Hi all,
I'm develloping a custom application using shiro (jsecurity 0.9).
I wanted to forbid access to one html page, so, I added the following line
in my web.xml:
[urls]
/jsp/newscorner.html = authc,
perms[urls:/jsp/newscorner.html:access]
It works fine when I use a server redirect (dispatcher.forward(...)).
The problem comes when i try to make a client redirect to this page (via )
Authentication headers are not present so I encounter a 401 error.
Is there any httpsessionfilter implemented (based on jsessionid) or should I
implement this by myself?
Is there an other way to bypass this problem? (I don't want to change
anything in my jsp's and html files).
Thank in advance, Tcharlie
--
View this message in context:
http://n2.nabble.com/BasicHttpHeader-and-jsp-links-tp3288699p3288699.html
Sent from the Shiro User mailing list archive at Nabble.com.
