From d66569b6480e9ec74e689eef44138997c5816821 Mon Sep 17 00:00:00 2001 From: Ganesh Patil <7030871503ganeshpatil@gmail.com> Date: Fri, 30 Jan 2026 19:07:18 +0530 Subject: [PATCH 1/8] docs: migrate issue tracking to GitHub Issues and Discussions --- src/site/content/support.adoc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/site/content/support.adoc b/src/site/content/support.adoc index 2bdedcc2a..9a4968a14 100644 --- a/src/site/content/support.adoc +++ b/src/site/content/support.adoc @@ -10,8 +10,9 @@ The Shiro project offers support through its community of users, contributors, a We encourage everyone to participate and use the available community support tools below. +* https://github.com/apache/shiro/discussions[GitHub Discussions] - For questions, ideas, and community discussion +* https://github.com/apache/shiro/issues[GitHub Issues] - For bug reports and feature requests * link:troubleshooting.html[Troubleshooting & FAQ] * link:mailing-lists.html[Mailing Lists] * link:forums.html[Forums] -* link:issues.html[Issues and Bug Tracking] * link:commercial-support.html[Commercial Support] From 36dc354a6f476be7b09d4cbd85e596d815c5ae05 Mon Sep 17 00:00:00 2001 From: lprimak Date: Fri, 30 Jan 2026 11:44:25 -0600 Subject: [PATCH 2/8] review comments --- src/site/content/support.adoc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/site/content/support.adoc b/src/site/content/support.adoc index 9a4968a14..2bdedcc2a 100644 --- a/src/site/content/support.adoc +++ b/src/site/content/support.adoc @@ -10,9 +10,8 @@ The Shiro project offers support through its community of users, contributors, a We encourage everyone to participate and use the available community support tools below. -* https://github.com/apache/shiro/discussions[GitHub Discussions] - For questions, ideas, and community discussion -* https://github.com/apache/shiro/issues[GitHub Issues] - For bug reports and feature requests * link:troubleshooting.html[Troubleshooting & FAQ] * link:mailing-lists.html[Mailing Lists] * link:forums.html[Forums] +* link:issues.html[Issues and Bug Tracking] * link:commercial-support.html[Commercial Support] From 0d145efd6d4334c3756e3fed7e097906daeb6987 Mon Sep 17 00:00:00 2001 From: Ganesh Patil <7030871503ganeshpatil@gmail.com> Date: Sat, 31 Jan 2026 11:55:19 +0530 Subject: [PATCH 3/8] docs: address PR review feedback --- src/site/content/community.adoc | 6 ++---- src/site/content/forums.adoc | 6 +----- src/site/content/issues.adoc | 4 ++-- 3 files changed, 5 insertions(+), 11 deletions(-) diff --git a/src/site/content/community.adoc b/src/site/content/community.adoc index e71a446f9..368a7ebaf 100644 --- a/src/site/content/community.adoc +++ b/src/site/content/community.adoc @@ -10,9 +10,9 @@ We have a great user and developer community and hope that you become an active Our community is here to help you learn about Shiro, figure out how to do what you need, identify and fix any bugs, and improve Shiro so that it continues to be a powerful and useful software project. -* *link:forums.html[Community Forums]* - Need help? For users that prefer to use forums over mailing lists, we use Nabble +* *https://github.com/apache/shiro/discussions[GitHub Discussions]* - Need help? Ask questions and discuss ideas with the community -* *link:mailing-lists.html[Mailing Lists]* - Need help, but hate forums? Lists for Users, Developers and Committers! +* *link:mailing-lists.html[Mailing Lists]* - Lists for Users, Developers and Committers! * *link:articles.html[Articles]* - Read up on the latest discussions, guides, and how-tos created by members of our community @@ -30,8 +30,6 @@ At the Shiro project we make it easy for anyone to join our great community and * *link:developer-resources.html[Developer Resources]* - Helpful information for anyone providing project help as a committer or contributor -* *https://github.com/apache/shiro/discussions[GitHub Discussions]* - For questions, ideas, and community discussion - * *https://github.com/apache/shiro/issues[GitHub Issues]* - For bug reports and feature requests * *https://www.apache.org/foundation/sponsorship.html[Donate to ASF]* - Shiro is a project under the Apache Software Foundation, a non-profit that relies on donations and community support diff --git