From 99052f52e10648a0a0e9d0f31de92bb18cd76a3a Mon Sep 17 00:00:00 2001 From: Brian Demers Date: Mon, 24 Oct 2016 22:01:53 -0400 Subject: [PATCH] Cleaned up news.html removing extra tags, so it will be easier to style soon. --- developers.md | 4 + news.html | 398 ++++++++++++++++++-------------------------------- 2 files changed, 144 insertions(+), 258 deletions(-) diff --git a/developers.md b/developers.md index 8b2beaed2e..1b6117ce95 100644 --- a/developers.md +++ b/developers.md @@ -16,6 +16,10 @@ Version 2 has no timeline yet, but if you're interested in seeing what the major ##Website +**NOTE:** This section is out of date. The site is basically just markdown, and you can edit / pull request via Github via the links at the bottom of the page. + +More on this soon! + The Shiro website is automatically generated based on the content maintained in the [Apache Shiro Confluence Wiki Space](https://cwiki.apache.org/confluence/display/SHIRO), with a few notable exceptions that we'll cover in a bit. Here's how it works: 1. Shiro committers and approved contributors modify the Confluence wiki pages as necessary. The left navigation panel is controlled by the [Navigation wiki page](https://cwiki.apache.org/confluence/display/SHIRO/Navigation). diff --git a/news.html b/news.html index a1c1df6a83..fe5b1273a9 100644 --- a/news.html +++ b/news.html @@ -1,21 +1,8 @@ -

Apache Shiro News

Stay up to date with the latest news on the Apache Shiro Security Framework

- - - - - Release binaries (.jars) are also available through Maven Central and source bundles through Apache distribution mirrors. For more information on Shiro, please read the documentation. @@ -27,11 +14,10 @@

Apache Shiro News

- Apache Shiro 1.3.1 Released
-
+

The Shiro team is pleased to announce the release of Apache Shiro version 1.3.1. This is a bug fix release for 1.3.x.

This release includes 2 issues resolved since the 1.3.0 release and is available for Download now.

@@ -49,11 +35,10 @@

Apache Shiro News

- Apache Shiro 1.3.0 Released
-
+

The Shiro team is pleased to announce the release of Apache Shiro version 1.3.0. This is a feature release for 1.3.x.

This release includes 26 issues resolved since the 1.2.6 release and is available for Download now.

@@ -70,11 +55,10 @@

Apache Shiro News

- Apache Shiro 1.2.6 Released
-
+

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.6. This is a bug fix release for 1.2.x.

This release includes 2 bug fixes since the 1.2.5 release and is available for Download now.

@@ -92,11 +76,10 @@

Apache Shiro News

- Apache Shiro 1.2.5 Released
-
+

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.5. This is a bug fix release for 1.2.x.

This release includes 7 bug fixes since the 1.2.4 release and is available for Download now.

@@ -113,11 +96,10 @@

Apache Shiro News

- Apache Shiro 1.2.4 Released
-
+

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.4. This is a bug fix release for 1.2.x.

This release includes 5 bug fixes since the 1.2.3 release and is available for Download now.

@@ -134,17 +116,11 @@

Apache Shiro News

- - - - - -
Les Hazlewood posted on May 30, 2013
Apache Shiro 1.2.2 Released - +
Les Hazlewood posted on May 30, 2013
-
+

Dear Apache Shiro Community,

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.2. This is the second bug fix point release after 1.2.0.

@@ -162,372 +138,278 @@

Apache Shiro News

-
- - - - - -
Les Hazlewood posted on Jul 29, 2012
- Apache Shiro 1.2.1 Released - -
+
+ Apache Shiro 1.2.1 Released +
Les Hazlewood posted on Jul 29, 2012
+ +
-
+

Dear Apache Shiro Community,

-

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.1. This is the first bug fix point release after 1.2.0.

+

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.1. This is the first bug fix point release after 1.2.0.

-

This release includes 11 bug fixes since the 1.2.0 release and is available for Download now.

+

This release includes 11 bug fixes since the 1.2.0 release and is available for Download now.

-

All binaries (.jars) are available in Maven Central already. Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.

+

All binaries (.jars) are available in Maven Central already. Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.

-

For more information on Shiro 1.2, please read the "What's new in Apache Shiro 1.2?" article or the previous 1.2 release announcement.

+

For more information on Shiro 1.2, please read the "What's new in Apache Shiro 1.2?" article or the previous 1.2 release announcement.

-

Enjoy!

+

Enjoy!

