Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-410

Clarify the configuration for the form based login

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Trivial
    • Resolution: Unresolved
    • 1.2.1
    • None
    • Documentation
    • None

    Description

      I just started learning Shiro and I struggled a bit to integrate a simple form based login into my web application. My mistake was to exclude the loginUrl from the urls covered by the FormAuthenticationFilter. I assumed the login form had to be accessible to anonymous users, so my configuration looked like this:

      [main]
authc.loginUrl = /account/login.jsp

[urls]
/account/login.jsp = anon
/account/register.jsp = anon
/account/reset.jsp = anon
/account/** = authc

      But this doesn't work because login.jsp must be processed by authc.

      I would suggest mentioning this detail in the reference manual, that wasn't obvious at first glance (but maybe I didn't read carefully enough).

      Attachments

        Activity

          People

            Unassigned Unassigned
            ebourg Emmanuel Bourg
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: