What is the workflow process of the Shiro framework?
The workflow of the Shiro framework is as follows:
- Authentication: To start, users submit their identity information for authentication, Shiro will then pass the user’s identity information (such as username and password) to the corresponding authenticator for authentication processing.
- Authorization: After successful authentication, Shiro will handle authorization based on the user’s identity information and the resources being accessed (such as URL, method calls, etc.). Shiro’s authorization process includes two aspects: role authorization and permission authorization. Role authorization is based on roles, while permission authorization is based on permissions.
- Session management: The Shiro framework offers functionality for managing sessions, allowing users to store and retrieve state information. Sessions can be used to enable features such as “Remember Me” and Single Sign-On.
- Encryption (Cryptography): The Shiro framework offers the functionality of encrypting and decrypting passwords to protect the security of users’ passwords.
It’s important to note that the Shiro framework does not have a completely defined workflow, and can be customized based on specific needs and configurations. The above process is just a general workflow of the Shiro framework.