-

The Apache Shiro Team

-
+

The Apache Shiro Team

+
-
- - - - - -
Les Hazlewood posted on Mar 13, 2012
- What's New in Apache Shiro 1.2? - -
+
+ What's New in Apache Shiro 1.2? +
Les Hazlewood posted on Mar 13, 2012
+
-
+

Here's an article covering some of the main features and enhancements in Apache Shiro 1.2:

-

https://stormpath.com/blog/whats-new-apache-shiro-12

-
+

https://stormpath.com/blog/whats-new-apache-shiro-12

+
-
- - - - - -
Les Hazlewood posted on Jan 24, 2012
- Apache Shiro 1.2.0 Released! - -
- -
-

Dear Apache Shiro Community,

-

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.0!

+ Apache Shiro 1.2.0 Released! +
Les Hazlewood posted on Jan 24, 2012
-

This release includes a number of bug fixes and new features since the 1.1.0 release.  The 1.2.0 release is available from the Download page.

+ +
+

Dear Apache Shiro Community,

-

All binaries (.jars) are available in Maven Central already.  Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet.  If a mirror download link does not work, please try another or wait another 12 to 24 hours.

+

The Shiro team is pleased to announce the release of Apache Shiro version 1.2.0!

-

New Features

+

This release includes a number of bug fixes and new features since the 1.1.0 release.  The 1.2.0 release is available from the Download page.

-
  • The ability to disable sessions per filter chain or entirely for an application.
  • Servlet Context Listener initialization in web apps (to allow components to utilize Shiro before Filter initialization)
  • A command line program to securely hash passwords (or any url, file or stream input for that matter).
  • New secure password hash formats that adhere to Modular Crypt Format conventions.  These secure password hashes can be computed with the above named command line program and saved in text config (e.g. shiro.ini) directly.  Plaintext passwords should never be stored.  For those familiar with the Apache HTTPD passwd program, this achieves the same benefits.
  • A new LogoutFilter, as many apps don't need to show a view during logout (just logout and redirect to some known location).
  • Shiro filters can be enabled or disabled without removing them from the filter chain - useful in development (e.g. turn ssl requirement off in dev, but keep it on in production).
  • A lot of work has gone into making secure password hash storage and comparison a much simpler task in Shiro, focused around the new concept of a PasswordService.  You can use a PasswordService directly in your application code to hash passwords securely.  You can then configure a PasswordMatcher on your Realm(s) to use the same PasswordService for password comparisons.  See the PasswordService JavaDoc for example .ini configuration: - -
+

All binaries (.jars) are available in Maven Central already.  Please note that the Apache mirrors are still updating to reflect the source distribution, but some mirrors may not be updated yet.  If a mirror download link does not work, please try another or wait another 12 to 24 hours.

+

New Features

-

More complete PasswordService and related config documentation will be added to the Shiro website in the next few days - it was better to release now for the many who are waiting on the release, and follow up with this part of the documentation shortly.

-
  • Three new 'support' modules: -
    • Apache Karaf features (shiro-features-1.2.0.jar)
    • Google Guice: guice.html
    • Jasig CAS: cas.html
    -
+
  • The ability to disable sessions per filter chain or entirely for an application.
  • Servlet Context Listener initialization in web apps (to allow components to utilize Shiro before Filter initialization)
  • A command line program to securely hash passwords (or any url, file or stream input for that matter).
  • New secure password hash formats that adhere to Modular Crypt Format conventions.  These secure password hashes can be computed with the above named command line program and saved in text config (e.g. shiro.ini) directly.  Plaintext passwords should never be stored.  For those familiar with the Apache HTTPD passwd program, this achieves the same benefits.
  • A new LogoutFilter, as many apps don't need to show a view during logout (just logout and redirect to some known location).
  • Shiro filters can be enabled or disabled without removing them from the filter chain - useful in development (e.g. turn ssl requirement off in dev, but keep it on in production).
  • A lot of work has gone into making secure password hash storage and comparison a much simpler task in Shiro, focused around the new concept of a PasswordService.  You can use a PasswordService directly in your application code to hash passwords securely.  You can then configure a PasswordMatcher on your Realm(s) to use the same PasswordService for password comparisons.  See the PasswordService JavaDoc for example .ini configuration: + +
-

And even more new features!  See the 'Resolved Issues' below for a complete list.

+

More complete PasswordService and related config documentation will be added to the Shiro website in the next few days - it was better to release now for the many who are waiting on the release, and follow up with this part of the documentation shortly.

