shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bdem...@apache.org
Subject svn commit: r1766119 [4/5] - in /shiro/site/publish: ./ 2010/03/18/ 2010/06/01/ 2010/09/14/ 2010/09/20/ 2010/09/24/ 2010/11/03/ 2011/01/06/ 2011/01/13/ 2011/02/10/ 2011/02/28/ 2011/03/14/ 2011/05/24/ 2011/06/30/ 2012/01/24/ 2012/03/13/ 2012/07/29/ 2013...
Date Fri, 21 Oct 2016 20:08:01 GMT
Modified: shiro/site/publish/realm.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/realm.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/realm.html (original)
+++ shiro/site/publish/realm.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {
@@ -95,7 +100,7 @@
             <td colspan="1" rowspan="1">
                 <b>Tip</b>
                 <br clear="none">
-                A Realm is essentially a security-specific <a class="external-link" href="http://en.wikipedia.org/wiki/Data_Access_Object" rel="nofollow">DAO</a>
+                A Realm is essentially a security-specific <a class="external-link" href="https://en.wikipedia.org/wiki/Data_Access_Object" rel="nofollow">DAO</a>
             </td>
         </tr>
         </tbody>
@@ -124,7 +129,7 @@ securityManager.realms = $fooRealm, $bar
 </pre>
 </div></div>
 
-<p>Explicit assignment is deterministic - you control exactly which realms are used as well as <em>the order</em> that they will be used for authentication and authorization. Realm ordering effects are described in detail in the Authentication chapter's <a href="authentication.html\#Authentication-sequence">Authentication Sequence</a> section. </p>
+<p>Explicit assignment is deterministic - you control exactly which realms are used as well as <em>the order</em> that they will be used for authentication and authorization. Realm ordering effects are described in detail in the Authentication chapter's <a href="authentication.html#Authentication-sequence">Authentication Sequence</a> section. </p>
 
 <h3><a name="Realm-ImplicitAssignment"></a>Implicit Assignment</h3>
 
@@ -174,23 +179,23 @@ securityManager.realms = $blahRealm, $fo
 </pre>
 </div></div>
 
-<p>However, realize that with implicit assignment, just the order that the realms are defined directly affects how they are consulted during authentication and authorization attempts.  If you change their definition order, you will change how the master <tt>Authenticator</tt>'s <a href="authentication.html\#Authentication-sequence">Authentication Sequence</a> functions.</p>
+<p>However, realize that with implicit assignment, just the order that the realms are defined directly affects how they are consulted during authentication and authorization attempts.  If you change their definition order, you will change how the master <tt>Authenticator</tt>'s <a href="authentication.html#Authentication-sequence">Authentication Sequence</a> functions.</p>
 
 <p>For this reason, and to ensure deterministic behavior, we recommend using Explicit Assignment instead of Implicit Assignment. <br clear="none">
 <a name="Realm-authentication"></a></p>
 <h2><a name="Realm-RealmAuthentication"></a>Realm Authentication</h2>
 
-<p>Once you understand Shiro's master <a href="authentication.html\#Authentication-sequence">Authentication workflow</a>, it is important to know exactly what happens when the <tt>Authenticator</tt> interacts with a <tt>Realm</tt> during an authentication attempt.</p>
+<p>Once you understand Shiro's master <a href="authentication.html#Authentication-sequence">Authentication workflow</a>, it is important to know exactly what happens when the <tt>Authenticator</tt> interacts with a <tt>Realm</tt> during an authentication attempt.</p>
 
 <h3><a name="Realm-Supporting%7B%7BAuthenticationTokens%7D%7D"></a>Supporting <tt>AuthenticationTokens</tt></h3>
 
-<p>As mentioned in the <a href="authentication.html\#Authentication-sequence">authentication sequence</a>, just before a <tt>Realm</tt> is consulted to perform an authentication attempt, its <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html\#supports(org.apache.shiro.authc.AuthenticationToken)">supports</a></tt> method is called.  If the return value is <tt>true</tt>, only then will its <tt>getAuthenticationInfo(token)</tt> method be invoked.</p>
+<p>As mentioned in the <a href="authentication.html#Authentication-sequence">authentication sequence</a>, just before a <tt>Realm</tt> is consulted to perform an authentication attempt, its <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html#supports(org.apache.shiro.authc.AuthenticationToken)">supports</a></tt> method is called.  If the return value is <tt>true</tt>, only then will its <tt>getAuthenticationInfo(token)</tt> method be invoked.</p>
 
 <p>Typically a realm will check the type (interface or class) of the submitted token to see if it can process it.  For example, a Realm that processes biometric data may not understand <tt>UsernamePasswordTokens</tt> at all, in which case it would return <tt>false</tt> from the <tt>supports</tt> method.</p>
 
 <h3><a name="Realm-Handlingsupported%7B%7BAuthenticationTokens%7D%7D"></a>Handling supported <tt>AuthenticationTokens</tt></h3>
 