a/src/site/content/forums.adoc b/src/site/content/forums.adoc index 2dc919c6b..64a129672 100644 --- a/src/site/content/forums.adoc +++ b/src/site/content/forums.adoc @@ -23,11 +23,7 @@ For users that prefer to browse the mailing lists with a browser can use https:/ * link:++https://lists.apache.org/list.html?dev@shiro.apache.org++[Shiro Developer Forum] -____ - -*NOTE:* Previously, `nabble.com` was used as an alternative to the mailing list, this service is no longer hosting the mailing list archive. - -____ +NOTE: Previously, `nabble.com` was used as an alternative to the mailing list, this service is no longer hosting the mailing list archive. == GitHub Discussions diff --git a/src/site/content/issues.adoc b/src/site/content/issues.adoc index 79904b4a9..994160f5f 100644 --- a/src/site/content/issues.adoc +++ b/src/site/content/issues.adoc @@ -2,8 +2,8 @@ :jbake-date: 2010-03-18 00:00:00 :jbake-type: page :jbake-status: published -:jbake-tags: issues, bugs, jira, bug-tracking, support -:jbake-description: Report bugs, request features, and track issues for Apache Shiro using GitHub Issues tracking system. +:jbake-tags: issues, bugs, bug-tracking, support +:jbake-description: Report bugs, request features, and track issues for Apache Shiro using GitHub Issues. :idprefix: :icons: font From ffe84565217787729aa2421500b38764ec338cd3 Mon Sep 17 00:00:00 2001 From: Ganesh Patil <7030871503ganeshpatil@gmail.com> Date: Fri, 6 Feb 2026 09:10:44 +0530 Subject: [PATCH 4/8] docs: complete authenticator and authorizer documentation --- src/site/content/authenticator.adoc | 110 ++++++++++++++++++++++- src/site/content/authorizer.adoc | 134 +++++++++++++++++++++++++++- 2 files changed, 236 insertions(+), 8 deletions(-) diff --git a/src/site/content/authenticator.adoc b/src/site/content/authenticator.adoc index 5cb29fd43..f29c0d379 100644 --- a/src/site/content/authenticator.adoc +++ b/src/site/content/authenticator.adoc @@ -1,8 +1,110 @@ -= Authenticator -:jbake-type: lend_a_hand +[#Authenticator-UnderstandingAuthenticators] += Apache Shiro Authenticators +:jbake-date: 2010-03-18 00:00:00 +:jbake-type: page :jbake-status: published -:jbake-tags: documentation, todo, lend-a-hand +:jbake-tags: authenticator, authentication, security, realms +:jbake-description: Understanding Apache Shiro Authenticators - the component responsible for verifying user identity. Learn how Authenticators work with Realms and AuthenticationStrategies. :idprefix: :icons: font +:toc: -TODO +An `Authenticator` is a component responsible for verifying that a user actually is who they claim to be. +It is the core component that executes the authentication process on behalf of the link:/subject.html[Subject]. + +While the link:/authentication.html[Authentication] documentation explains the concepts and workflow of authentication in Shiro, +the Authenticator represents the actual implementation component that performs identity verification. + +[#Authenticator-Role] +== Role in the SecurityManager + +The link:/securitymanager.html[SecurityManager] does not perform authentication directly. +Instead, it delegates authentication requests to its internal `Authenticator` instance. +When a link:/subject.html[Subject] calls link:/static/current/apidocs/org/apache/shiro/subject/Subject.html#login(org.apache.shiro.authc.AuthenticationToken)[`login(token)`], +the SecurityManager receives the request and immediately delegates to the Authenticator by calling +link:/static/current/apidocs/org/apache/shiro/authc/Authenticator.html#authenticate(org.apache.shiro.authc.AuthenticationToken)[`authenticate(token)`]. + +The Authenticator takes the submitted link:/static/current/apidocs/org/apache/shiro/authc/AuthenticationToken.html[`AuthenticationToken`] +and uses it to verify the Subject's identity. +If verification succeeds, it returns an link:/static/current/apidocs/org/apache/shiro/authc/AuthenticationInfo.html[`AuthenticationInfo`] object. +If verification fails, it throws an link:/static/current/apidocs/org/apache/shiro/authc/AuthenticationException.html[`AuthenticationException`]. + +[#Authenticator-ModularRealmAuthenticator] +== ModularRealmAuthenticator + +Shiro uses the link:/static/current/apidocs/org/apache/shiro/authc/pam/ModularRealmAuthenticator.html[`ModularRealmAuthenticator`] +by