Apache Shiro is a powerful and flexible open-source security framework that cleanly handles authentication, authorization, enterprise session management, single sign-on and cryptography services.

LicenseApache 2.0
CategoriesSecurity Frameworks
Tagsbundlesecurityapacheshiroosgi
Organization The Apache Software Foundation
HomePage https://shiro.apache.org/shiro-core/
DateNov 13, 2024
Filespom (8 KB)  bundle (286 KB)  View All
RepositoriesCentral
Ranking#717 in MvnRepository (See Top Artifacts)
#3 in Security Frameworks
Used By755 artifacts
VulnerabilitiesVulnerabilities from dependencies:
CVE-2024-38828
CVE-2024-38827
CVE-2024-38820
View 3 more ...


Compile Dependencies (8)

Category/License Group / ArtifactVersionUpdates
Config
Apache 2.0
org.apache.commons » commons-configuration2 (optional) 2.11.0

Apache 2.0
org.apache.shiro » shiro-lang 2.0.2

Apache 2.0
org.apache.shiro » shiro-cache 2.0.2

Apache 2.0
org.apache.shiro » shiro-crypto-hash 2.0.2

Apache 2.0
org.apache.shiro » shiro-crypto-cipher 2.0.2

Apache 2.0
org.apache.shiro » shiro-config-core 2.0.2

Apache 2.0
org.apache.shiro » shiro-config-ogdl 2.0.2

Apache 2.0
org.apache.shiro » shiro-event 2.0.2

Provided Dependencies (2)

Category/License Group / ArtifactVersionUpdates
Annotation Lib
EPL 2.0GPL
jakarta.annotation » jakarta.annotation-api (optional) 1.3.53.0.0
CodeGen
MIT
org.projectlombok » lombok (optional) 1.18.341.18.36

Runtime Dependencies (2)

Category/License Group / ArtifactVersionUpdates

Apache 2.0
org.apache.shiro.crypto » shiro-hashes-argon2 2.0.2

Apache 2.0
org.apache.shiro.crypto » shiro-hashes-bcrypt 2.0.2

Managed Dependencies (73)

Category/License Group / ArtifactVersionUpdates

MIT
com.github.mjeanroy » junit-servers-jetty-9 3.3.03.3.1
Dep Injection
Apache 2.0
com.google.inject » guice 4.2.37.0.0

Apache 2.0
com.google.inject.extensions » guice-multibindings 4.2.3

Apache 2.0
com.google.inject.extensions » guice-servlet 4.2.37.0.0

Apache 2.0
com.hazelcast » hazelcast 5.3.85.5.0
Reflection
Apache 2.0
commons-beanutils » commons-beanutils 1.9.41.10.0
CLI Parser
Apache 2.0
commons-cli » commons-cli 1.9.0
Annotation Lib
EPL 2.0GPL
javax.annotation » javax.annotation-api 1.3.23.0.0
Java Spec
EPL 2.0GPL
javax.servlet » javax.servlet-api 4.0.16.1.0
Java Spec
CDDLGPL 2.0
javax.servlet.jsp » jsp-api 2.22.3.3
Bytecode
Apache 2.0
net.bytebuddy » byte-buddy 1.15.101.15.11
Bytecode
Apache 2.0
net.bytebuddy » byte-buddy-agent 1.15.101.15.11
Cache Impl
Apache 2.0
net.sf.ehcache » ehcache-core (optional) 2.6.112.10.9.2
Config
Apache 2.0
org.apache.commons » commons-configuration2 2.11.0
Transactions
EPL 2.0GPL
org.apache.geronimo.specs » geronimo-jta_1.1_spec (optional) 1.1.12.0.1
JVM Languages
Apache 2.0
org.apache.groovy » groovy 4.0.234.0.24
Logging Bridge
Apache 2.0
org.apache.logging.log4j » log4j-slf4j2-impl 2.24.12.24.3

Apache 2.0
org.apache.logging.log4j » log4j-core-test 2.24.12.24.3
Logging
Apache 2.0
org.apache.logging.log4j » log4j-api 2.24.12.24.3
Logging
Apache 2.0
org.apache.logging.log4j » log4j-core 2.24.12.24.3
Logging Bridge
Apache 2.0
org.apache.logging.log4j » log4j-jul 2.24.12.24.3
Logging Bridge
Apache 2.0
org.apache.logging.log4j » log4j-to-slf4j 2.24.12.24.3
Annotation Lib
Apache 2.0
org.apache.maven.plugin-tools » maven-plugin-annotations 3.13.13.15.1

Apache 2.0
org.apache.maven.skins » maven-fluido-skin 2.0.02.0.1

Apache 2.0
org.apache.shiro » shiro-lang 2.0.2

Apache 2.0
org.apache.shiro » shiro-cache 2.0.2
Security
Apache 2.0
org.apache.shiro » shiro-core 2.0.2

