1 Are you frustrated [frʌstreitId懊丧; 懊恼; 沮丧]when you try to secure your applications?
2 This article introduces Apache Shiro, a Java security framework that provides a simple but powerful approach to application security.
3 Shiro provides the application security API to perform the following aspects[ˈæˌspɛkts方面; 层面; 样子; 外观] (I like to call these the 4 cornerstones[ˈkɔrnərˌstoʊnz 基石; 奠基石; 最重要部分; 基础] of application security):
- Authentication [ɔːˌθentɪˈkeɪʃn身份验证; 认证;鉴定] - proving user identity, often called user ‘login’.
- Authorization [ˌɔːθərəˈzeɪʃn批准; 授权;] - access control.
- Cryptography[krɪpˈtɑːɡrəfi加密] - protecting or hiding data from prying eyes [ˈpraɪɪŋ aɪz窥视眼睛].
- Session Management - per-user time-sensitive [ˈsensətɪv敏感] state.
4 we were pretty much[差不多; 基本上] stuck with[无法摆脱] the Java Authentication and Authorization Service, otherwise[另; 亦] known as JAAS. There were a lot of shortcomings[缺点、短处] with JAAS - while its authentication capabilities were somewhat tolerable[ˈtɑːlərəbl可忍受], the authorization aspects were obtuse [əbˈtuːs] and frustrating [ˈfrʌstreɪtɪŋ] [迟钝和令人沮丧] to use. Also, JAAS was heavily tied to[严重束缚] Virtual Machine-level security concerns[kənˈsɜːrnz担心,忧虑].
5 I needed something[会话] that could be decoupled [diːˈkʌpld分离,隔断] from[与…脱钩] the container, usable[ˈjuːzəbl可用的; 适用的] in any environment I chose.
6 I was hoping for a cleaner out-of-the-box solution[开箱即用的解决方案] to easily encrypt and decrypt data as necessary[ˈnesəseri].
7 So looking at[考虑、因此] the security landscape[安全形势] of early 2003, you can quickly realize that there was nothing that could satisfy all of those requirements in a single, cohesive [koʊˈhiːsɪv使凝结的] framework. Because of that, JSecurity, and then later, Apache Shiro, was born.
8 a compelling reason[kəmˈpelɪŋ ˈriːzn] 不容不信的理由
9 Why would you use Apache Shiro today?
Easy To Use: Ease of use is the project’s ultimate [ˈʌltɪmət最终的; 终极的;根本的; 基本的] goal. Application security can be extremely confusing and frustrating and thought of as a ‘necessary evil’ [ˈnesəseri ˈiːvl罪恶之源].
. Comprehensive[ˌkɑːmprɪˈhensɪv全面的、详尽的; 综合性的] - There is no other security framework with the breadth [bredθ宽度; 广度;广泛] of scope that Apache Shiro claims[kleɪmz宣称; 声称; 断言; 声明], so it can likely be your ‘one stop shop’ [wʌn stɑːp ʃɑːp] 一站式服务; 一次购足; 一站式商店 for your security needs.
Flexible[ˈfleksəbl灵活的; 可变动的;] - Apache Shiro can work in any application environment.
Web Capable [ˈkeɪpəbl能力; 有才能; 能力强的; 足以胜任的] - Apache Shiro has fantastic[fænˈtæstɪk极好的; 了不起的; 很大的] web application support, allowing you to create flexible security policies[灵活的安全策略] based on application URLs and web protocols (e.g. REST), while also providing a set of JSP libraries to control page output.
Pluggable [ˈplʌgəbl可插式] - Shiro’s clean API and design patterns make it easy to integrate with [ˈɪntɪɡreɪt wɪð与…结合在一起] many other frameworks and applications. You’ll see Shiro integrated seamlessly[无缝的;无缝] with frameworks like Spring, Grails, Wicket, Tapestry, Mule, Apache Camel, Vaadin, and many others.
Supported[səˈpɔːrtɪd拥护; 鼓励; 援助; 资助] - Apache Shiro is part of the Apache Software Foundation, an organization proven [ˈpruːvn 被证明的; 已证实的] to act in the best interest of its community. The project development and user groups have friendly citizens ready
to help.
10 Core Concepts [kɔːr ˈkɑnsɛpts核心概念]: Subject, SecurityManager, and Realms
11 the most relevant [ˈreləvənt紧密相关的; 有价值的; 有意义的] questions.
12 Acquiring [əˈkwaɪərɪŋ(通过努力、能力、行为表现) 获得; 购得; 获得; 得到] the Subject
13 behind the scenes [bɪˈhaɪnd ðə sinz] 幕后 counterpart [ˈkaʊntərpɑːrt职位(或作用)相当的人; 对应的事物]
******以上翻译原文摘自:https://www.infoq.com/articles/apache-shiro