Copilot commented on code in PR #280:
URL: https://github.com/apache/shiro-site/pull/280#discussion_r2703965578
##########
src/site/content/spring-boot.adoc:
##########
@@ -159,6 +159,10 @@ protected CacheManager cacheManager() {
|shiro.successUrl |`/` |Default landing page after a user logs in (if
alternative cannot be found in the current session)
|shiro.unauthorizedUrl |null |Page to redirect user to if they are
unauthorized (403 page)
+
+|shiro.caseInsensitive |`false` (2.x), `true` (3.x) |Enable case-insensitive
path matching. Can be set to true in 2.x. Defaults to true in 3.x.
+
+|shiro.allowAccessByDefault |`false` |Allow access when no filter chain
matches. Defaults to false in 3.x.
Review Comment:
The documentation for `shiro.allowAccessByDefault` should mention that it
can be explicitly set to true if needed, similar to how the
`shiro.caseInsensitive` parameter is documented. The issue description
indicates this parameter "can be set true", but the documentation only mentions
the default value without explaining that users can override it.
```suggestion
|shiro.allowAccessByDefault |`false` |Allow access when no filter chain
matches. Can be set to true if needed. Defaults to false in 3.x.
```
##########
src/site/content/web.adoc:
##########
@@ -467,6 +467,24 @@ If you're currently allowing URL rewriting to allow for a
<code>jsessionid</code
URL rewriting for `jsessionid` is defined in section "7.1.3" of the Java
Servlet Specification, but it is generally NOT recommended.
====
+=== Filter Chain Resolver Options
+
+The filter chain resolver supports additional configuration options:
+
+[source,ini]
+----
+[main]
+...
+# Enable case-insensitive path matching.
+# Can be set to true for Shiro 2.x.
+# Defaults to true in Shiro 3.x.
+filterChainResolver.caseInsensitive = true
+
+# Allow access when no filter chain matches the request path.
Review Comment:
The documentation for `allowAccessByDefault` should mention that it can be
explicitly set to true if needed, similar to how the `caseInsensitive`
parameter is documented. The issue description indicates this parameter "can be
set true", but the documentation only mentions the default value without
explaining that users can override it.
```suggestion
# Allow access when no filter chain matches the request path.
# Can be set to true to allow access when no filter chain matches.
```
##########
src/site/content/spring-boot.adoc:
##########
@@ -159,6 +159,10 @@ protected CacheManager cacheManager() {
|shiro.successUrl |`/` |Default landing page after a user logs in (if
alternative cannot be found in the current session)
|shiro.unauthorizedUrl |null |Page to redirect user to if they are
unauthorized (403 page)
+
+|shiro.caseInsensitive |`false` (2.x), `true` (3.x) |Enable case-insensitive
path matching. Can be set to true in 2.x. Defaults to true in 3.x.
+
+|shiro.allowAccessByDefault |`false` |Allow access when no filter chain
matches. Defaults to false in 3.x.
Review Comment:
The default value column for `shiro.allowAccessByDefault` should clarify the
default behavior across versions, similar to how `shiro.caseInsensitive` is
documented. Consider using a format like `false` (or `false` (3.x)) to maintain
consistency with the documentation pattern for `caseInsensitive`.
```suggestion
|shiro.allowAccessByDefault |`true` (2.x), `false` (3.x) |Allow access when
no filter chain matches. Defaults to true in 2.x and false in 3.x.
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