default. +This implementation supports coordinating one or more link:/realm.html[Realms] during the authentication process. + +When an authentication token is submitted, the ModularRealmAuthenticator: + +* Iterates through configured Realms +* Calls each Realm's link:/static/current/apidocs/org/apache/shiro/realm/Realm.html#supports(org.apache.shiro.authc.AuthenticationToken)[`supports(token)`] method to determine if the Realm can process the token +* If a Realm supports the token, its link:/static/current/apidocs/org/apache/shiro/realm/Realm.html#getAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)[`getAuthenticationInfo(token)`] method is invoked +* Returns authentication information if successful, or throws an exception if failed + +[#Authenticator-SingleVsMultipleRealms] +== Single vs. Multiple Realms + +The ModularRealmAuthenticator supports both configurations: + +*Single Realm*: +When only one Realm is configured, the Authenticator directly invokes that Realm to verify the Subject's credentials. + +*Multiple Realms*: +When multiple Realms are configured, the Authenticator uses an link:/static/current/apidocs/org/apache/shiro/authc/pam/AuthenticationStrategy.html[`AuthenticationStrategy`] +to determine how to coordinate authentication across the Realms. +This is a link:https://en.wikipedia.org/wiki/Pluggable_Authentication_Modules[PAM]-style approach where each Realm can be consulted in sequence. + +[#Authenticator-AuthenticationStrategy] +== AuthenticationStrategy + +When multiple Realms are configured, the Authenticator must determine if the overall authentication attempt succeeds or fails. +The link:/static/current/apidocs/org/apache/shiro/authc/pam/AuthenticationStrategy.html[`AuthenticationStrategy`] makes this determination. + +Shiro provides three built-in strategies: + +* *FirstSuccessfulStrategy*: Returns the first Realm that succeeds. Other Realms are not consulted. +* *AtLeastOneSuccessfulStrategy*: Returns success if at least one Realm succeeds. Other Realms continue to be consulted. +* *AllSuccessfulStrategy*: All Realms must succeed for authentication to succeed. This is the most restrictive. + +You can configure which strategy the Authenticator uses, or implement your own strategy for custom behavior. + +[#Authenticator-Configuration] +== Configuration + +You can configure a custom Authenticator in your Shiro configuration if needed: + +[source,ini] +---- +authenticator = com.foo.bar.CustomAuthenticator +securityManager.authenticator = $authenticator +---- + +You can also configure the AuthenticationStrategy: + +[source,ini] +---- +authenticationStrategy = org.apache.shiro.authc.pam.FirstSuccessfulStrategy +authenticator.authenticationStrategy = $authenticationStrategy +---- + +However, in most cases, the default ModularRealmAuthenticator with the default strategy is sufficient for typical applications. + +[#Authenticator-RealmInteraction] +== How Authenticators Work with Realms + +The Authenticator does not directly know how to verify credentials. +Instead, it coordinates with configured Realms to perform the actual verification. + +A link:/realm.html[Realm] is a security-specific data access object that can locate and validate user credentials from a data source +(database, LDAP, file system, etc.). +The Realm is responsible for: + +* Determining if it understands the submitted AuthenticationToken via its `supports(token)` method +* Looking up the user in the data source +* Comparing submitted credentials with those stored in the data source +* Returning the user's authentication information if credentials match +* Throwing an exception if credentials do not match + +The Authenticator simply orchestrates this process by delegating to Realms in order and handling the results according to its configured strategy. diff --git a/src/site/content/authorizer.adoc b/src/site/content/authorizer.adoc index 7b9ca4a8f..076aabd89 100644 --- a/src/site/content/authorizer.adoc +++ b/src/site/content/authorizer.adoc @@ -1,8 +1,134 @@ -= Authorizer -:jbake-type: lend_a_hand +[#Authorizer-UnderstandingAuthorizers] += Apache Shiro Authorizers +:jbake-date: 2010-03-18 00:00:00 +:jbake-type: page :jbake-status: published -:jbake-tags: