black"></span></p>
+
+<ul><li><b>Subject</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html">org.apache.shiro.subject.Subject</a></tt>)<br clear="none">
+A security-specific 'view' of the entity (user, 3rd-party service, cron job, etc) currently interacting with the software.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li><li><b>SecurityManager</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/mgt/SecurityManager.html">org.apache.shiro.mgt.SecurityManager</a></tt>)<br clear="none">
+As mentioned above, the <tt>SecurityManager</tt> is the heart of Shiro's architecture.  It is mostly an 'umbrella' object that coordinates its managed components to ensure they work smoothly together.  It also manages Shiro's view of every application user, so it knows how to perform security operations per user.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li><li><b>Authenticator</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/Authenticator.html">org.apache.shiro.authc.Authenticator</a></tt>)<br clear="none">
+The <tt>Authenticator</tt> is the component that is responsible for executing and reacting to authentication (log-in) attempts by users.  When a user tries to log-in, that logic is executed by the <tt>Authenticator</tt>.  The <tt>Authenticator</tt> knows how to coordinate with one or more <tt>Realms</tt> that store relevant user/account information.  The data obtained from these <tt>Realms</tt> is used to verify the user's identity to guarantee the user really is who they say they are.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+	<ul><li><b>Authentication Strategy</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/pam/AuthenticationStrategy.html">org.apache.shiro.authc.pam.AuthenticationStrategy</a></tt>)<br clear="none">
+If more than one <tt>Realm</tt> is configured, the <tt>AuthenticationStrategy</tt> will coordinate the Realms to determine the conditions under which an authentication attempt succeeds or fails (for example, if one realm succeeds but others fail, is the attempt successful? Must all realms succeed? Only the first?).
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li></ul>
+	</li><li><b>Authorizer</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/authz/Authorizer.html">org.apache.shiro.authz.Authorizer</a></tt>)<br clear="none">
+The <tt>Authorizer</tt> is the component responsible determining users' access control in the application.  It is the mechanism that ultimately says if a user is allowed to do something or not.  Like the <tt>Authenticator</tt>, the <tt>Authorizer</tt> also knows how to coordinate with multiple back-end data sources to access role and permission information.  The <tt>Authorizer</tt> uses this information to determine exactly if a user is allowed to perform a given action.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li><li><b>SessionManager</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/session/mgt/SessionManager.html">org.apache.shiro.session.mgt.SessionManager</a></tt>)<br clear="none">
+The <tt>SessionManager</tt> knows how to create and manage user <tt>Session</tt> lifecycles to provide a robust Session experience for users in all environments.  This is a unique feature in the world of security frameworks - Shiro has the ability to natively manage user Sessions in any environment, even if there is no Web/Servlet or EJB container available.  By default, Shiro will use an existing session mechanism if available, (e.g. Servlet Container), but if there isn't one, such as in a standalone application or non-web environment, it will use its built-in enterprise session management to offer the same programming experience.  The <tt>SessionDAO</tt> exists to allow any datasource to be used to persist sessions.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline">
+	<ul><li><b>SessionDAO</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/session/mgt/eis/SessionDAO.html">org.apache.shiro.session.mgt.eis.SessionDAO</a></tt>)<br clear="none">
+The <tt>SessionDAO</tt> performs <tt>Session</tt> persistence (CRUD) operations on behalf of the <tt>SessionManager</tt>.  This allows any data store to be plugged in to the Session Management infrastructure.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li></ul>
+	</li><li><b>CacheManager</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/cache/CacheManager.html">org.apache.shiro.cache.CacheManager</a></tt>)<br clear="none">
+The <tt>CacheManager</tt> creates and manages <tt>Cache</tt> instance lifecycles used by other Shiro components.  Because Shiro can access many back-end data sources for authentication, authorization and session management, caching has always been a first-class architectural feature in the framework to improve performance while using these data sources.  Any of the modern open-source and/or enterprise caching products can be plugged in to Shiro to provide a fast and efficient user-experience.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li><li><b>Cryptography</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/crypto/package-summary.html">org.apache.shiro.crypto.*</a></tt>)<br clear="none">
+Cryptography is a natural addition to an enterprise security framework.  Shiro's <tt>crypto</tt> package contains easy-to-use and understand representations of crytographic Ciphers, Hashes (aka digests) and different codec implementations.  All of the classes in this package are carefully designed to be very easy to use and easy to understand.  Anyone who has used Java's native cryptography support knows it can be a challenging animal to tame.  Shiro's crypto APIs simplify the complicated Java mechanisms and make cryptography easy to use for normal mortal human beings.
+<br clear="none" class="atl-forced-newline">
+<br clear="none" class="atl-forced-newline"></li><li><b>Realms</b> (<tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html">org.apache.shiro.realm.Realm</a></tt>)<br clear="none">
+As mentioned above, Realms act as the &#8216;bridge&#8217; or &#8216;connector&#8217; between Shiro and your application&#8217;s security data. When it comes time to actually interact with security-related data like user accounts to perform authentication (login) and authorization (access control), Shiro looks up many of these things from one or more Realms configured for an application.  You can configure as many <tt>Realms</tt> as you need (usually one per data source) and Shiro will coordinate with them as necessary for both authentication and authorization.</li></ul>
+
+
+<h2><a name="Architecture-The%7B%7BSecurityManager%7D%7D"></a>The <tt>SecurityManager</tt></h2>
+
+<p>Because Shiro's API encourages a <tt>Subject</tt>-centric programming approach, most application developers will rarely, if ever, interact with the <tt>SecurityManager</tt> directly (framework developers however might sometimes find it useful). Even so, it is still important to know how the <tt>SecurityManager</tt> functions, especially when configuring one for an application.</p>
+
+<h2><a name="Architecture-Design"></a>Design</h2>
+
+<p>As stated previously, the application's <tt>SecurityManager</tt> performs security operations and manages state for <em>all</em> application users.  In Shiro's default <tt>SecurityManager</tt> implementations, this includes:</p>
+
+<ul><li>Authentication</li><li>Authorization</li><li>Session Management</li><li>Cache Management</li><li><a href="realm.html" title="Realm">Realm</a> coordination</li><li>Event propagation</li><li>"Remember Me" Services</li><li>Subject creation</li><li>Logout<br clear="none">
+and more.</li></ul>
+
+
+<p>But this is a lot of functionality to try to manage in a single component.  And, making these things flexible and customizable would be very difficult if everything were lumped into a single implementation class.  </p>
+
+<p>To simplify configuration and enable flexible configuration/pluggability, Shiro's implementations are all highly modular in design - so modular in fact, that the SecurityManager implementation (and its class-hierarchy) does not do much at all.  Instead, the <tt>SecurityManager</tt> implementations mostly act as a lightweight 'container' component, delegating almost all behavior to nested/wrapped components.  This 'wrapper' design is reflected in the detailed architecture diagram above.</p>
+
+<p>While the components actually execute the logic, the <tt>SecurityManager</tt> implementation knows how and when to coordinate the components for the correct behavior.</p>
+
+<p>The <tt>SecurityManager</tt> implementations and are also JavaBeans compatible, which allows you (or a configuration mechanism) to easily customize the pluggable components via standard JavaBeans accessor/mutator methods (get*/set*).  This means the Shiro's architectural modularity can translate into very easy configuration for custom behavior.</p>
+
+<div class="panelMacro"><table class="tipMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/check.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1"><b>Easy Configuration</b><br clear="none">Because of JavaBeans compatibility, it is very easy to configure the <tt>SecurityManager</tt> with custom components via any mechanism that supports JavaBeans-style configuration, such as <a href="spring.html" title="Spring">Spring</a>, Guice, JBoss, etc.</td></tr></table></div>
+
+<p>We will cover <a href="configuration.html" title="Configuration">Configuration</a> next.</p>
+
+<h2><a name="Architecture-Lendahandwithdocumentation"></a>Lend a hand with documentation </h2>
+