-<p>If a <tt>Realm</tt> <tt>supports</tt> a submitted <tt>AuthenticationToken</tt>, the <tt>Authenticator</tt> will call the Realm's  <a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html\#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo(token)</a> method.  This effectively represents an authentication attempt with the <tt>Realm's</tt> backing data source.  The method, in order:</p>
+<p>If a <tt>Realm</tt> <tt>supports</tt> a submitted <tt>AuthenticationToken</tt>, the <tt>Authenticator</tt> will call the Realm's  <a class="external-link" href="static/current/apidocs/org/apache/shiro/realm/Realm.html#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)">getAuthenticationInfo(token)</a> method.  This effectively represents an authentication attempt with the <tt>Realm's</tt> backing data source.  The method, in order:</p>
 
 <ol><li>Inspects the <tt>token</tt> for the identifying principal (account identifying information)</li><li>Based on the <tt>principal</tt>, looks up corresponding account data in the data source</li><li>Ensures that the token's supplied <tt>credentials</tt> matches those stored in the data store</li><li>If the credentials match, an <a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/AuthenticationInfo.html">AuthenticationInfo</a> instance is returned that encapsulates the account data in a format Shiro understands</li><li>If the credentials DO NOT match, an <a class="external-link" href="static/current/apidocs/org/apache/shiro/authc/AuthenticationException.html">AuthenticationException</a> is thrown</li></ol>
 
@@ -301,7 +306,7 @@ myRealm.credentialsMatcher = $customMatc
 
 <p>Shiro provides multiple <tt>HashedCredentialsMatcher</tt> subclass implementations.  You must configure the specific implementation on your realm to match the hashing algorithm you use to hash your users' credentials.</p>
 
-<p>For example, let's say your application uses username/password pairs for authentication.  And due to the benefits of hashing credentials described above, let's say you want to one-way hash a user's password using the <a class="external-link" href="http://en.wikipedia.org/wiki/SHA_hash_functions" rel="nofollow">SHA-256</a> algorithm when you create a user account.  You would hash the user's entered plain-text password and save that value:</p>
+<p>For example, let's say your application uses username/password pairs for authentication.  And due to the benefits of hashing credentials described above, let's say you want to one-way hash a user's password using the <a class="external-link" href="https://en.wikipedia.org/wiki/SHA_hash_functions" rel="nofollow">SHA-256</a> algorithm when you create a user account.  You would hash the user's entered plain-text password and save that value:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
 <pre class="code-java">

Modified: shiro/site/publish/reference.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/reference.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/reference.html (original)
+++ shiro/site/publish/reference.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/securitymanager.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/securitymanager.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/securitymanager.html (original)
+++ shiro/site/publish/securitymanager.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/session-management-features.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/session-management-features.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/session-management-features.html (original)
+++ shiro/site/publish/session-management-features.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/session-management.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/session-management.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/session-management.html (original)
+++ shiro/site/publish/session-management.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {
@@ -229,7 +234,7 @@ securityManager.sessionManager.sessionLi
 <p><a name="SessionManagement-sessionstorage"></a></p>
 <h3><a name="SessionManagement-SessionStorage"></a>Session Storage</h3>
 
-<p>Whenever a session is created or updated, its data needs to persisted to a storage location so it is accessible by the application at a later time.  Similarly, when a session is invalid and longer being used, it needs to be deleted from storage so the session data store space is not exhausted.  The <tt>SessionManager</tt> implementations delegate these Create/Read/Update/Delete (CRUD) operations to an internal component, the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/session/mgt/eis/SessionDAO.html">SessionDAO</a></tt>, which reflects the <a class="external-link" href="http://en.wikipedia.org/wiki/Data_access_object" rel="nofollow">Data Access Object (DAO)</a> design pattern.</p>
+<p>Whenever a session is created or updated, its data needs to persisted to a storage location so it is accessible by the application at a later time.  Similarly, when a session is invalid and longer being used, it needs to be deleted from storage so the session data store space is not exhausted.  The <tt>SessionManager</tt> implementations delegate these Create/Read/Update/Delete (CRUD) operations to an internal component, the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/session/mgt/eis/SessionDAO.html">SessionDAO</a></tt>, which reflects the <a class="external-link" href="https://en.wikipedia.org/wiki/Data_access_object" rel="nofollow">Data Access Object (DAO)</a> design pattern.</p>
 
 <p>The power of the SessionDAO is that you can implement this interface to communicate with <em>any</em> data store you wish.  This means your session data can reside in memory, on the file system, in a relational database or NoSQL data store, or any other location you need.  You have control over persistence behavior.</p>
 
@@ -297,11 +302,11 @@ securityManager.cacheManager = $cacheMan
 <p><a name="SessionManagement-ehcachesessioncacheconfiguration"></a></p>
 <h5><a name="SessionManagement-EHCacheSessionCacheConfiguration"></a>EHCache Session Cache Configuration</h5>
 
-<p>By default, the <tt>EhCacheManager</tt> uses a Shiro-specific <tt><a class="external-link" href="https://github.com/apache/shiro/tree/master/support/ehcache/src/main/resources/org/apache/shiro/cache/ehcache/ehcache.xml">ehcache.xml</a></tt> file that sets up the Session cache region and the necessary settings to ensure Sessions are stored and retrieved properly.</p>
+<p>By default, the <tt>EhCacheManager</tt> uses a Shiro-specific <tt><a class="external-link" href="https://github.com/apache/shiro/blob/master/support/ehcache/src/main/resources/org/apache/shiro/cache/ehcache/ehcache.xml">ehcache.xml</a></tt> file that sets up the Session cache region and the necessary settings to ensure Sessions are stored and retrieved properly.</p>
 
