Shiro with this blog you understand the overall architecture, the role of each part.
Shiro overall architecture
Upper layer portion: the " operation by the user (body) ."
Middle section:
Security Manager (Manager) : is the core of Shiro, Shiro provide security services through the Security Manager.
Authenticator : Authenticator, management Login Logout.
The Authorizer : Authorization is granted to a principal authority.
Manager Session : Session Manager, Shiro himself to achieve a set of Session management mechanism, it can make use of the Web container to achieve Session.
DAO Session : Session realized the operation, mainly CRUD.
CacheManager : Cache Manager, the role of the data cache data and permissions.
Realms Pluggable : is a bridge between the database and the data source. Shiro obtain authentication information, data rights, the role of data to get through the Realms.
Cryptography : encryption is used to do, to achieve very fast data encryption .
Lower part: a data source (database) .
Authenticator (authenticator) How authentication:
operating the user (subject) to submit a request to the Security Manager calls Authenticator to authenticate, Authenticator to acquire authentication information Pluggable Realms, Pluggable Realms is the authentication information from the following data sources (database) to acquired then the authentication data from the authentication information submitted over the principal database and retrieved through Pluggable Realms do comparison.
Authorizer (authorizer) How to authorize:
general and authentication operations, just as to acquire permission data, character data from the following data source (database) by Pluggable Realms.