shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bdem...@apache.org
Subject shiro-site git commit: Update java-authentication-guide.md.vtl
Date Tue, 22 Nov 2016 15:07:12 GMT
Repository: shiro-site
Updated Branches:
  refs/heads/master 9935ed5b5 -> cc367deac


Update java-authentication-guide.md.vtl

Project: http://git-wip-us.apache.org/repos/asf/shiro-site/repo
Commit: http://git-wip-us.apache.org/repos/asf/shiro-site/commit/cc367dea
Tree: http://git-wip-us.apache.org/repos/asf/shiro-site/tree/cc367dea
Diff: http://git-wip-us.apache.org/repos/asf/shiro-site/diff/cc367dea

Branch: refs/heads/master
Commit: cc367deac4332c98ed3b45b06eb6a87b38bea5f8
Parents: 9935ed5
Author: JaapD <githubjaap@tsbd.nl>
Authored: Tue Nov 22 15:40:51 2016 +0100
Committer: GitHub <noreply@github.com>
Committed: Tue Nov 22 15:40:51 2016 +0100

----------------------------------------------------------------------
 java-authentication-guide.md.vtl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/shiro-site/blob/cc367dea/java-authentication-guide.md.vtl
----------------------------------------------------------------------
diff --git a/java-authentication-guide.md.vtl b/java-authentication-guide.md.vtl
index 056f784..4409553 100644
--- a/java-authentication-guide.md.vtl
+++ b/java-authentication-guide.md.vtl
@@ -123,7 +123,7 @@ So although many parts of the application can still perform user-specific
logic
 
 For example, a check to see if a subject can access financial information should almost always
depend on `isAuthenticated()`, not `isRemembered()`, to guarantee a verified identity.
 
-He is a scenario to help illustrate why the the distinction between isAuthenticated and isRemembered
is important.
+Here is a scenario to help illustrate why the the distinction between isAuthenticated and
isRemembered is important.
 
 Let's say you're using Amazon.com. You log in and you add some books to your shopping cart.
A day goes by. Of course your user session has expired and you've been logged out. But Amazon
"remembers" you, greets you by name, and is still giving you personalized book recommendations.
To Amazon, `isRemembered()` would return `TRUE`. What happens if you try to use one of the
credit cards on file or change your account information? While Amazon "remembers" you, `isRemembered()
= TRUE`, it is not certain that you are in fact you, `isAuthenticated()=FALSE`. So before
you can perform a sensitive action Amazon needs to verify your identity by forcing an authentication
process which it does through a login screen. After the login, your identity has been verified
and `isAuthenticated()=TRUE`.
 


Mime
View raw message