 <p>However, if you wish to change the cache settings, or configure your own <tt>ehcache.xml</tt> or EHCache <tt>net.sf.ehcache.CacheManager</tt> instance, you will need to configure the cache region to ensure that Sessions are handled correctly.</p>
 
-<p>If you look at the default <tt><a class="external-link" href="https://github.com/apache/shiro/tree/master/support/ehcache/src/main/resources/org/apache/shiro/cache/ehcache/ehcache.xml">ehcache.xml</a></tt> file, you will see the following <tt>shiro-activeSessionCache</tt> cache configuration:</p>
+<p>If you look at the default <tt><a class="external-link" href="https://github.com/apache/shiro/blob/master/support/ehcache/src/main/resources/org/apache/shiro/cache/ehcache/ehcache.xml">ehcache.xml</a></tt> file, you will see the following <tt>shiro-activeSessionCache</tt> cache configuration:</p>
 
 <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
 <pre class="code-xml">
@@ -369,7 +374,7 @@ securityManager.sessionManager.sessionDA
 
 <h4><a name="SessionManagement-DefaultSessionValidationScheduler"></a>Default SessionValidationScheduler</h4>
 
-<p>The default <tt>SessionValidationScheduler</tt> usable in all environments is the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/session/mgt/ExecutorServiceSessionValidationScheduler.html">ExecutorServiceSessionValidationScheduler</a></tt> which uses a JDK <tt><a class="external-link" href="http://download.oracle.com/javase/6/docs/api/java/util/concurrent/ScheduledExecutorService.html" rel="nofollow">ScheduledExecutorService</a></tt> to control how often the validation should occur.</p>
+<p>The default <tt>SessionValidationScheduler</tt> usable in all environments is the <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/session/mgt/ExecutorServiceSessionValidationScheduler.html">ExecutorServiceSessionValidationScheduler</a></tt> which uses a JDK <tt><a class="external-link" href="http://docs.oracle.com/javase/6/docs/api/java/util/concurrent/ScheduledExecutorService.html" rel="nofollow">ScheduledExecutorService</a></tt> to control how often the validation should occur.</p>
 
 <p>By default, this implementation will perform validation once per hour.  You can change the rate at which validation occurs by specifying a <b>new</b> instance of <tt>ExecutorServiceSessionValidationScheduler</tt> and specifying a different interval (in milliseconds):</p>
 
@@ -440,7 +445,7 @@ securityManager.sessionManager.deleteInv
 
 <p>Note also that even if you prevent Shiro from deleting invalid sessions, you still should enable session validation somehow - either via Shiro's existing validation mechanisms or via a custom mechanism you provide yourself (see the above "Disabling Session Validation" section above for more).  The validation mechanism will update your session records to reflect the invalid state (e.g. when it was invalidated, when it was last accessed, etc), even if you will delete them manually yourself at some other time.</p>
 
-<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.gif" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1">If you configure Shiro so it does not delete invalid sessions, you are responsible for ensuring that your session data store doesn't exhaust its space.  You must delete invalid sessions from you data store yourself!  
+<div class="panelMacro"><table class="warningMacro"><colgroup span="1"><col span="1" width="24"><col span="1"></colgroup><tr><td colspan="1" rowspan="1" valign="top"><img align="middle" src="https://cwiki.apache.org/confluence/images/icons/emoticons/forbidden.png" width="16" height="16" alt="" border="0"></td><td colspan="1" rowspan="1">If you configure Shiro so it does not delete invalid sessions, you are responsible for ensuring that your session data store doesn't exhaust its space.  You must delete invalid sessions from you data store yourself!
 
 <p>Also note that disabling session deletion is <b>not</b> the same as disabling session validation scheduling.  You should almost always use a session validation scheduling mechanism - either one supported by Shiro directly or your own.</p></td></tr></table></div>
 
@@ -454,7 +459,7 @@ securityManager.sessionManager.deleteInv
 
 <p><b>Distributed Caches</b></p>
 
-<p>Distributed Caches such as <a class="external-link" href="http://ehcache.org/documentation/get-started/about-distributed-cache" rel="nofollow">Ehcache+TerraCotta</a>, <a class="external-link" href="http://www.gigaspaces.com/" rel="nofollow">GigaSpaces</a> <a class="external-link" href="http://www.oracle.com/technetwork/middleware/coherence/overview/index.html" rel="nofollow">Oracle Coherence</a>, and <a class="external-link" href="http://memcached.org/" rel="nofollow">Memcached</a> (and many others) already solve the distributed-data-at-the-persistence-level problem.  Therefore enabling Session clustering in Shiro is as simple as configuring Shiro to use a distributed cache.</p>
+<p>Distributed Caches such as <a class="external-link" href="http://www.ehcache.org/documentation/2.7/configuration/distributed-cache-configuration.html" rel="nofollow">Ehcache+TerraCotta</a>, <a class="external-link" href="http://www.gigaspaces.com/" rel="nofollow">GigaSpaces</a> <a class="external-link" href="http://www.oracle.com/technetwork/middleware/coherence/overview/index.html" rel="nofollow">Oracle Coherence</a>, and <a class="external-link" href="http://memcached.org/" rel="nofollow">Memcached</a> (and many others) already solve the distributed-data-at-the-persistence-level problem.  Therefore enabling Session clustering in Shiro is as simple as configuring Shiro to use a distributed cache.</p>
 