+
  • Three new 'support' modules: +
    • Apache Karaf features (shiro-features-1.2.0.jar)
    • Google Guice: guice.html
    • Jasig CAS: cas.html
    +
-

Backwards-incompatible or potential breaking changes

-

There are only a few small cases where breakage could occur - please view the release notes to ensure you mitigate any potential breaking change - particularly if you are using the SecureRandomNumberGenerator
-or Shiro's Block Cipher Services (AES, Blowfish):

+

And even more new features!  See the 'Resolved Issues' below for a complete list.

-

https://raw.githubusercontent.com/apache/shiro/shiro-root-1.2.0/RELEASE-NOTES

+

Backwards-incompatible or potential breaking changes

-

Resolved Issues

+

There are only a few small cases where breakage could occur - please view the release notes to ensure you mitigate any potential breaking change - particularly if you are using the SecureRandomNumberGenerator
+ or Shiro's Block Cipher Services (AES, Blowfish):

-

Jira resolved issue report:

+

https://raw.githubusercontent.com/apache/shiro/shiro-root-1.2.0/RELEASE-NOTES

-

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&version=12315478

+

Resolved Issues

-

Enjoy!

+

Jira resolved issue report:

+

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&version=12315478

+

Enjoy!

-

The Apache Shiro Team

-
+

The Apache Shiro Team

+
-
- - - - - -
Les Hazlewood posted on Jun 30, 2011
- Apache Shiro Login Demo +
+ + Apache Shiro Login Demo +
Les Hazlewood posted on Jun 30, 2011
-
+

Matt Raible has posted a really nice blog article and video demonstrating a login use case with Apache Shiro. Check out the Java Web Application Security - Part III: Apache Shiro Login Demo blog post and the video:

- +
-
+
-
- - - - - -
Les Hazlewood posted on May 24, 2011
- The New RBAC - Resource-Based Access Control - +
+ The New RBAC - Resource-Based Access Control +
Les Hazlewood posted on May 24, 2011
-
+

Hi Shiro community,

-

The following article helps explain the differences in role-based vs resource-based access control and why Shiro's permission construct (which is based on resources) can be much better for an application:

+

The following article helps explain the differences in role-based vs resource-based access control and why Shiro's permission construct (which is based on resources) can be much better for an application:

-

The New RBAC: Resource-Based Access Control

-
+

The New RBAC: Resource-Based Access Control

+
-
- - - - - -
Les Hazlewood posted on Mar 14, 2011
- InfoQ article on Apache Shiro - +
+ InfoQ article on Apache Shiro +
Les Hazlewood posted on Mar 14, 2011
-
+

https://www.infoq.com/articles/apache-shiro

-
+
-
- - - - - -
Alex Salazar posted on Feb 28, 2011
- Java Authorization Guide with Apache Shiro posted - +
+ Java Authorization Guide with Apache Shiro posted +
Alex Salazar posted on Feb 28, 2011
-
+

In our effort to improve the documentation you need to get started with Shiro, we've written a quick Java Authorization Guide for your review. Check out and tell us what you think. And if you haven't already, check out our previous post, the Java Authentication Guide.

-
+
-
- - - - - -
Alex Salazar posted on Feb 09, 2011
- Apache Shiro Integration for Grails 1.1.3 released - -
+
+ Apache Shiro Integration for Grails 1.1.3 released +
Alex Salazar posted on Feb 09, 2011
+
-
+

Secure your Grails application quickly and easily using the Apache Shiro security framework. Although easy to get started with, this framework gives you a great deal of flexibility and will support your application as it grows.

-

https://grails.org/plugin/shiro

-
+

https://grails.org/plugin/shiro

+
-
- - - - - -
Alex Salazar posted on Jan 13, 2011
- Apache Shiro Support for Mule - -
+
+ Apache Shiro Support for Mule +
Alex Salazar posted on Jan 13, 2011
+
-
+

Mule now has integration with Apache Shiro. Thanks to Dan Diephouse at MuleSoft for the great blog post.

-

http://blogs.mulesoft.com/dev/mule-dev/apache-shiro-support-for-mule/

-
+

http://blogs.mulesoft.com/dev/mule-dev/apache-shiro-support-for-mule/

+
-
- - - - - -
Alex Salazar posted on Jan 06, 2011
- Apache Shiro Video and Slide from SF JUG Presentation - -
+
+ Apache Shiro Video and Slide from SF JUG Presentation +
Alex Salazar posted on Jan 06, 2011
+
-
+

Check out the video from the San Francisco Java User Group presentation on Apache Shiro.