documentation, todo, lend-a-hand +:jbake-tags: authorizer, authorization, access-control, permissions, roles +:jbake-description: Understanding Apache Shiro Authorizers - the component that determines what authenticated users are allowed to do. Learn how Authorizers work with Realms to evaluate permissions and roles. :idprefix: :icons: font +:toc: -TODO +An `Authorizer` is a component responsible for determining whether a user is allowed to perform a certain action. +It evaluates whether a `Subject` has the necessary permissions or roles to access a resource or perform an operation. + +While the link:/authorization.html[Authorization] documentation explains the concepts and workflow of access control in Shiro, +the Authorizer represents the actual implementation component that performs access control decisions. + +[#Authorizer-Role] +== Role in the SecurityManager + +The link:/securitymanager.html[SecurityManager] does not perform authorization checks directly. +Instead, it delegates authorization decisions to its internal `Authorizer` instance. +When a link:/subject.html[Subject] calls authorization methods such as +link:/static/current/apidocs/org/apache/shiro/subject/Subject.html#hasRole(java.lang.String)[`hasRole(role)`], +link:/static/current/apidocs/org/apache/shiro/subject/Subject.html#isPermitted(org.apache.shiro.authz.Permission)[`isPermitted(permission)`], +or their variants, the SecurityManager delegates to the Authorizer. + +The Authorizer determines whether the Subject is permitted to perform the requested action by checking the Subject's roles and permissions. +If the Subject has the necessary role or permission, the authorization check passes. +If not, an link:/static/current/apidocs/org/apache/shiro/authz/AuthorizationException.html[`AuthorizationException`] may be thrown. + +[#Authorizer-ModularRealmAuthorizer] +== ModularRealmAuthorizer + +Shiro uses the link:/static/current/apidocs/org/apache/shiro/authz/ModularRealmAuthorizer.html[`ModularRealmAuthorizer`] +by default. +This implementation supports coordinating one or more link:/realm.html[Realms] during the authorization process. + +When an authorization check is performed, the ModularRealmAuthorizer: + +* Iterates through configured Realms +* For each Realm that implements the `Authorizer` interface, calls the corresponding authorization method + (`hasRole*`, `checkRole*`, `isPermitted*`, or `checkPermission*`) +* Aggregates and evaluates the results according to Shiro's authorization semantics +* Returns the authorization decision to the caller + +It is important to note that the ModularRealmAuthorizer treats Realms differently depending on whether they implement the `Authorizer` interface. +If a Realm does not implement `Authorizer`, it is not consulted for authorization checks. + +[#Authorizer-PermissionAndRoleChecks] +== Permission and Role Checks + +The Authorizer performs two types of authorization checks: + +[#Authorizer-PermissionChecks] +=== Permission Checks + +Permission checks verify whether a Subject is allowed to perform a specific action on a specific resource. +Methods for permission checks include: + +* link:/static/current/apidocs/org/apache/shiro/subject/Subject.html#isPermitted(org.apache.shiro.authz.Permission)[`isPermitted(permission)`] - returns `true` or `false` +* link:/static/current/apidocs/org/apache/shiro/subject/Subject.html#checkPermission(org.apache.shiro.authz.Permission)[`checkPermission(permission)`] - throws an exception on failure + +For example: + +[source,java] +---- +if (subject.isPermitted("account:read")) { + //User can read accounts +} + +subject.checkPermission("document:delete:report123"); +---- + +[#Authorizer-RoleChecks] +=== Role Checks + +Role checks verify whether a Subject has a specific role. Methods for role checks include: + +* link:/static/current/apidocs/org/apache/shiro/subject/Subject.html#hasRole(java.lang.String)[`hasRole(role)`] - returns `true` or `false` +* link:/static/current/apidocs/org/apache/shiro/subject/Subject.html#checkRole(java.lang.String)[`checkRole(role)`] - throws an exception on failure + +For example: + +[source,java] +---- +if (subject.hasRole("admin")) { + //User is an administrator +} + +subject.checkRole("user"); +---- + +[#Authorizer-Configuration] +== Configuration + +You can configure a custom Authorizer in your Shiro configuration if needed: + +[source,ini] +---- +authorizer = com.foo.bar.CustomAuthorizer +securityManager.authorizer = $authorizer +---- + +However, in most cases, the default ModularRealmAuthorizer is sufficient for typical applications. + +[#Authorizer-RealmInteraction] +== How Authorizers Work with Realms + +The Authorizer does not directly know where to retrieve authorization data. +Instead, it coordinates with configured Realms to perform the actual authorization checks. + +A link:/realm.html[Realm] is a security-specific data access object that knows how to retrieve authorization data from a data source +(database, LDAP, file system, etc.). +The Realm is responsible for: + +* Determining if it implements the `Authorizer` interface (which indicates it can perform authorization checks) +* Retrieving the Subject's roles and permissions from the data source +* Evaluating whether the Subject has the requested role or permission +* Returning the results of the authorization check + +The Authorizer simply orchestrates this process by delegating to Realms and aggregating their results. +This allows you to use multiple Realms where authorization data may come from different sources, +and Shiro will coordinate the results appropriately. + +[#Authorizer-MultipleRealms] +== Authorization with Multiple Realms + +When multiple Realms are configured, the ModularRealmAuthorizer consults all Realms that implement the `Authorizer` interface. +The results are aggregated to determine the final authorization decision. + +Typically, if any Realm grants permission or role membership, the authorization check succeeds. +However, the exact behavior depends on the authorization data model and how the Realms are configured. +Custom Authorizer implementations can be used to implement different aggregation strategies if needed. From 818b1541135297ba73f3589184c2647b43a29d7a Mon Sep 17 00:00:00 2001 From: Ganesh Patil <7030871503ganeshpatil@gmail.com> Date: Fri, 6 Feb 2026 09:17:35 +0530 Subject: [PATCH 5/8] merge: resolve conflicts by accepting latest changes from main - community.adoc: Update to use GitHub Discussions instead of Nabble - forums.adoc: Restructure and add GitHub Discussions section - issues.adoc: Update from Jira to GitHub Issues for issue tracking --- src/site/content/community.adoc | 9 ++++----- src/site/content/forums.adoc | 25 ++++++++----------------- src/site/content/issues.adoc | 25 ++++++++----------------- 3 files changed, 20 insertions(+), 39 deletions(-) diff --git a/src/site/content/community.adoc b/src/site/content/community.adoc index 368a7ebaf..06558e002 100644 --- a/src/site/content/community.adoc +++ b/src/site/content/community.adoc @@ -2,17 +2,16 @@ :jbake-date: 2010-03-18 00:00:00 :jbake-type: page :jbake-status: published -:jbake-tags: community, support, forums, mailing-lists -:jbake-description: Join the Apache Shiro community to get help, share knowledge, and contribute. Access forums, mailing lists, articles, and community events. +:jbake-tags: community :idprefix: We have a great user and developer community and hope that you become an active participant. Our community is here to help you learn about Shiro, figure out how to do what you need, identify and fix any bugs, and improve Shiro so that it continues to be a powerful and useful software project. -* *https://github.com/apache/shiro/discussions[GitHub Discussions]* - Need help? Ask questions and discuss ideas with the community +* *link:forums.html[Community Forums]* - Need help? For users that prefer to use forums over mailing lists, we use Nabble -* *link:mailing-lists.html[Mailing Lists]* - Lists for Users, Developers and Committers! +* *link:mailing-lists.html[Mailing Lists]* - Need help, but hate forums? Lists for Users, Developers and Committers! * *link:articles.html[Articles]* - Read up on the latest discussions, guides, and how-tos created by members of our community @@ -30,6 +29,6 @@ At the Shiro project we make it easy for anyone to join our great community and * *link:developer-resources.html[Developer Resources]* - Helpful information for anyone providing project help as a committer or contributor -* *https://github.com/apache/shiro/issues[GitHub Issues]* - For bug reports and feature requests +* *https://github.com/apache/shiro/issues[Issue Tracker]* - Once you're ready to contribute, this is a good place to see what needs to get done * *https://www.apache.org/foundation/sponsorship.html[Donate to ASF]* - Shiro is a project under the Apache Software Foundation, a non-profit that relies on donations and community support diff --git a/src/site/content/forums.adoc b/src/site/content/forums.adoc index 64a129672..6202f54f1 100644 --- a/src/site/content/forums.adoc +++ b/src/site/content/forums.adoc @@ -2,30 +2,21 @@ :jbake-date: 2010-03-18 00:00:00 :jbake-type: page :jbake-status: published -:jbake-tags: forums, community, support, discussions -:jbake-description: Access Apache Shiro community forums and mailing list archives via ASF Pony Mail for user and developer discussions. +:jbake-tags: documentation, community :idprefix: -== Mailing Lists - -For those that may prefer mailing lists, please see the link:mailing-lists.html[Mailing Lists] information. -____ - -*NOTE:* The primary forums for Apache Shiro are the mailing lists, which can be accessed via the link:mailing-lists.html[Mailing Lists] page. This is per the Apache Software Foundation's community guidelines. - -____ - -== Mailing List Archives - -For users that prefer to browse the mailing lists with a browser can use https://lists.apache.org/[ASF Lists] (Pony Mail). +For users that prefer to use browse the mailing lists with a browser can use https://lists.apache.org/[ASF Lists] (Pony Mail). * link:++https://lists.apache.org/list.html?user@shiro.apache.org++[Shiro User Forum] * link:++https://lists.apache.org/list.html?dev@shiro.apache.org++[Shiro Developer Forum] -NOTE: Previously, `nabble.com` was used as an alternative to the mailing list, this service is no longer hosting the mailing list archive. +____ + +*NOTE:* Previously, `nabble.com` was used as an alternative to the mailing list, this service is no longer hosting the mailing list archive. -== GitHub Discussions +____ -For questions, ideas, and general community discussion, please use https://github.com/apache/shiro/discussions[GitHub Discussions]. +== Mailing Lists +For those that may prefer mailing lists, please see the link:mailing-lists.html[Mailing Lists] information. \ No newline at end of file diff --git a/src/site/content/issues.adoc b/src/site/content/issues.adoc index 994160f5f..a7f0918cd 100644 --- a/src/site/content/issues.adoc +++ b/src/site/content/issues.adoc @@ -2,33 +2,24 @@ :jbake-date: 2010-03-18 00:00:00 :jbake-type: page :jbake-status: published -:jbake-tags: issues, bugs, bug-tracking, support -:jbake-description: Report bugs, request features, and track issues for Apache Shiro using GitHub Issues. +:jbake-tags: documentation, support, community, issues, bugs :idprefix: :icons: font -Apache Shiro uses https://github.com/apache/shiro/issues[GitHub Issues] for bug reports, feature requests, and task tracking. - -For questions, ideas, and community discussions, please use https://github.com/apache/shiro/discussions[GitHub Discussions]. +Apache Shiro uses Atlassian Jira for tracking tasks, feature requests, bugs, and other issues related to the project development. == Usage Guidelines -GitHub Issues is provided as a Shiro software development resource. -It is meant for reporting bugs, requesting features, and tracking improvements in the software itself - it is not a support portal to ask for advice or help. -For community advice and help in using Apache Shiro, please visit the link:/support.html[Support] page or use https://github.com/apache/shiro/discussions[GitHub Discussions]. +Jira is provided as a Shiro software development resource. +It is meant to be for managing bugs, tasks and improvements in the software itself - it is not a support portal to ask for advice or help. +For community advice and help in using Apache Shiro, please visit the link:/support.html[Support] page. -*Prior to opening an issue, we ask that:* +*Prior to using Jira, we ask that:* * You do your due diligence to ensure a suspected error is actually a bug. * You search the issue tracker to ensure what you want to report has not already been reported by someone else. * If your problem is