Group items tagged

"Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro's easy-to-understand API, you can quickly and easily secure any application - from the smallest mobile applications to the largest web and enterprise applications. We recommend you start with the 10 Minute Tutorial which gives you a feel for Shiro and its API. Then feel free to get started using Shiro in your own applications."

Apache Shiro (pronounced "shee-roh", the Japanese word for 'castle') is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management and can be used to secure any application - from the command line applications, mobile applications to the largest web and enterprise applications. Shiro provides the application security API to perform the following aspects (I like to call these the 4 cornerstones of application security): Authentication - proving user identity, often called user 'login'. Authorization - access control Cryptography - protecting or hiding data from prying eyes Session Management - per-user time-sensitive state Shiro also supports some auxiliary features, such as web application security, unit testing, and multithreading support, but these exist to reinforce the above four primary concerns.