I should add that if I just make index.jsp the primary loginURL like so:
authc.loginUrl = /index.jsp
[urls]
/secure/** = authc
/index.jsp = authc
Then that page operates just fine as the redirect login page and I can
login there.
???
Thanks,
Chris
On Tue, Jan 31, 2012 at 5:07 PM, Christopher Richmond <
[email protected]> wrote:
> The filter below works fine just fine with login.jsp...redirects when its
> supposed to....shiro tags in that page pickup no problem
>
>
>
> <filter>
> <filter-name>Shiro</filter-name>
> <filter-class>
> org.apache.shiro.web.servlet.IniShiroFilter
> </filter-class>
> <init-param>
> <param-name>config</param-name>
> <param-value>
> [main]
> #securityManager.sessionMode = native
> authcRealm = my.security.WebRealm
> lookedUpRealm = my.security.WebRealm
> authc.loginUrl = /login.jsp
> securityManager.realms = $lookedUpRealm
>
> [urls]
> /secure/** = authc
> /login.jsp = authc
> </param-value>
> </init-param>
> </filter>
>
>
>
> <filter-mapping>
> <filter-name>Shiro</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> If I change the urls:
>
> /secure/** = authc
> /login.jsp = authc
> /index.jsp = authc
>
> This does not work. I cannot just go to index.jsp and login...my auth
> realm code is never even called. Redirects/logins to login.jsp continue to
> work and if I go back to index.jsp, then shiro tags pick up that I am
> actually logged in, but I just cannot actually log in at index.jsp.
>
> login.jsp and index.jsp contain the exact same form element:
>
> <form name="loginForm" action="" method="post">
> <shiro:guest>
> You are not currently logged in
> </shiro:guest>
> <BR/>
> Username:<input type="text" name="username" maxlength="30"
> style="height:10px">
> <BR/>
> Password:<input type="password" name="password" maxlength="30"
> style="height:10px">
> <BR/>
> <input type="submit" name="submit">
> </form>
>
>
> On Tue, Jan 31, 2012 at 3:39 PM, Les Hazlewood <[email protected]>wrote:
>
>> If you get stuck, please share your existing relevant config.
>>
>> Cheers,
>>
>> Les
>>
>> On Wed, Feb 1, 2012 at 5:39 AM, Chris Richmond <[email protected]>
>> wrote:
>> > Ok I tried that first approach, simply adding another entry to the urls,
>> > since I was fine with one redirected login page, however that page never
>> > seemed to actually authenticate me even though the form on it uses
>> identical
>> > params.
>> >
>> > If this should work, in theory, then I need to take a closer look.
>> >
>> > Thanks
>> >
>> >
>> > On 1/31/2012 3:26 PM, Les Hazlewood wrote:
>> >>
>> >> Sure, you can do this, as long as the form parameter names are the
>> >> same (username, password, rememberMe). You just need to specify that
>> >> the two different pages are filtered by the authc controller:
>> >>
>> >> [urls]
>> >> /login.jsp = authc
>> >> /anotherLoginPage.jsp = authc
>> >>
>> >> However, the authc controller only accepts a single login page for
>> >> configuration:
>> >>
>> >> [main]
>> >> authc.loginUrl = /login.jsp
>> >>
>> >> So if they're unauthenticated, that will be the page they're
>> >> redirected to for login.
>> >>
>> >> If this doesn't meet your needs, you can also configure two of the
>> >> FormAuthenticationFilters:
>> >>
>> >> [main]
>> >> # use the default one
>> >> authc.whatever = whatever
>> >>
>> >> # add and configure a 2nd FormAuthenticationController instance for
>> other
>> >> needs:
>> >> authc2 = org.apache.shiro.web.filter.authc.FormAuthenticationFilter
>> >> ...
>> >>
>> >> [urls]
>> >> /login.jsp = authc
>> >> /login2.jsp = authc2
>> >>
>> >> The default filters automatically available in the [main] section are
>> >> just some beans provided by default - you can configure as many as you
>> >> like, like any other object.
>> >>
>> >> HTH,
>> >>
>>
>
>