 <p>This gives you the flexibility of choosing the exact clustering mechanism that is suitable for <em>your</em> environment.</p>
 
@@ -516,7 +521,7 @@ securityManager.cacheManager = $cacheMan
 
 <h3><a name="SessionManagement-EhcacheTerracotta"></a>Ehcache + Terracotta</h3>
 
-<p>One such distributed caching solution that people have had success with while using Shiro is the Ehcache + Terracotta pairing.  See the Ehcache-hosted <a class="external-link" href="http://ehcache.org/documentation/get-started/about-distributed-cache" rel="nofollow">Distributed Caching With Terracotta</a> documentation for full details of how to enable distributed caching with Ehcache.</p>
+<p>One such distributed caching solution that people have had success with while using Shiro is the Ehcache + Terracotta pairing.  See the Ehcache-hosted <a class="external-link" href="http://www.ehcache.org/documentation/get-started/about-distributed-cache" rel="nofollow">Distributed Caching With Terracotta</a> documentation for full details of how to enable distributed caching with Ehcache.</p>
 
 <p>Once you've got Terracotta clustering working with Ehcache, the Shiro-specific parts are very simple.  Read and follow the <a href="#SessionManagement-ehcachesessiondao">Ehcache SessionDAO</a> documentation, but we'll need to make a few changes</p>
 

Modified: shiro/site/publish/sessionmanager.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/sessionmanager.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/sessionmanager.html (original)
+++ shiro/site/publish/sessionmanager.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/sharing-block-small.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/sharing-block-small.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/sharing-block-small.html (original)
+++ shiro/site/publish/sharing-block-small.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/sharing-block.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/sharing-block.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/sharing-block.html (original)
+++ shiro/site/publish/sharing-block.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/site.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/site.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/site.html (original)
+++ shiro/site/publish/site.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/siteheader.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/siteheader.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/siteheader.html (original)
+++ shiro/site/publish/siteheader.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/spring.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/spring.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/spring.html (original)
+++ shiro/site/publish/spring.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {
@@ -92,7 +97,7 @@
 </tr>
 </table>
 
-<p>This page covers the ways to integrate Shiro into <a class="external-link" href="http://www.springframework.org" rel="nofollow">Spring</a>-based applications.</p>
+<p>This page covers the ways to integrate Shiro into <a class="external-link" href="http://spring.io" rel="nofollow">Spring</a>-based applications.</p>
 
 <p>Shiro's JavaBeans compatibility makes it perfectly suited to be configured via Spring XML or other Spring-based configuration mechanisms.  Shiro applications need an application singleton <tt>SecurityManager</tt> instance.  Note that this does not have to be a <em>static</em> singleton, but there should only be a single instance used by the application, whether its a static singleton or not.</p>
 
@@ -255,7 +260,7 @@ all of its configuration properties in w
 </pre>
 </div></div>
 
-<p>Once you have defined this bean, you must plug it in to whatever remoting <tt>Exporter</tt> you are using to export/expose your services.  <tt>Exporter</tt> implementations are defined according to the remoting mechanism/protocol in use.  See Spring's <a class="external-link" href="http://static.springsource.org/spring/docs/2.5.x/reference/remoting.html" rel="nofollow">Remoting chapter</a> on defining <tt>Exporter</tt> beans.</p>
+<p>Once you have defined this bean, you must plug it in to whatever remoting <tt>Exporter</tt> you are using to export/expose your services.  <tt>Exporter</tt> implementations are defined according to the remoting mechanism/protocol in use.  See Spring's <a class="external-link" href="http://docs.spring.io/spring/docs/2.5.x/reference/remoting.html" rel="nofollow">Remoting chapter</a> on defining <tt>Exporter</tt> beans.</p>
 
 <p>For example, if using HTTP-based remoting (notice the property reference to the <tt>secureRemoteInvocationExecutor</tt> bean):</p>
 

Modified: shiro/site/publish/subject.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/subject.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/subject.html (original)
+++ shiro/site/publish/subject.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {
@@ -156,7 +161,7 @@ session.setAttribute( <span class="code-
 </pre>
 </div></div>
 