Apache 2.0
org.apache.shiro » shiro-config-core 2.0.2

Apache 2.0
org.apache.shiro » shiro-config-ogdl 2.0.2

Apache 2.0
org.apache.shiro » shiro-crypto-core 2.0.2

Apache 2.0
org.apache.shiro » shiro-crypto-hash 2.0.2

Apache 2.0
org.apache.shiro » shiro-crypto-cipher 2.0.2

Apache 2.0
org.apache.shiro » shiro-event 2.0.2

Apache 2.0
org.apache.shiro » shiro-web 2.0.2

Apache 2.0
org.apache.shiro » shiro-servlet-plugin 2.0.2

Apache 2.0
org.apache.shiro » shiro-aspectj 2.0.2

Apache 2.0
org.apache.shiro » shiro-ehcache 2.0.2

Apache 2.0
org.apache.shiro » shiro-quartz 2.0.2

Apache 2.0
org.apache.shiro » shiro-spring 2.0.2

Apache 2.0
org.apache.shiro » shiro-guice 2.0.2

Apache 2.0
org.apache.shiro » shiro-hazelcast 2.0.2

Apache 2.0
org.apache.shiro » shiro-jaxrs 2.0.2

Apache 2.0
org.apache.shiro » shiro-all2.0.21.13.0
Security
Apache 2.0
org.apache.shiro » shiro-core 2.0.2

Apache 2.0
org.apache.shiro » shiro-config-ogdl 2.0.2

Apache 2.0
org.apache.shiro.crypto » shiro-hashes-argon2 2.0.2

Apache 2.0
org.apache.shiro.crypto » shiro-hashes-bcrypt 2.0.2

Apache 2.0
org.apache.shiro.integrationtests » shiro-its-support2.0.21.8.0

org.apache.shiro.integrationtests » shiro-its-meecrowave-support 2.0.2

org.apache.shiro.integrationtests.jaxrs » shiro-its-jaxrs 2.0.2

org.apache.shiro.integrationtests.jaxrs » shiro-its-jaxrs-app 2.0.2

org.apache.shiro.integrationtests.jaxrs » shiro-its-jaxrs-app 2.0.2

org.apache.shiro.integrationtests.jaxrs » shiro-its-jaxrs-tests 2.0.2
JSP Tag Library
Apache 2.0
org.apache.taglibs » taglibs-standard-spec 1.2.5
JSP Tag Library
Apache 2.0
org.apache.taglibs » taglibs-standard-impl 1.2.5
AOP
EPL 2.0
org.aspectj » aspectjrt 1.9.20.11.9.22.1
AOP
EPL 2.0
org.aspectj » aspectjweaver 1.9.20.11.9.22.1
Encryption Lib
BouncyCastle
org.bouncycastle » bcprov-jdk18on 1.791.80
O/R Mapping
LGPL 2.1
org.hibernate » hibernate-core (optional) 5.6.15.Final6.6.4.Final
Embedded SQL DB
org.hsqldb » hsqldb (optional) 2.7.4
Browser Automation
Apache 2.0
org.htmlunit » htmlunit 4.6.04.8.0
Testing
EPL 2.0
org.junit-pioneer » junit-pioneer 2.3.0

BSD 3-clause
org.owasp.encoder » encoder 1.3.1
Job Scheduling
Apache 2.0
org.quartz-scheduler » quartz (optional) 2.5.0-rc22.5.0
Logging
MIT
org.slf4j » slf4j-api 2.0.16
Logging
MIT
org.slf4j » slf4j-simple 2.0.16
Logging Bridge
Apache 2.0
org.slf4j » jcl-over-slf4j 2.0.16
Dep Injection
Apache 2.0
org.springframework » spring-context (optional) 2 vulnerabilities 5.3.396.2.2
Web Framework
Apache 2.0
org.springframework » spring-web1 vulnerability 5.3.396.2.2
JDBC Extension
Apache 2.0
org.springframework » spring-jdbc (optional) 1 vulnerability 5.3.396.2.2
O/R Mapping
Apache 2.0
org.springframework » spring-orm (optional) 5.3.396.2.2
Web Framework
Apache 2.0
org.springframework » spring-webmvc (optional) 3 vulnerabilities 5.3.396.2.2
Testing
Apache 2.0
org.springframework » spring-test (optional) 5.3.396.2.2

Developers

NameEmailDev IdRolesOrganization
Allan Ditzeladitzel<at>apache.orgaditzelApache Software Foundation
Jeremy Hailejhaile<at>apache.orgjhaileMobilization Labs
Les Hazlewoodlhazlewood<at>apache.orglhazlewoodStormpath
Kalle Korhonenkaosko<at>apache.orgkaoskoApache Software Foundation
Peter Ledbrookp.ledbrook<at>cacoethes.co.ukpledbrookSpringSource
Tim Veiltveil<at>apache.orgtveil
Brian Demersbdemers<at>apache.orgbdemersPMC ChairStormpath
Jared Buntingjbunting<at>apache.orgjbuntingApache Software Foundation
Francois Paponfpapon<at>apache.orgfpaponYupiik
Benjamin Marwellbmarwell<at>apache.orgbmarwell
Lenny Primaklprimak<at>apache.orglprimakFlow Logix

Mailing Lists

NameDetails
Apache Shiro Users Mailing List user-subscribe@shiro.apache.org
user-unsubscribe@shiro.apache.org
Apache Shiro Developers Mailing List dev-subscribe@shiro.apache.org
dev-unsubscribe@shiro.apache.org