Shiro550 post vulnerability WP (verify + exploit + rebound shell)

Shiro550, as a classic loophole of HW in 2020, has attracted countless heroes to bow downIn that year's competition, many students won the core targets and difficult targets all over the country through 550. They benefited a lot from their participation, both in attack and defenseAlthough it is a local test WP written two years ago, the vulnera ...

Posted by Allan- on Thu, 10 Mar 2022 10:47:23 +0100

[ruoyi] learning notes on open source framework 02 - Shiro permission framework

data According to the document introductionShiro official documents ↑ the link of Shiro document is an official introduction to the quick start. In fact, it will be easier to understand ruoyi's document about the integration of the framework. If according to the structure 1. Security Manager The Subject body represents the ...

Posted by bk6662 on Fri, 18 Feb 2022 13:16:29 +0100

Spring Boot -- Integrated Shiro framework

Spring Boot -- Integrated Shiro framework 1. Introduction to Shiro 1.1. What is Shiro Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, password and session management, Web integration, caching, etc. At present, more and more people use Apache Shiro because it is quite simple. ...

Posted by ywickham on Mon, 31 Jan 2022 05:32:52 +0100

Use of shiro in spring boot

Shiro I Shiro permissions What is permission control: Ignore particularly detailed concepts. For example, permissions can be subdivided into many types, such as function permissions, data permissions, management permissions, etcUnderstand two concepts: user and resource, so that the specified user can only operate the specified resource (C ...

Posted by Bobo the Bugbear on Wed, 26 Jan 2022 12:46:48 +0100

shiro and Spring Boot integration (learning notes)

What is Shiro Official website: http://shiro.apache.org/ It is a mainstream Java security framework that does not rely on any container and can run in Java SE and Java EE Projects. Its main function is to authenticate, authorize, session management, encryption and other operations for users accessing the system. Shiro is a systematic framewo ...

Posted by cypher235 on Mon, 24 Jan 2022 22:41:11 +0100

Shiro integrates the actual combat of SpringBoot project

6. Integrate SpringBoot project practice 6.0 integration ideas 6.1 creating a springboot project 6.2 introducing shiro dependency <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring-boot-starter</artifactId> <version>1.5.3</version> </dependency> 6.3 confi ...

Posted by mattmate on Sat, 22 Jan 2022 07:31:13 +0100

[Shiro]5. Integrating Redis to realize caching

In the actual development of front-end and back-end, we will use annotations to control permissions. When performing authentication or authorization operations, Shiro will query the identity or permission information in the DB. It is known that identity information and authority information will not change frequently and are very complex. If ma ...

Posted by everisk on Wed, 19 Jan 2022 05:29:28 +0100

springboot integrates shiro security authentication framework

First, build a simple test environment Build a springboot projectDependency is introduced, mainly web starter shiro (security authentication) and thymeleaf (simple page construction). There is no data layer query, so database related is not introduced. <dependencies> <dependency> <groupId>org.springfram ...

Posted by khaitan_anuj on Tue, 04 Jan 2022 08:59:36 +0100

shiro's basic knowledge reserve -- authorization process

Authorization Basics 1. Concept Authorization is access control, which controls who can access which resources. After identity authentication, the principal needs to allocate permissions to access system resources. Some resources cannot be accessed without permissions. 2. Key objects Who performs How operation on what ": Who: the subj ...

Posted by reto on Tue, 04 Jan 2022 04:05:53 +0100

File upload and download case based on SpringBoot and Mybatis

File upload and download case based on SpringBoot and Mybatis This case is based on the actual combat of the [bad programmer] enterprise file upload and download project based on SpringBoot and Mybatis. BiliBili link: https://www.bilibili.com/video/BV1764y1u7gn?p=1 Effect achieved 1. Users need to log in first. We use shiro authentication to ...

Posted by crazytigger on Fri, 24 Dec 2021 10:37:32 +0100