-<p>You, as the application/GUI developer can choose to show the end-user messages based on exceptions or not (for example, <tt>"There is no account in the system with that username."</tt>).  There are many different types of exceptions you can check, or throw your own for custom conditions Shiro might not account for.  See the <a class="external-link" href="http://www.jsecurity.org/api/org/jsecurity/authc/AuthenticationException.html" rel="nofollow">AuthenticationException JavaDoc</a> for more.</p>
+<p>You, as the application/GUI developer can choose to show the end-user messages based on exceptions or not (for example, <tt>"There is no account in the system with that username."</tt>).  There are many different types of exceptions you can check, or throw your own for custom conditions Shiro might not account for.  See the <a class="external-link" href="https://shiro.apache.org/static/current/apidocs/org/apache/shiro/authc/AuthenticationException.html" rel="nofollow">AuthenticationException JavaDoc</a> for more.</p>
 
 <p>Ok, so by now, we have a logged in user.  What else can we do?</p>
 

Modified: shiro/site/publish/support.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/support.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/support.html (original)
+++ shiro/site/publish/support.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/tags.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/tags.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/tags.html (original)
+++ shiro/site/publish/tags.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/team.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/team.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/team.html (original)
+++ shiro/site/publish/team.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/terminology.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/terminology.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/terminology.html (original)
+++ shiro/site/publish/terminology.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/testing.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/testing.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/testing.html (original)
+++ shiro/site/publish/testing.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {
@@ -86,7 +91,7 @@
 <ol><li>A <tt>Subject</tt> instance must be created</li><li>The <tt>Subject</tt> instance must be <em>bound</em> to the currently executing thread.</li><li>After the thread is finished executing (or if the thread's execution results in a <tt>Throwable</tt>), the <tt>Subject</tt> must be <em>unbound</em> to ensure that the thread remains 'clean' in any thread-pooled environment.</li></ol>
 
 
-<p>Shiro has architectural components that perform this bind/unbind logic automatically for a running application.  For example, in a web application, the root Shiro Filter performs this logic when <a class="external-link" href="static/current/apidocs/org/apache/shiro/web/servlet/AbstractShiroFilter.html\#doFilterInternal(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">filtering a request</a>.  But as test environments and frameworks differ, we need to perform this bind/unbind logic ourselves for our chosen test framework.</p>
+<p>Shiro has architectural components that perform this bind/unbind logic automatically for a running application.  For example, in a web application, the root Shiro Filter performs this logic when <a class="external-link" href="static/current/apidocs/org/apache/shiro/web/servlet/AbstractShiroFilter.html#doFilterInternal(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)">filtering a request</a>.  But as test environments and frameworks differ, we need to perform this bind/unbind logic ourselves for our chosen test framework.</p>
 
 <h2><a name="Testing-TestSetup"></a>Test Setup</h2>
 
@@ -192,7 +197,7 @@
                 <b>Testing &amp; Frameworks</b>
                 <br clear="none">
                 The code in the <tt>AbstractShiroTest</tt> class uses Shiro's <tt>ThreadState</tt> concept and a static SecurityManager.  These techniques are useful in tests and in framework code, but rarely ever used in application code.
-<p>Most end-users working with Shiro who need to ensure thread-state consistency will almost always use Shiro's automatic management mechanisms, namely the <tt>Subject.associateWith</tt> and the <tt>Subject.execute</tt> methods.  These methods are covered in the reference on <a href="subject.html\#Subject-ThreadAssociation">Subject thread association</a>.</p>
+<p>Most end-users working with Shiro who need to ensure thread-state consistency will almost always use Shiro's automatic management mechanisms, namely the <tt>Subject.associateWith</tt> and the <tt>Subject.execute</tt> methods.  These methods are covered in the reference on <a href="subject.html#[[#]]#Subject-ThreadAssociation">Subject thread association</a>.</p>
             </td>
         </tr>
         </tbody>
@@ -207,7 +212,7 @@
 
 <h3><a name="Testing-ExampleShiroUnitTest"></a>ExampleShiroUnitTest</h3>
 
-<p>Because unit tests are better suited for testing your own logic (and not any implementations your logic might call), it is a great idea to <em>mock</em> any APIs that your logic depends on.  This works very well with Shiro - you can mock the <tt>Subject</tt> interface and have it reflect whatever conditions you want your code under test to react to.  We can leverage modern mock frameworks like <a class="external-link" href="http://easymock.org/" rel="nofollow">EasyMock</a> and <a class="external-link" href="http://mockito.org/" rel="nofollow">Mockito</a> to do this for us.  </p>
+<p>Because unit tests are better suited for testing your own logic (and not any implementations your logic might call), it is a great idea to <em>mock</em> any APIs that your logic depends on.  This works very well with Shiro - you can mock the <tt>Subject</tt> interface and have it reflect whatever conditions you want your code under test to react to.  We can leverage modern mock frameworks like <a class="external-link" href="http://easymock.org/" rel="nofollow">EasyMock</a> and <a class="external-link" href="http://site.mockito.org" rel="nofollow">Mockito</a> to do this for us.  </p>
 
 <p>But as stated above, the key in Shiro tests is to remember that any Subject instance (mock or real) must be bound to the thread during test execution.  So all we need to do is bind the mock Subject to ensure things work as expected.</p>
 

Modified: shiro/site/publish/tools.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/tools.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/tools.html (original)
+++ shiro/site/publish/tools.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/tutorial.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/tutorial.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/tutorial.html (original)
+++ shiro/site/publish/tutorial.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {
@@ -281,7 +286,7 @@ OS name: <span class="code-quote">"mac o
 