actually a bug, we would appreciate it if you could attach a simple JUnit test case that allows us to repeat the problem, so we can fix it as fast as possible. * If a unit test is not available (please really try to make one!), attach a stack trace and Shiro's TRACE or DEBUG log output. -* If you've already fixed the problem, please submit a pull request, and we'll likely include it in the next release. - -https://github.com/apache/shiro/issues[Click here to visit the Apache Shiro GitHub Issues tracker]. - -== JIRA (Legacy) - -JIRA is retained for archival purposes only and is no longer used for new issues. +* If you've already fixed the problem, please submit a patch, and we'll likely include it in the next release. -https://issues.apache.org/jira/browse/SHIRO[Click here to visit the legacy Apache Shiro JIRA issue tracker]. +https://issues.apache.org/jira/browse/SHIRO[Click here to visit the Apache Shiro Jira issue tracker]. From c91157689ae9227d54349ccaa85c6ba695ac3e40 Mon Sep 17 00:00:00 2001 From: Ganesh Patil <7030871503ganeshpatil@gmail.com> Date: Fri, 6 Feb 2026 09:19:12 +0530 Subject: [PATCH 6/8] fix: update issues.adoc to use GitHub Issues instead of Jira --- src/site/content/issues.adoc | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/src/site/content/issues.adoc b/src/site/content/issues.adoc index a7f0918cd..994160f5f 100644 --- a/src/site/content/issues.adoc +++ b/src/site/content/issues.adoc @@ -2,24 +2,33 @@ :jbake-date: 2010-03-18 00:00:00 :jbake-type: page :jbake-status: published -:jbake-tags: documentation, support, community, issues, bugs +:jbake-tags: issues, bugs, bug-tracking, support +:jbake-description: Report bugs, request features, and track issues for Apache Shiro using GitHub Issues. :idprefix: :icons: font -Apache Shiro uses Atlassian Jira for tracking tasks, feature requests, bugs, and other issues related to the project development. +Apache Shiro uses https://github.com/apache/shiro/issues[GitHub Issues] for bug reports, feature requests, and task tracking. + +For questions, ideas, and community discussions, please use https://github.com/apache/shiro/discussions[GitHub Discussions]. == Usage Guidelines -Jira is provided as a Shiro software development resource. -It is meant to be for managing bugs, tasks and improvements in the software itself - it is not a support portal to ask for advice or help. -For community advice and help in using Apache Shiro, please visit the link:/support.html[Support] page. +GitHub Issues is provided as a Shiro software development resource. +It is meant for reporting bugs, requesting features, and tracking improvements in the software itself - it is not a support portal to ask for advice or help. +For community advice and help in using Apache Shiro, please visit the link:/support.html[Support] page or use https://github.com/apache/shiro/discussions[GitHub Discussions]. -*Prior to using Jira, we ask that:* +*Prior to opening an issue, we ask that:* * You do your due diligence to ensure a suspected error is actually a bug. * You search the issue tracker to ensure what you want to report has not already been reported by someone else. * If your problem is actually a bug, we would appreciate it if you could attach a simple JUnit test case that allows us to repeat the problem, so we can fix it as fast as possible. * If a unit test is not available (please really try to make one!), attach a stack trace and Shiro's TRACE or DEBUG log output. -* If you've already fixed the problem, please submit a patch, and we'll likely include it in the next release. +* If you've already fixed the problem, please submit a pull request, and we'll likely include it in the next release. + +https://github.com/apache/shiro/issues[Click here to visit the Apache Shiro GitHub Issues tracker]. + +== JIRA (Legacy) + +JIRA is retained for archival purposes only and is no longer used for new issues. -https://issues.apache.org/jira/browse/SHIRO[Click here to visit the Apache Shiro Jira issue tracker]. +https://issues.apache.org/jira/browse/SHIRO[Click here to visit the legacy Apache Shiro JIRA issue tracker]. From 76294ef46c5dbcda1af7068cae7578442e7a7db3 Mon Sep 17 00:00:00 2001 From: Ganesh Patil <7030871503ganeshpatil@gmail.com> Date: Fri, 6 Feb 2026 09:36:11 +0530 Subject: [PATCH 7/8] docs: clarify FirstSuccessfulStrategy description for better clarity --- src/site/content/authenticator.