+<p>While we hope this documentation helps you with the work you're doing with Apache Shiro, the community is improving and expanding the documentation all the time.  If you'd like to help the Shiro project, please consider corrected, expanding, or adding documentation where you see a need. Every little bit of help you provide expands the community and in turn improves Shiro. </p>
+
+<p>The easiest way to contribute your documentation is to send it to the <a class="external-link" href="http://shiro-user.582556.n2.nabble.com/" rel="nofollow">User Forum</a> or the <a href="mailing-lists.html" title="Mailing Lists">User Mailing List</a>.</p>
\ No newline at end of file

Added: shiro/site/trunk/articles.html
URL: http://svn.apache.org/viewvc/shiro/site/trunk/articles.html?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/articles.html (added)
+++ shiro/site/trunk/articles.html Sat May 11 21:10:40 2013
@@ -0,0 +1,68 @@
+<h1><a name="Articles-ApacheShiroArticles"></a>Apache Shiro Articles</h1>
+
+<p>Here are some articles written by and for members of the Apache Shiro community.  Please post any errata to the user or dev <a href="mailing-lists.html" title="Mailing Lists">mailing lists</a>.</p>
+
+<h2><a name="Articles-IntroductoryArticles"></a>Introductory Articles</h2>
+<p>New to Shiro? Here are some great introductory articles:</p>
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://www.infoq.com/articles/apache-shiro" rel="nofollow">Application Security with Apache Shiro</a></b> InfoQ article by Les Hazlewood, Apache Shiro PMC Chair.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://www.stormpath.com/blog/2012/03/12/whats-new-in-apache-shiro-12" rel="nofollow">What's new in Apache Shiro 1.2</a></b> on 13 March 2012 by Les Hazlewood.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://www.ibm.com/developerworks/web/library/wa-apacheshiro/" rel="nofollow">Introducing Apache Shiro</a></b> by Nathan Good on IBM DeveloperWorks, 14 September 2010.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b>An Introduction to Shiro (formerly JSecurity/Ki) - A Beginner's Tutorial</b> by <a class="external-link" href="http://www.brucephillips.name" rel="nofollow">Bruce Phillips</a>:
+	<ul class="alternate" type="square"><li><a class="external-link" href="http://www.brucephillips.name/blog/index.cfm/2009/4/5/An-Introduction-to-Ki-formerly-JSecurity--A-Beginners--Tutorial-Part-1" rel="nofollow">Part 1</a></li><li><a class="external-link" href="http://www.brucephillips.name/blog/index.cfm/2009/4/5/An-Introduction-to-Ki-formerly-JSecurity--A-Beginners--Tutorial-Part-2" rel="nofollow">Part 2</a></li><li><a class="external-link" href="http://www.brucephillips.name/blog/index.cfm/2009/4/5/An-Introduction-to-Ki-formerly-JSecurity--A-Beginners--Tutorial-Part-3" rel="nofollow">Part 3</a></li><li><a class="external-link" href="http://www.brucephillips.name/blog/index.cfm/2009/4/5/An-Introduction-to-Ki-formerly-JSecurity--A-Beginners--Tutorial-Part-4" rel="nofollow">Part 4</a></li><li><a class="external-link" href="http://www.brucephillips.name/blog/index.cfm/2009/5/1/An-Introduction-to-Ki-formerly-JSecurity--A-Beginners-Tutorial-Part-5" rel="nofollow">Part 5</a></l
 i></ul>
+	</li></ul>
+
+
+<h2><a name="Articles-AdditionalArticles"></a>Additional Articles</h2>
+<p>Once you've gotten your feet wet, you might find these useful too:</p>
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://czetsuya-tech.blogspot.com/2012/10/how-to-integrate-apache-shiro-with.html?spref=tw" rel="nofollow">How to Integrate Apache Shiro with JavaEE6</a></b> by czetsuya on 11 October 2012.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://blog.pinateknoloji.com/shiro-jdbc-realm" rel="nofollow">Custom Apache Shiro JDBC Realm</a></b> by Mehmet Celiksoy</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://bubba-h57.github.com/H57_Shiro/" rel="nofollow">Spring MVC + Shiro + myBatis + JSR-303 Validation</a></b> by Rob Hines et. al. on 2 April 2012.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://books.zkoss.org/wiki/Small_Talks/2012/March/Securing_ZK_Applications_With_Apache_Shiro" rel="nofollow">Securing ZK Applications with Apache Shiro</a></b> by Ashish Dasnurkar on 6 March 2012.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b>Facebook Login with Apache Shiro</b> by Mike Warren on 28 November 2011
