Skip to main content

Home/ SoftwareEngineering/ Group items tagged security

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

[#SHIRO-337] adding support for CDI - ASF JIRA - 0 views

issues.apache.org/...SHIRO-337

Shiro security CDI annotation interceptor integration ApacheShiro

shared by kuni katsuya on 29 Aug 12 - No Cached
  • Shiro SHIRO-337 adding support for CDI
    • kuni katsuya
      kuni katsuya on 03 Sep 12
       
      see attached patches until they're rolled into an official shiro release
kuni katsuya

Seam Framework - Home - 0 views

seamframework.org/...Home

JBoss Seam Weld CDI ApacheDeltaSpike

shared by kuni katsuya on 01 Sep 12 - No Cached
  • How do Seam, Weld and CDI relate to each other?
  • CDI is a JCP specification included in Java EE Weld is the reference implementation of CDI Seam 3 is a set of modules which extend CDI to provide functionality beyond that offered by Java EE 6
  • Seam 3 is a superset of JSR-299
  • ...6 more annotations...
  • Think of JSR-299 as the core of Seam 3 - it's the basic programming model for your application components, and for the built-in components that make up the Seam framework
  • Seam 3 is implemented as a set of portable extensions, or modules
  • run in any environment which supports JSR-299 (including any Java EE 6 environment).
  • BPM integration, Seam Security, Drools integration, RESTeasy integration, PDF and email templates, Excel generation, etc
  • 2.0.0.Final End of 2012 Full specification compliance
  • Weld 2
kuni katsuya

JdbcRealm (Apache Shiro :: Core 1.1.0 API) - 0 views

127.0.0.1/...JdbcRealm.html

security ApacheShiro Realm JdbcRealm

shared by kuni katsuya on 03 Sep 12 - No Cached
  • Class JdbcRealm
  • Realm that allows authentication and authorization via JDBC calls
  • subclassed and the appropriate methods overridden. (usually doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken), getRoleNamesForUser(java.sql.Connection,String), and/or getPermissions(java.sql.Connection,String,java.util.Collection)
kuni katsuya

RolePermissionResolver (Apache Shiro :: Core 1.1.0 API) - 0 views

127.0.0.1/...RolePermissionResolver.html

security ApacheShiro Role Permission RolePermissionResolver

shared by kuni katsuya on 03 Sep 12 - No Cached
  • Interface RolePermissionResolver
  • RolePermissionResolver resolves a String value and converts it into a Collection of Permission instances
  • resolve the roles into permissions
    • kuni katsuya
      kuni katsuya on 03 Sep 12
       
      Role is just a collection of Permissions
kuni katsuya

AuthorizingRealm (Apache Shiro :: Core 1.1.0 API) - 0 views

127.0.0.1/...AuthorizingRealm.html

security ApacheShiro Realm AuthorizingRealm authorization

shared by kuni katsuya on 03 Sep 12 - No Cached
  • Class AuthorizingRealm
  • An AuthorizingRealm extends the AuthenticatingRealm's capabilities by adding Authorization (access control) support
  • perform all role and permission checks automatically (and subclasses do not have to write this logic) as long as the getAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection) method returns an AuthorizationInfo
  • ...3 more annotations...
  • AuthorizationInfo getAuthorizationInfo(PrincipalCollection principals)
  • Returns an account's authorization-specific information for the specified principals, or null if no account could be found
  • automatically perform access control checks for the corresponding Subject
kuni katsuya

AuthorizationInfo (Apache Shiro :: Core 1.1.0 API) - 0 views

127.0.0.1/...AuthorizationInfo.html

security ApacheShiro authorization AuthorizationInfo

shared by kuni katsuya on 03 Sep 12 - No Cached
  • Interface AuthorizationInfo
  • AuthorizationInfo represents a single Subject's stored authorization data (roles, permissions, etc) used during authorization (access control) checks only
  • Roles are represented as a Collection of Strings (Collection<String>)
  • ...3 more annotations...
  • Permissions are provided in two ways: A Collection of Strings, where each String can usually be converted into Permission objects by a Realm's PermissionResolver A Collection of Permission objects
  • most Realms store both sets of data for a Subject
  • a Realm implementation to utilize an implementation of the Account interface instead, which is a convenience interface that combines both AuthenticationInfo and AuthorizationInfo
kuni katsuya

AuthenticationInfo (Apache Shiro :: Core 1.1.0 API) - 0 views

127.0.0.1/...AuthenticationInfo.html

security ApacheShiro authentication AuthenticationInfo

shared by kuni katsuya on 03 Sep 12 - No Cached
  • Interface AuthenticationInfo
  • AuthenticationInfo represents a Subject's (aka user's) stored account information relevant to the authentication
  • difference between this interface and the AuthenticationToken interface.
  • ...7 more annotations...
  • AuthenticationToken
  • represents data submitted for any given login attempt
  • AuthenticationInfo
  • implementations represent already-verified and stored account data
  • Since Shiro sometimes logs authentication operations, please
  • ensure your AuthenticationInfo's toString() implementation does not print out account credentials (password, etc)
  • as these might be viewable to someone reading your logs
kuni katsuya

[Shiro-user] permission everything but this item - Grokbase - 0 views

grokbase.com/...ssion-everything-but-this-item

security ApacheShiro authorization NegativePermission AllowDeny

shared by kuni katsuya on 04 Sep 12 - No Cached
  • No, 'negative' permissions are not supported out of the box due to thecomplexity and performance hit it would probably incur
kuni katsuya

AuthenticationToken (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...AuthenticationToken.html

ApacheShiro security authentication token AuthenticationToken UsernamePasswordToken

shared by kuni katsuya on 03 Sep 12 - No Cached
  • If your application's authentication process is username/password based (like most), instead of implementing this interface yourself, take a look at the UsernamePasswordToken class, as it is probably sufficient for your needs.
  • kuni katsuya on 03 Sep 12
     
    "If your application's authentication process is username/password based (like most), instead of implementing this interface yourself, take a look at the UsernamePasswordToken class, as it is probably sufficient for your need"
kuni katsuya

UsernamePasswordToken (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...UsernamePasswordToken.html

ApacheShiro security authentication token AuthenticationToken UsernamePasswordToken

shared by kuni katsuya on 03 Sep 12 - No Cached
  • UsernamePasswordToken
  • HostAuthenticationToken interface to retain the host name or IP address location from where the authentication attempt is occuring.
  • A simple username/password authentication token to support the most widely-used authentication mechanism
kuni katsuya

JdbcRealm (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...JdbcRealm.html

ApacheShiro security jdbc authentication authorization JdbcRealm javadoc

shared by kuni katsuya on 03 Sep 12 - No Cached
  • JdbcRealm
  • Realm that allows authentication and authorization via JDBC calls
  • this class can be subclassed and the appropriate methods overridden. (usually doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken), getRoleNamesForUser(java.sql.Connection,String), and/or getPermissions(java.sql.Connection,String,java.util.Collection)
kuni katsuya

AuthorizationInfo (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...AuthorizationInfo.html

security ApacheShiro authorization AuthorizationInfo

shared by kuni katsuya on 09 Sep 12 - No Cached
  • AuthorizationInfo
  • represents a single Subject's stored authorization data (roles, permissions, etc)
  • Roles are represented as a Collection of Strings
  • ...4 more annotations...
  • Permissions are provided in two ways:
  • Collection of Strings
  • Collection of Permission objects
  • represent the total aggregate collection of permissions
« First ‹ Previous 101 - 120 of 148 Next › Last »
Showing 20 items per page