 <p>While we could instantiate a <tt>SecurityManager</tt> class directly, Shiro's <tt>SecurityManager</tt> implementations have enough configuration options and internal components that make this a pain to do in Java source code - it would be much easier to configure the <tt>SecurityManager</tt> with a flexible text-based configuration format. </p>
 
-<p>To that end, Shiro provides a default &#8216;common denominator&#8217; solution via text-based <a class="external-link" href="http://en.wikipedia.org/wiki/INI_file" rel="nofollow">INI</a> configuration. People are pretty tired of using bulky XML files these days, and INI is easy to read, simple to use, and requires very few dependencies. You&#8217;ll also see later that with a simple understanding of object graph navigation, INI can be used effectively to configure simple object graphs like the SecurityManager. </p>
+<p>To that end, Shiro provides a default &#8216;common denominator&#8217; solution via text-based <a class="external-link" href="https://en.wikipedia.org/wiki/INI_file" rel="nofollow">INI</a> configuration. People are pretty tired of using bulky XML files these days, and INI is easy to read, simple to use, and requires very few dependencies. You&#8217;ll also see later that with a simple understanding of object graph navigation, INI can be used effectively to configure simple object graphs like the SecurityManager. </p>
 
 <div class="panelMacro">
     <table class="tipMacro">
@@ -369,7 +374,7 @@ goodguy = winnebago:drive:eagle5
 
 <p>Here is what the above additions are doing:</p>
 
-<ol><li>We use Shiro's <tt>IniSecurityManagerFactory</tt> implementation to ingest our <tt>shiro.ini</tt> file which is located at the root of the classpath.  This implementation reflects Shiro's support of the <a class="external-link" href="http://en.wikipedia.org/wiki/Factory_method_pattern" rel="nofollow">Factory Method Design Pattern</a>.  The <tt>classpath:</tt> prefix is an resource indicator that tells shiro where to load the ini file from (other prefixes, like <tt>url:</tt> and <tt>file:</tt> are supported as well).
+<ol><li>We use Shiro's <tt>IniSecurityManagerFactory</tt> implementation to ingest our <tt>shiro.ini</tt> file which is located at the root of the classpath.  This implementation reflects Shiro's support of the <a class="external-link" href="https://en.wikipedia.org/wiki/Factory_method_pattern" rel="nofollow">Factory Method Design Pattern</a>.  The <tt>classpath:</tt> prefix is an resource indicator that tells shiro where to load the ini file from (other prefixes, like <tt>url:</tt> and <tt>file:</tt> are supported as well).
 <br clear="none" class="atl-forced-newline">
 <br clear="none" class="atl-forced-newline"></li><li>The <tt>factory.getInstance()</tt> method is called, which parses the INI file and returns a <tt>SecurityManager</tt> instance reflecting the configuration.
 <br clear="none" class="atl-forced-newline">

Modified: shiro/site/publish/version-2-brainstorming.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/version-2-brainstorming.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/version-2-brainstorming.html (original)
+++ shiro/site/publish/version-2-brainstorming.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/web-features.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/web-features.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/web-features.html (original)
+++ shiro/site/publish/web-features.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {

Modified: shiro/site/publish/web.html
URL: http://svn.apache.org/viewvc/shiro/site/publish/web.html?rev=1766119&r1=1766118&r2=1766119&view=diff
==============================================================================
--- shiro/site/publish/web.html (original)
+++ shiro/site/publish/web.html Fri Oct 21 20:08:00 2016
@@ -41,8 +41,13 @@
       <link rel="stylesheet" href="./assets/css/gh-pages/gh-fork-ribbon.ie.css" />
     <![endif]-->
 
+    <!-- syntax highlighting -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/styles/default.min.css" integrity="sha256-Zd1icfZ72UBmsId/mUcagrmN7IN5Qkrvh75ICHIQVTk=" crossorigin="anonymous" />
+    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.7.0/highlight.min.js" integrity="sha256-s63qpgPYoQk+wv3U6WZqioVJrwFNBTgD4dkeegLuwvo=" crossorigin="anonymous"></script>
+
     <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>
     <script type="text/javascript" src="./assets/js/jquery_googleanalytics/jquery.google-analytics.js"></script>
+    <script>hljs.initHighlightingOnLoad();</script>
     <script type="text/javascript">
         // initialize plugins
         jQuery(function() {
@@ -88,11 +93,11 @@
   <h3><a href="webapp-tutorial.html">Web App Tutorial</a></h3>
   <p>Step-by-step tutorial for securing a web application with Shiro. </br><span style="font-size:11"><a href="webapp-tutorial.html">Read More &gt;&gt;</a></span></p>
 	
-  <h3><a href="/session-management-features.html">Session Management</a></h3>
-  <p>Shiro enables sessions for any application environment. Learn more! </br><span style="font-size:11"><a href="/session-management-features.html">Read More &gt;&gt;</a></span></p>
+  <h3><a href="session-management-features.html">Session Management</a></h3>
+  <p>Shiro enables sessions for any application environment. Learn more! </br><span style="font-size:11"><a href="session-management-features.html">Read More &gt;&gt;</a></span></p>
 	