+	<ul class="alternate" type="square"><li><a class="external-link" href="http://mrdwnotes.wordpress.com/2011/11/28/using-apache-shiro-security-to-allow-login-via-facebook-part-1" rel="nofollow">Part 1</a></li><li><a class="external-link" href="http://mrdwnotes.wordpress.com/2011/11/28/using-apache-shiro-security-to-allow-login-via-facebook-part-2" rel="nofollow">Part 2</a></li></ul>
+	</li></ul>
+
+
+<ul class="alternate" type="square"><li><b>Apache Shiro - a blog series by Meri</b>
+	<ul class="alternate" type="square"><li><a class="external-link" href="http://meri-stuff.blogspot.com/2011/03/apache-shiro-part-1-basics.html" rel="nofollow">Part 1 - Basics</a> on 27 March 2011</li><li><a class="external-link" href="http://meri-stuff.blogspot.com/2011/04/apache-shiro-part-2-realms-database-and.html" rel="nofollow">Part 2 - Realms, Database and PGP Certificates</a> on 18 April 2011</li><li><a class="external-link" href="http://meri-stuff.blogspot.com/2011/12/apache-shiro-part-3-cryptography.html" rel="nofollow">Part 3 - Cryptography</a> on 4 December 2011</li></ul>
+	</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://www.katasoft.com/blog/2011/05/09/new-rbac-resource-based-access-control" rel="nofollow">The New RBAC: Resource-Based Access Control</a></b> by Les Hazlewood on 9 May 2011</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://eneuwirt.de/2011/04/22/using-apache-shiro-to-secure-vaading-application/" rel="nofollow">Securing Vaadin Applications with Apache Shiro</a></b> by Eduard Neuwirt on 22 April 2011.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://blog.xebia.com/author/yamsellem/" rel="nofollow">HTTP Authentication and Security with Apache Shiro</a></b> blog article by yamsellem on 18 April 2011.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://spring-java-ee.blogspot.com/2011/04/using-shiro-for-authorization-via-cdi.html" rel="nofollow">Using Shiro for Authorization via CDI Interceptors then Easily Test with Arquillian</a></b> blog article by Hendy Irawan on 16 April 2011.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://blogs.mulesoft.org/apache-shiro-support-for-mule/" rel="nofollow">Apache Shiro Support for Mule</a></b> by Dan Diephouse on 10 January 2011.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://www.gdevelop.com/blog/2010/12/apache-shiro-on-appengine" rel="nofollow">Apache Shiro on Google AppEngine</a></b> by Trung on 13 December 2010.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b><a class="external-link" href="http://techbeats.deluan.com/apache-shiro-tags-for-jsffacelets" rel="nofollow">Apache Shiro tags for JSF - Securing Your JSF Pages</a></b> by Deluan Quint&#227;o on 1 November 2010.</li></ul>
+
+
+<ul class="alternate" type="square"><li><b>Shiro DevNexus 2009 Presentation</b> by <a class="external-link" href="http://cwiki.apache.org/confluence/display/~jhaile">Jeremy Haile</a>: (<a href="assets/images/articles/Ki-DevNexus-2009.pdf?version=1&amp;modificationDate=1246602947000">PDF</a>) (<a href="assets/images/articles/Ki-DevNexus-2009.key.zip?version=1&amp;modificationDate=1246602947000">Keynote</a>) (<a href="assets/images/articles/Ki-DevNexus-2009.ppt.zip?version=1&amp;modificationDate=1246602947000">Powerpoint</a>)</li></ul>

Added: shiro/site/trunk/assets/css/confluence.css
URL: http://svn.apache.org/viewvc/shiro/site/trunk/assets/css/confluence.css?rev=1481417&view=auto
==============================================================================
--- shiro/site/trunk/assets/css/confluence.css (added)
+++ shiro/site/trunk/assets/css/confluence.css Sat May 11 21:10:40 2013
@@ -0,0 +1,195 @@
+/*
