ApacheCon NA 2013

Portland, Oregon

February 26th – 28th, 2013

Register Now!

Wednesday 1:45 p.m.–2:45 p.m.

Introduction to Apache Shiro

Les Hazlewood

How Secure?
Audience level:


Securing your applications can be a painful and confusing process, but it doesn't have to be. Apache Shiro simplifies all aspects of application security without sacrificing power or flexibility. Les Hazlewood, Apache Shiro PMC Chair, will explain Shiro's core features and demonstrate how to easily secure your own application. For developers new to Shiro.


Apache Shiro is a flexible open-source application security framework that supports four cornerstones of application security: authentication, authorization, enterprise session management, and cryptography. It is in use at over 100,000 organizations – from big governent to tiny apps – and has an extremely active community and well-documented codebase.

In this presentation, Les Hazlewood, Apache Shiro PMC Chair and Stormpath CTO will cover:

  • Why you might want to use Shiro instead of alternatives like JAAS or Spring Security
  • The core architectural concepts of the framework
  • How to enable all four cornerstones for any application(standalone, mobile phone, web based, etc)
  • An overview of Shiro’s innovative web support and security filtering capabilities