-  <h3><a href="//permissions.html">Permissions</a></h3>
-  <p>Learn more about Shiro's powerful and intuitive permission syntax. </br><span style="font-size:11"><a href="/permissions.html">Read More &gt;&gt;</a></span></p>
+  <h3><a href="permissions.html">Permissions</a></h3>
+  <p>Learn more about Shiro's powerful and intuitive permission syntax. </br><span style="font-size:11"><a href="permissions.html">Read More &gt;&gt;</a></span></p>
 	
   <h3><a href="java-authentication-guide.html">Java Authentication Guide</a></h3>
   <p>Learn how Authentication in Java is performed in Shiro. </br><span style="font-size:11"><a href="java-authentication-guide.html">Read More &gt;&gt;</a></span></p>	
@@ -110,7 +115,7 @@
 <p><a name="Web-configuration"></a></p>
 <h2><a name="Web-Configuration"></a>Configuration</h2>
 
-<p>The simplest way to integrate Shiro into any web application is to configure a Servlet ContextListener and Filter in web.xml that understands how to read Shiro's INI configuration.  The bulk of the INI config format itself is defined in the Configuration pages's <a href="configuration.html\#Configuration-INISections">INI Sections</a> section, but we'll cover some additional web-specific sections here.</p>
+<p>The simplest way to integrate Shiro into any web application is to configure a Servlet ContextListener and Filter in web.xml that understands how to read Shiro's INI configuration.  The bulk of the INI config format itself is defined in the Configuration pages's <a href="configuration.html#Configuration-INISections">INI Sections</a> section, but we'll cover some additional web-specific sections here.</p>
 
 <div class="panelMacro">
     <table class="infoMacro">
@@ -129,7 +134,7 @@
             <td colspan="1" rowspan="1">
                 <b>Using Spring?</b>
                 <br clear="none">
-                Spring Framework users will not perform this setup.  If you use Spring, you will want to read about <a href="spring.html\#Spring-WebApplications">Spring-specific web configuration</a> instead.
+                Spring Framework users will not perform this setup.  If you use Spring, you will want to read about <a href="spring.html#[[#]]#Spring-WebApplications">Spring-specific web configuration</a> instead.
             </td>
         </tr>
         </tbody>
@@ -234,10 +239,10 @@
 </pre>
 </div></div>
 
-<p>By default, the <tt>param-value</tt> is expected to be resolvable by the rules defined by <tt>ServletContext.</tt><tt><a class="external-link" href="http://download.oracle.com/javaee/6/api/javax/servlet/ServletContext.html\#getResource(java.lang.String)" rel="nofollow">getResource</a></tt> method.  For example, <tt>/WEB-INF/some/path/shiro.ini</tt>  </p>
+<p>By default, the <tt>param-value</tt> is expected to be resolvable by the rules defined by <tt>ServletContext.</tt><tt><a class="external-link" href="http://docs.oracle.com/javaee/6/api/javax/servlet/ServletContext.html#getResource(java.lang.String)" rel="nofollow">getResource</a></tt> method.  For example, <tt>/WEB-INF/some/path/shiro.ini</tt>  </p>
 
 <p>But you may also specify specific file-system, classpath or URL locations by using an appropriate resource prefix supported by Shiro's <a class="external-link" href="static/current/apidocs/org/apache/shiro/io/ResourceUtils.html">ResourceUtils class</a>, for example:</p>
-<ul><li><tt><a class="external-link" href="file:/home/foobar/myapp/shiro.ini" rel="nofollow">file:/home/foobar/myapp/shiro.ini</a></tt></li><li><tt>classpath:com/foo/bar/shiro.ini</tt></li><li><tt>url:<a class="external-link" href="http://confighost.mycompany.com/myapp/shiro.ini" rel="nofollow">http://confighost.mycompany.com/myapp/shiro.ini</a></tt></li></ul>
+<ul><li><tt>file:/home/foobar/myapp/shiro.ini</tt></li><li><tt>classpath:com/foo/bar/shiro.ini</tt></li><li><tt>url:http://confighost.mycompany.com/myapp/shiro.ini</tt></li></ul>
 
 
 <h4><a name="Web-Shiro1.1andearlier"></a>Shiro 1.1 and earlier</h4>
@@ -289,7 +294,7 @@
 </div></div>
 
 <p>Unqualified (schemeless or 'non-prefixed') <tt>configPath</tt> values are assumed to be <tt>ServletContext</tt> resource paths, resolvable via the rules defined by the<br clear="none">
-<tt>ServletContext.</tt><tt><a class="external-link" href="http://download.oracle.com/javaee/6/api/javax/servlet/ServletContext.html\#getResource(java.lang.String)" rel="nofollow">getResource</a></tt> method.</p>
+<tt>ServletContext.</tt><tt><a class="external-link" href="http://docs.oracle.com/javaee/6/api/javax/servlet/ServletContext.html#getResource(java.lang.String)" rel="nofollow">getResource</a></tt> method.</p>
 