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements.  See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership.  The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License.  You may obtain a copy of the License at
+ -
+ -     http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied.  See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+*/
+
+/* This CSS is for customizing Confluence rendered HTML only.  Shiro-specific
+   site elements are customized in style.css */ 
+
+.nobr sup img {
+    display: none;
+}
+
+.preformattedContent pre {
+    padding: 5px 10px;
+    border: 1px dashed #1a6c0b;
+    background-color: #f0f0f0;
+}
+
+blockquote {
+    margin: 10px;
+    padding: 0 10px;
+    border-left: 1px solid #1a6c0b;
+}
+
+table.confluenceTable {
+    margin: 5px;
+    border-collapse: collapse;
+}
+
+/* Added as a temporary fix for CONF-4223. The table elements appear to be inheriting the border: none attribute from the sectionMacro class */
+
+table.confluenceTable td.confluenceTd {
+    border-width: 1px;
+    border-style: solid;
+    border-color: #ccc;
+    padding: 3px 4px 3px 4px;
+}
+
+/* Added as a temporary fix for CONF-4223. The table elements appear to be inheriting the border: none attribute from the sectionMacro class */
+
+table.confluenceTable th.confluenceTh {
+    border-width: 1px;
+    border-style: solid;
+    border-color: #ccc;
+    padding: 3px 4px 3px 4px;
+    background-color: #f0f0f0;
+    text-align: center;
+}
+
+td.confluenceTd {
+    border-width: 1px;
+    border-style: solid;
+    border-color: #ccc;
+    padding: 3px 4px 3px 4px;
+}
+
+th.confluenceTh {
+    border-width: 1px;
+    border-style: solid;
+    border-color: #ccc;
+    padding: 3px 4px 3px 4px;
+    background-color: #f0f0f0;
+    text-align: center;
+}
+
+.panelMacro {
+    width: 100%;
+    margin: 10px 0 10px 0;
+}
+
+.panelMacro * td {
+    padding: 1em 0 0 1em;
+}
+
+.panelMacro * td:last-child {
+    padding: 0.8em 1em 1em 0.6em;
+}
+
+.panelMacro * b:first-child {
+    display: block;
+    margin: 0 0 -0.5em 0;
+}
+
+.tipMacro {
+    width: 100%;
+    border: 1px solid #090;
+    background-color: #dfd;
+}
+.infoMacro {
+    width: 100%;
+    border: 1px solid #3c78b5;
+    background-color: #D8E4F1;
+}
+.noteMacro {
+    width: 100%;
+    border: 1px solid #f0c000;
+    background-color: #ffffce;
+}
+.warningMacro {
+    width: 100%;
+    border: 1px solid #c00;
+    background-color: #fcc;
+}
+
+.code {
+    border: 1px dashed #1a6c0b;
+    font-size: 1em;
+    font-family: 'courier new', Courier, serif;
+    margin: 1em 0;
+    line-height: 1em;
+}
+
+.codeHeader {
+    background-color: #f0f0f0;
+    border-bottom: 1px dashed #1a6c0b;
+    padding: 3px;
+    text-align: center;
+}
+
+.codeContent {
+    text-align: left;
+    background-color: #f0f0f0;
+    padding: 3px;
+}
+
+.code-keyword {
+    color: #000091;
+    background-color: inherit;
+}
+
+.code-object {
+    color: #910091;
+    background-color: inherit;
+}
+
+.code-quote {
+    color: #009100;
+    background-color: inherit;
+}
+
+.code-comment {
+    color: #808080;
+    background-color: inherit;
+}
+
+.code-xml .code-keyword {
+    color: inherit;
+    font-weight: bold;
+}
+
+.code-tag {
+    color: #000091;
+    background-color: inherit;
+}
+
+/* ===================== Blog Posts ==================== */
+
+/* The Confluence user images in the news feeds are not showing properly (the href needs to be fixed).
+   So, hide them until we can address this: */
+
+.blog-post-listing {
+    margin: 1.8em 0 0 0;
+    padding: 0 0 0.8em 0;
+    border-bottom: 1px solid #d2d2d2;
+}
+.blog-post-listing .logoBlock {
+    display: none;
+}
+
+.blog-post-listing span.blogHeading .page-metadata {
+    font-size: 0.8em;
+}
+
+.blog-post-listing .endsection {
+    display: none;
+}
+
+.blog-post-listing a.blogHeading {
+    font-size: 2em;
+    font-weight: bold;
+}



Mime
View raw message