Apache Shiro
Encyclopedia
Apache Shiro is an open source software security framework that performs authentication
, authorization
, cryptography
and session management
. Shiro has been designed to be an intuitive and easy-to-use framework while still providing robust security features.
. Between 2004 and 2008, JSecurity was hosted on SourceForge
and its committer list grew to include Peter Ledbrook, Alan Ditzel, Tim Veil.
In 2008, JSecurity project was submitted to the Apache Software Foundation
(ASF) and accepted into their Incubator Program
to be stewarded by mentors in order to become a top level Apache Project. Under the ASF's Incubator, Jsecurity was renamed Ki and shortly later renamed Shiro by the community because of trademark concerns. Shiro means castle in Japanese
The project continued to grow while in the Apache Incubator, adding Kalle Korhonen as a project committer. And in July 2010, the Shiro community released its official version 1.0, marking a period of stability in the code base. Following the release of version 1.0, the Shiro community created a Project Management Committee and elected Les Hazlewood as its chair. On September 22, 2010, Shiro became a Top Level Project (TLP) in the Apache Software Foundation.
The project continues to grow.
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
, authorization
Authorization
Authorization is the function of specifying access rights to resources, which is related to information security and computer security in general and to access control in particular. More formally, "to authorize" is to define access policy...
, cryptography
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
and session management
Session management
In human-computer interaction, session management is the process of keeping track of a user's activity across sessions of interaction with the computer system....
. Shiro has been designed to be an intuitive and easy-to-use framework while still providing robust security features.
History
Shiro's predecessor, JSecurity, was founded in 2004 by Les Hazlewood and Jeremy Haile because they could not find a suitable Java security frameworks that operated well at the application level and they were frustrated with JAASJava Authentication and Authorization Service
Java Authentication and Authorization Service, or JAAS, pronounced "Jazz", is a Java security framework for user-centric security to augment the Java code-based security...
. Between 2004 and 2008, JSecurity was hosted on SourceForge
SourceForge
SourceForge Enterprise Edition is a collaborative revision control and software development management system. It provides a front-end to a range of software development lifecycle services and integrates with a number of free software / open source software applications .While originally itself...
and its committer list grew to include Peter Ledbrook, Alan Ditzel, Tim Veil.
In 2008, JSecurity project was submitted to the Apache Software Foundation
Apache Software Foundation
The Apache Software Foundation is a non-profit corporation to support Apache software projects, including the Apache HTTP Server. The ASF was formed from the Apache Group and incorporated in Delaware, U.S., in June 1999.The Apache Software Foundation is a decentralized community of developers...
(ASF) and accepted into their Incubator Program
Apache Incubator
Apache Incubator is the gateway for Open source projects intended to become fully fledged Apache Software Foundation projects.The Incubator project was created in October 2002 to provide an entry path to the Apache Software Foundation for projects and codebases wishing to become part of the...
to be stewarded by mentors in order to become a top level Apache Project. Under the ASF's Incubator, Jsecurity was renamed Ki and shortly later renamed Shiro by the community because of trademark concerns. Shiro means castle in Japanese
The project continued to grow while in the Apache Incubator, adding Kalle Korhonen as a project committer. And in July 2010, the Shiro community released its official version 1.0, marking a period of stability in the code base. Following the release of version 1.0, the Shiro community created a Project Management Committee and elected Les Hazlewood as its chair. On September 22, 2010, Shiro became a Top Level Project (TLP) in the Apache Software Foundation.
The project continues to grow.
See also
- Application securityApplication securityApplication security encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system through flaws in the design, development, deployment, upgrade, or maintenance of the application.Applications only...
- Java Authentication and Authorization ServiceJava Authentication and Authorization ServiceJava Authentication and Authorization Service, or JAAS, pronounced "Jazz", is a Java security framework for user-centric security to augment the Java code-based security...
(JAAS) - Enterprise JavaBean#Security EJB Container-Managed Security
- JGuard, an LGPL-licensed security framework
- Spring Security, an Apache-licensed Java security framework