 <div class="panelMacro">
     <table class="noteMacro">
@@ -408,7 +413,7 @@
 
 <p>This line states that "Any request to my application's path of <tt>/account</tt> or any of it's sub paths (<tt>/account/foo</tt>, <tt>/account/bar/baz</tt>, etc) will trigger the 'ssl, authc' filter chain".  We'll cover filter chains below.</p>
 
-<p>Note that all path expressions are relative to your application's context root.  This means that if you deploy your application one day to, say, <tt>www.somehost.com/myapp</tt> and then later deploy it to <tt>www.anotherhost.com</tt> (no 'myapp' sub-path), the pattern matching will still work.  All paths are relative to the <a class="external-link" href="http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpServletRequest.html\#getContextPath()" rel="nofollow">HttpServletRequest.getContextPath()</a> value.</p>
+<p>Note that all path expressions are relative to your application's context root.  This means that if you deploy your application one day to, say, <tt>www.somehost.com/myapp</tt> and then later deploy it to <tt>www.anotherhost.com</tt> (no 'myapp' sub-path), the pattern matching will still work.  All paths are relative to the <a class="external-link" href="http://docs.oracle.com/javaee/1.3/api/javax/servlet/http/HttpServletRequest.html#getContextPath()" rel="nofollow">HttpServletRequest.getContextPath()</a> value.</p>
 
 
 <div class="panelMacro">
@@ -627,7 +632,7 @@ securityManager.sessionManager = $sessio
 
 <h5><a name="Web-NativeSessionTimeout"></a>Native Session Timeout</h5>
 
-<p>After configuring the <tt>DefaultWebSessionManager</tt> instance, session timeout is configured as described in <a href="session-management.html\#SessionManagement-sessionTimeout">Session Management: Session Timeout</a></p>
+<p>After configuring the <tt>DefaultWebSessionManager</tt> instance, session timeout is configured as described in <a href="session-management.html#SessionManagement-sessionTimeout">Session Management: Session Timeout</a></p>
 
 <h5><a name="Web-SessionCookie"></a>Session Cookie</h5>
 
@@ -674,7 +679,7 @@ securityManager.sessionManager.sessionId
 
 <p>See the <a class="external-link" href="static/current/apidocs/org/apache/shiro/web/servlet/SimpleCookie.html">SimpleCookie JavaDoc</a> for additional properties.</p>
 
-<p>The cookie's default name is <tt>JSESSIONID</tt> in accordance with the servlet specification.  Additionally, Shiro's cookie supports the <tt><a class="external-link" href="http://en.wikipedia.org/wiki/HTTP_cookie#HttpOnly_cookie" rel="nofollow">HttpOnly</a></tt> flag.  The <tt>sessionIdCookie</tt> sets <tt>HttpOnly</tt> to <tt>true</tt> by default for extra security.</p>
+<p>The cookie's default name is <tt>JSESSIONID</tt> in accordance with the servlet specification.  Additionally, Shiro's cookie supports the <tt><a class="external-link" href="https://en.wikipedia.org/wiki/HTTP_cookie#HttpOnly_cookie" rel="nofollow">HttpOnly</a></tt> flag.  The <tt>sessionIdCookie</tt> sets <tt>HttpOnly</tt> to <tt>true</tt> by default for extra security.</p>
 
 <div class="panelMacro">
     <table class="infoMacro">
@@ -924,7 +929,7 @@ securityManager.rememberMeManager = $rem
 <a name="Web-principaltag"></a></p>
 <h3><a name="Web-The%7B%7Bprincipal%7D%7Dtag"></a>The <tt>principal</tt> tag</h3>
 
-<p>The <tt>principal</tt> tag will output the Subject's <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#getPrincipal()">principal</a></tt> (identifying attribute) or a property of that principal.</p>
+<p>The <tt>principal</tt> tag will output the Subject's <tt><a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#getPrincipal()">principal</a></tt> (identifying attribute) or a property of that principal.</p>
 
 <p>Without any tag attributes, the tag will render the <tt>toString()</tt> value of the principal.  For example (assuming the principal is a String username):</p>
 
@@ -944,7 +949,7 @@ Hello, <span class="code-tag">&lt;%= Sec
 
 <h4><a name="Web-Typedprincipal"></a>Typed principal</h4>
 
-<p>The <tt>principal</tt> tag assumes by default that the principal to print is the <tt>subject.getPrincipal()</tt> value.  But if you wanted to print a value that is <em>not</em> the primary principal, but another in the Subject's {<a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html\#getPrincipals()">principal collection</a>, you can acquire that principal by type and print that value instead.</p>
+<p>The <tt>principal</tt> tag assumes by default that the principal to print is the <tt>subject.getPrincipal()</tt> value.  But if you wanted to print a value that is <em>not</em> the primary principal, but another in the Subject's {<a class="external-link" href="static/current/apidocs/org/apache/shiro/subject/Subject.html#getPrincipals()">principal collection</a>, you can acquire that principal by type and print that value instead.</p>
 
 <p>For example, printing the Subject's user ID (and not the username), assuming the ID was in the principal collection:</p>
 



Mime
View raw message