I have a project where I am trying to use Apache Shiro to implement a security layer. For the most part it seems to be working rather nicely. I have been using the "authc" filter up to this point and that has been working as expected. However, I'd like to move the login.jsp to a different public folder that doesn't have any stringent security requirements.
Below is the relevant shiro.ini file entries.
shiro.loginUrl = /public/pages/login.jsp
jdbcRealm = ...
:
:
ds = ...
:
:
jdbcRealm.dataSource = $ds
[users]
[roles]
[urls]
/public/** = anon
/secure/** = authc
/logout = logout
When the /public/** = authc or anon, I can try to go directly to a page under the /secure URL and will correctly be taken to the login.jsp page. Check. Check.
After filling in the Username and Password on the login.jsp page and submitting the form, things break down...
If /public/** = authc
, then I'm taken to the original page I was attempting to get to in the /secure url. So that works.
If /public/** = anon
, then the login.jsp will be reloaded. I'm not sent to the page in the /secure directory I was originally attempting to get to. The same thing occurs if I don't put an entry for the /public/**
URL pattern.
There seems to be some Shiro fundamental that I am missing. If you need to see anything else in the project, I have uploaded it to BitBucket here.
https://tfeinstein@bitbucket.org/tfeinstein/vikos.git
Thanks, Todd
Can you try to add
authc.successUrl = "default sucess url for logged in"
at [main] block
/public/pages/login.jsp = authc
as first line of your [urls] block
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.