Information Security all in one place!

Apache Shiro 1.2.0 enhances its password hashing


Apache Shiro 1.2.0 enhances its password hashing

Just over fourteen months since its first release as an Apache top-level project, the Apache Shiro developers have releasedversion 1.2.0, the first major update to the Shiro application security framework. Shiro is designed to enable Java developers to create enterprise applications with features such as authentication, authorization, enterprise management and cryptography services, without having to use JAAS or EJB security models. One design goal of Shiro was to make the software understandable after a ten minute tutorial.

English: Logo for Apache Shiro

Image via Wikipedia

The 1.2.0 release includes new features such as the ability to selectively disable sessions and a LogoutFilter for applications which need to redirect users after logging them out. A command line program to securely hash passwords and new secure password hash formats are designed to be easier to work with, while working in a similar fashion to Apache HTTPD‘s passwd program. A new PasswordService module makes secure password hash storage simpler and can be used directly in applications along with a PasswordMatcher module to perform comparisons.

Shiro filters can now be enabled or disabled without modifying the filter chain, which is useful in development to, for example, have SSL disabled but easily enabled in production. Finally, support modules for Apache’s OSGi runtime,Karaf, Google’s Guice DI framework and JASIG’s CAS SSO service have been added. A full list of features added and issues resolved is available in therelease notes.

Apache Shiro is available to download and is licensed under the Apache Licence 2.0. The download page also includes instructions on how to install Shiro using Maven 2.

LoJack for Laptops
Professional Logo Design Team


2 responses

  1. URL

    Normally I don’t read this kind of stuff, but this was genuinely intriguing! 907446

    February 10, 2012 at 11:15 PM

  2. Pingback: URL

Let's hear what you have to say.

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s