zhangkaitao/shiro-example

This repository contains the companion example code for a Chinese-language tutorial series on Apache Shiro, a Java library that handles security concerns like login, permissions, and session management for web applications. The README is written in Chinese, and the project is associated with a book by the author on high-traffic web architecture. Apache Shiro is a framework that Java developers drop into a project to handle the parts of an application that decide who a user is and what they are allowed to do. Rather than building these systems from scratch, developers configure Shiro to connect to their database of users, define rules about which roles can access which pages or actions, and let the framework enforce those rules automatically. The tutorial series spans 24 chapters and works through Shiro's features progressively. Early chapters cover the basics of authentication (confirming a user's identity) and authorization (checking what they can do), along with configuration file syntax and how Shiro stores and encodes passwords. Later chapters go deeper into integration with web applications and the Spring framework, handling remember-me cookies, SSL, and single sign-on across multiple services. Advanced chapters address OAuth2, concurrent login limits, dynamic URL-based permission rules, stateless web APIs, CAPTCHA verification, centralized permission management across multiple projects, and distributed session handling. The example projects in the repository are built with Maven, so some familiarity with that Java build tool is expected to run them. Each chapter has its own example project corresponding to that chapter's topic. This is primarily a learning resource for Java developers who want to understand how to use Apache Shiro across a wide range of real-world scenarios, rather than a standalone application you would deploy on its own.