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/site/content/authenticator.adoc b/src/site/content/authenticator.adoc index f29c0d379..327c40abe 100644 --- a/src/site/content/authenticator.adoc +++ b/src/site/content/authenticator.adoc @@ -64,7 +64,7 @@ The link:/static/current/apidocs/org/apache/shiro/authc/pam/AuthenticationStrate Shiro provides three built-in strategies: -* *FirstSuccessfulStrategy*: Returns the first Realm that succeeds. Other Realms are not consulted. +* *FirstSuccessfulStrategy*: Consults Realms in order until one succeeds. Remaining Realms are not consulted. * *AtLeastOneSuccessfulStrategy*: Returns success if at least one Realm succeeds. Other Realms continue to be consulted. * *AllSuccessfulStrategy*: All Realms must succeed for authentication to succeed. This is the most restrictive. From 2c9744d661d6d6215e4cf451f4149156d2320e54 Mon Sep 17 00:00:00 2001 From: lprimak Date: Mon, 9 Feb 2026 17:15:02 -0600 Subject: [PATCH 8/8] reverted unnecssary files --- src/site/content/community.adoc | 7 +++++-- src/site/content/forums.adoc | 21 +++++++++++++++++---- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/src/site/content/community.adoc b/src/site/content/community.adoc index 06558e002..e71a446f9 100644 --- a/src/site/content/community.adoc +++ b/src/site/content/community.adoc @@ -2,7 +2,8 @@ :jbake-date: 2010-03-18 00:00:00 :jbake-type: page :jbake-status: published -:jbake-tags: community +:jbake-tags: community, support, forums, mailing-lists +:jbake-description: Join the Apache Shiro community to get help, share knowledge, and contribute. Access forums, mailing lists, articles, and community events. :idprefix: We have a great user and developer community and hope that you become an active participant. @@ -29,6 +30,8 @@ At the Shiro project we make it easy for anyone to join our great community and * *link:developer-resources.html[Developer Resources]* - Helpful information for anyone providing project help as a committer or contributor -* *https://github.com/apache/shiro/issues[Issue Tracker]* - Once you're ready to contribute, this is a good place to see what needs to get done +* *https://github.com/apache/shiro/discussions[GitHub Discussions]* - For questions, ideas, and community discussion + +* *https://github.com/apache/shiro/issues[GitHub Issues]* - For bug reports and feature requests * *https://www.apache.org/foundation/sponsorship.html[Donate to ASF]* - Shiro is a project under the Apache Software Foundation, a non-profit that relies on donations and community support diff --git a/src/site/content/forums.adoc b/src/site/content/forums.adoc index 6202f54f1..2dc919c6b 100644 --- a/src/site/content/forums.adoc +++ b/src/site/content/forums.adoc @@ -2,10 +2,22 @@ :jbake-date: 2010-03-18 00:00:00 :jbake-type: page :jbake-status: published -:jbake-tags: documentation, community +:jbake-tags: forums, community, support, discussions +:jbake-description: Access Apache Shiro community forums and mailing list archives via ASF Pony Mail for user and developer discussions. :idprefix: -For users that prefer to use browse the mailing lists with a browser can use https://lists.apache.org/[ASF Lists] (Pony Mail). +== Mailing Lists + +For those that may prefer mailing lists, please see the link:mailing-lists.html[Mailing Lists] information. +____ + +*NOTE:* The primary forums for Apache Shiro are the mailing lists, which can be accessed via the link:mailing-lists.html[Mailing Lists] page. This is per the Apache Software Foundation's community guidelines. + +____ + +== Mailing List Archives + +For users that prefer to browse the mailing lists with a browser can use https://lists.apache.org/[ASF Lists] (Pony Mail). * link:++https://lists.apache.org/list.html?user@shiro.apache.org++[Shiro User Forum] @@ -17,6 +29,7 @@ ____ ____ -== Mailing Lists +== GitHub Discussions + +For questions, ideas, and general community discussion, please use https://github.com/apache/shiro/discussions[GitHub Discussions]. -For those that may prefer mailing lists, please see the link:mailing-lists.html[Mailing Lists] information. \ No newline at end of file