Fork me on GitHub

Apache Shiro Logo Simple. Java. Security. Apache Software Foundation Event Banner

Handy Hint
Shiro v1 version notice

As of 2024-03-01, Shiro v1 will soon be superseded by v2.

This part of the documentation covers Shiro’s core architectural concepts.

First we’ll present Shiro’s architecture and a summary of each core concept. Then we’ll cover the most important concept in Shiro - the Subject, a security-specific 'view' of a single application user. Next we’ll discuss the SecurityManager, an application singleton that manages all Subjects for the application, and as well as the SecurityManager’s supporting components that do most of Shiro’s heavy lifting. Then onto Realms, the security-specific DAOs, Shiro communicates with and then Permissions, the building block of any security policy.

Lend a hand with documentation

While we hope this documentation helps you with the work you’re doing with Apache Shiro, the community is improving and expanding the documentation all the time. If you’d like to help the Shiro project, please consider correcting, expanding, or adding documentation where you see a need. Every little bit of help you provide expands the community and in turn improves Shiro.

The easiest way to contribute your documentation is to send it to the User Forum or the User Mailing List.