-

Video

- - - +

Video

-

Slides

+ - +

Courtesy of Aleksandar and Max at the SF JUG

- -

Courtesy of Aleksandar and Max at the SF JUG

- -
+
-
- - - - - -
Les Hazlewood posted on Nov 03, 2010
- Apache Shiro 1.1.0 Released - -
+
+ Apache Shiro 1.1.0 Released +
Les Hazlewood posted on Nov 03, 2010
+
-
+

Dear Apache Shiro Community,

-

We are proud and excited to offer Apache Shiro's first release as an Apache Top Level Project, Apache Shiro version 1.1.0.

+

We are proud and excited to offer Apache Shiro's first release as an Apache Top Level Project, Apache Shiro version 1.1.0.

-

This release includes a number of bug fixes, new features and one important security vulnerability fix - it is recommended that users upgrade to 1.1.0 as soon as possible.

+

This release includes a number of bug fixes, new features and one important security vulnerability fix - it is recommended that users upgrade to 1.1.0 as soon as possible.

-

Version 1.1.0 is available immediately for download here accompanied by associated documentation and Release Notes.

+

Version 1.1.0 is available immediately for download here accompanied by associated documentation and Release Notes.

-

All binaries are available in Maven Central already. Please note that most of the Apache mirrors have been updated to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.

+

All binaries are available in Maven Central already. Please note that most of the Apache mirrors have been updated to reflect the source distribution, but some mirrors may not be updated yet. If a mirror download link does not work, please try another or wait another 12 to 24 hours.

-

Enjoy!

-
+

Enjoy!

+
-
- - - - - -
Les Hazlewood posted on Sep 24, 2010
- Apache Shiro becomes an Apache Top Level Project - -
+
+ Apache Shiro becomes an Apache Top Level Project +
Les Hazlewood posted on Sep 24, 2010
+
-
+

On Wednesday, September 22nd 2010, the Apache Software Foundation Board voted unanimously to accept Apache Shiro's graduation out of the Incubator and to become a Apache Top Level Project.

-

Many thanks to the entire community for the continued growth and support, and especially to our Mentors, for helping us navigate the project through the incubation process. Everything is much appreciated and it has been well worth it.

+

Many thanks to the entire community for the continued growth and support, and especially to our Mentors, for helping us navigate the project through the incubation process. Everything is much appreciated and it has been well worth it.

-

Next steps: It will take us a bit of time to migrate our infrastructure to non-Incubator resources (shiro.apache.org subdomain, Subversion move, etc), so please stay tuned. Hopefully that can be done in the next two weeks. Shortly thereafter, we hope to release Shiro 1.1.

+

Next steps: It will take us a bit of time to migrate our infrastructure to non-Incubator resources (shiro.apache.org subdomain, Subversion move, etc), so please stay tuned. Hopefully that can be done in the next two weeks. Shortly thereafter, we hope to release Shiro 1.1.

-

Thanks again to all, and please keep contributing to the project and the mailing lists to continually better the project for everyone!

+

Thanks again to all, and please keep contributing to the project and the mailing lists to continually better the project for everyone!

-

Best regards,

+

Best regards,

-

Les

-
+

Les

+
-
- - - - - -
Les Hazlewood posted on Sep 20, 2010
- San Francisco JUG presentation - -
+
+ San Francisco JUG presentation +
Les Hazlewood posted on Sep 20, 2010
+
-
+

On 12 October 2010 at 6:30 pm PDT, Les Hazlewood will present Super Simple Application Security with Apache Shiro to the San Francisco Java User Group. Please RSVP if you wish to attend - seats are limited!

-
- - - - - -
Les Hazlewood posted on Sep 14, 2010
- IBM DeveloperWorks - Introduction to Apache Shiro - +
+ IBM DeveloperWorks - Introduction to Apache Shiro +
Les Hazlewood posted on Sep 14, 2010
-
+

Nathan Good wrote an article introducing some of Apache Shiro's capabilities. Thanks Nathan!

-
+
-
- - - - - -
Les Hazlewood posted on Jun 01, 2010
- SDForum Java SIG Apache Shiro Presentation - -
+
+
Les Hazlewood posted on Jun 01, 2010
+ SDForum Java SIG Apache Shiro Presentation + +
-
+

Tonight, 1 June 2010, Les Hazlewood will present Apache Shiro to the SDForum Java SIG in Palo Alto, California. Please come if you can!

-
+