BT

Pairing Apache Shiro and Java EE 7

by Nebrass Lamouchi on May 30, 2016

About the Author

​Nebrass Lamouchi is a Java Developer & an OWASP Project Leader. He lives and works in Paris. He is a Java technology enthusiast, trainer and speaker. Recently, Nebrass joined the NetBeans Dream Team. He is the co-founder of the NetBeans Day France. He has been working on many projects, in many sectors, including Business Management, Petroleum, Banking, Medical & healthcare and Defence & Space. He holds an M.Sc in Information Systems Security from ISG Tunis, Tunisia. His twitter account.

 

When securing systems, two elements of security are important: authentication and authorization. Though the two terms mean different things, they are sometimes used interchangeably because of their respective roles in application security.

Get started with the fundamentals of web authentication and authorization using Apache Shiro Framework.

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.

Learn how to use Shiro in a JavaEE7 application and how to use it in a web application.

This book will help you find out what Shiro actually is, and will help you to secure your Java EE project from scratch and to understand the security philosophy.

You will learn the big picture and how to set up Apache Shiro, which will give you a better understanding of the fundamentals of the framework. You will be introduced to the authentication and authorization flows and the different possible models of security.

You will get everything you need to start with Shiro immediately with just essential information.

Free download

Table of contents

  • Preface
    • What is in an InfoQ mini-book?
    • Who this book is for 
    • What you need for this book
    • Conventions
    • Reader feedback
  • Introduction
    • Personal case
    • Professional experience
    • Motivation for writing this tutorial 
  • The Shiro Philosophy
    • What is Shiro?
    • Plan of the castle
    • Why not JAAS or Spring Security ?
  • Sample Technology Stack
    • Technologies
    • Apache Shiro
    • Java EE 7
    • Payara Server
    • NetBeans IDE
  • The Tutorial
    • Step 1: The project
    • Step 2: JPA entities
    • Step 3: Apache Shiro prime view
    • Step 4: Shiro: Getting serious
    • Step 5: Exposing Shiro operations as REST services 
  • What’s Next?
    • How to consume Shiro’s web services
    • What can you add to the implementation? 
    • Recommendations
  • Do It Now!
    • Additional reading
General Feedback
Bugs
Advertising
Editorial
Marketing
InfoQ.com and all content copyright © 2006-2016 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT

We notice you're using an ad blocker

We understand why you use ad blockers. However to keep InfoQ free we need your support. InfoQ will not provide your data to third parties without individual opt-in consent. We only work with advertisers relevant to our readers. Please consider whitelisting us.