Shiro550, as a classic loophole of HW in 2020, has attracted countless heroes to bow downIn that year's competition, many students won the core targets and difficult targets all over the country through 550. They benefited a lot from their participation, both in attack and defenseAlthough it is a local test WP written two years ago, the vulnera ...
Posted by Allan- on Thu, 10 Mar 2022 10:47:23 +0100
According to the document introductionShiro official documents
↑ the link of Shiro document is an official introduction to the quick start. In fact, it will be easier to understand ruoyi's document about the integration of the framework.
If according to the structure
1. Security Manager
The Subject body represents the ...
Posted by bk6662 on Fri, 18 Feb 2022 13:16:29 +0100
Spring Boot -- Integrated Shiro framework
1. Introduction to Shiro
1.1. What is Shiro
Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, password and session management, Web integration, caching, etc. At present, more and more people use Apache Shiro because it is quite simple. ...
Posted by ywickham on Mon, 31 Jan 2022 05:32:52 +0100
I Shiro permissions
What is permission control:
Ignore particularly detailed concepts. For example, permissions can be subdivided into many types, such as function permissions, data permissions, management permissions, etcUnderstand two concepts: user and resource, so that the specified user can only operate the specified resource (C ...
Posted by Bobo the Bugbear on Wed, 26 Jan 2022 12:46:48 +0100
What is Shiro
Official website: http://shiro.apache.org/
It is a mainstream Java security framework that does not rely on any container and can run in Java SE and Java EE Projects. Its main function is to authenticate, authorize, session management, encryption and other operations for users accessing the system.
Shiro is a systematic framewo ...
Posted by cypher235 on Mon, 24 Jan 2022 22:41:11 +0100
In the actual development of front-end and back-end, we will use annotations to control permissions. When performing authentication or authorization operations, Shiro will query the identity or permission information in the DB. It is known that identity information and authority information will not change frequently and are very complex. If ma ...
Posted by everisk on Wed, 19 Jan 2022 05:29:28 +0100
First, build a simple test environment
Build a springboot projectDependency is introduced, mainly web starter shiro (security authentication) and thymeleaf (simple page construction). There is no data layer query, so database related is not introduced.
Posted by khaitan_anuj on Tue, 04 Jan 2022 08:59:36 +0100
Authorization is access control, which controls who can access which resources. After identity authentication, the principal needs to allocate permissions to access system resources. Some resources cannot be accessed without permissions.
2. Key objects
Who performs How operation on what ":
Who: the subj ...
File upload and download case based on SpringBoot and Mybatis
This case is based on the actual combat of the [bad programmer] enterprise file upload and download project based on SpringBoot and Mybatis. BiliBili link: https://www.bilibili.com/video/BV1764y1u7gn?p=1
1. Users need to log in first. We use shiro authentication to ...
Posted by crazytigger on Fri, 24 Dec 2021 10:37:32 +0100