1. The three core components of Apache Shiro:
1. Subject: the operation of the current user
2. SecurityManager: used to manage all Subjects
3. Realms: used to verify permission information
Subject: the current user. In the application of permission management, it is often necessary to know who can operate what and who has the right to operate the program. In Shiro, the basic current user information needs to be provided through the Subject. The Subject not only represents a certain user , or a third-party process, a Daemon Account, or something similar.
SecurityManager: That is, the manager of all Subjects. This is the core component of the Shiro framework. It can be regarded as a global management component of the Shiro framework for scheduling various Shiro framework services.
Realms: Realms is the user's information authenticator and the user's permission witness. We need to implement Realms by ourselves to customize and manage the permission rules within our own system.
2、Authentication 和 Authorization
In shiro's user authorization authentication process, it is implemented by two methods:
1. Authentication: It is the process of verifying the identity of the user.
2. Authorization: It is an authorization access control, which is used to authorize the user's operations with witnesses to prove whether the user is allowed to perform the current operation, such as accessing a link, a resource file, etc.
3. Other components:
In addition to the above components, Shiro has several other components:
1. SessionManager: Shiro provides a session programming paradigm for any application.
2. CacheManager: Provides cache support for other Shiro components.
4. Shiro complete architecture diagram:
