I made a seperate entry but had to change the 2nd login from /index.jsp to
just "/" . I believe it wasnt working since it was addressed as
http://server without /index.jsp explicitly supplied on the URL, so it
wasn't being wired up.
Never could figure out how to make it work with just one entry and the "/"
designation.
This ended up working(so far..I think)
<filter>
<filter-name>Shiro</filter-name>
<filter-class>
org.apache.shiro.web.servlet.IniShiroFilter
</filter-class>
<init-param>
<param-name>config</param-name>
<param-value>
[main]
authcRealm = my.security.WebRealm
authc2 = org.apache.shiro.web.filter.authc.FormAuthenticationFilter
lookedUpRealm = com.referentia.liveaction.server.core.security.WebRealm
authc.loginUrl = /login.jsp
authc2.loginUrl = /
securityManager.realms = $lookedUpRealm
[urls]
/secure/** = authc
/login.jsp = authc
/ = authc2
</param-value>
</init-param>
</filter>
On Tue, Jan 31, 2012 at 5:10 PM, Christopher Richmond <
[email protected]> wrote:
> I should add that if I just make index.jsp the primary loginURL like so:
>
> authc.loginUrl = /index.jsp
>
> [urls]
> /secure/** = authc
> /index.jsp = authc
>
>
> Then that page operates just fine as the redirect login page and I can
> login there.
>
> ???
>
> Thanks,
> Chris
>
> On Tue, Jan 31, 2012 at 5:07 PM, Christopher Richmond <
> [email protected]> wrote:
>
>> The filter below works fine just fine with login.jsp...redirects when its
>> supposed to....shiro tags in that page pickup no problem
>>
>>
>>
>> <filter>
>> <filter-name>Shiro</filter-name>
>> <filter-class>
>> org.apache.shiro.web.servlet.IniShiroFilter
>> </filter-class>
>> <init-param>
>> <param-name>config</param-name>
>> <param-value>
>> [main]
>> #securityManager.sessionMode = native
>> authcRealm = my.security.WebRealm
>> lookedUpRealm = my.security.WebRealm
>> authc.loginUrl = /login.jsp
>> securityManager.realms = $lookedUpRealm
>>
>> [urls]
>> /secure/** = authc
>> /login.jsp = authc
>> </param-value>
>> </init-param>
>> </filter>
>>
>>
>>
>> <filter-mapping>
>> <filter-name>Shiro</filter-name>
>> <url-pattern>/*</url-pattern>
>> </filter-mapping>
>>
>> If I change the urls:
>>
>> /secure/** = authc
>> /login.jsp = authc
>> /index.jsp = authc
>>
>> This does not work. I cannot just go to index.jsp and login...my auth
>> realm code is never even called. Redirects/logins to login.jsp continue to
>> work and if I go back to index.jsp, then shiro tags pick up that I am
>> actually logged in, but I just cannot actually log in at index.jsp.
>>
>> login.jsp and index.jsp contain the exact same form element:
>>
>> <form name="loginForm" action="" method="post">
>> <shiro:guest>
>> You are not currently logged in
>> </shiro:guest>
>> <BR/>
>> Username:<input type="text" name="username" maxlength="30"
>> style="height:10px">
>> <BR/>
>> Password:<input type="password" name="password" maxlength="30"
>> style="height:10px">
>> <BR/>
>> <input type="submit" name="submit">
>> </form>
>>
>>
>> On Tue, Jan 31, 2012 at 3:39 PM, Les Hazlewood <[email protected]>wrote:
>>
>>> If you get stuck, please share your existing relevant config.
>>>
>>> Cheers,
>>>
>>> Les
>>>
>>> On Wed, Feb 1, 2012 at 5:39 AM, Chris Richmond <[email protected]>
>>> wrote:
>>> > Ok I tried that first approach, simply adding another entry to the
>>> urls,
>>> > since I was fine with one redirected login page, however that page
>>> never
>>> > seemed to actually authenticate me even though the form on it uses
>>> identical
>>> > params.
>>> >
>>> > If this should work, in theory, then I need to take a closer look.
>>> >
>>> > Thanks
>>> >
>>> >
>>> > On 1/31/2012 3:26 PM, Les Hazlewood wrote:
>>> >>
>>> >> Sure, you can do this, as long as the form parameter names are the
>>> >> same (username, password, rememberMe). You just need to specify that
>>> >> the two different pages are filtered by the authc controller:
>>> >>
>>> >> [urls]
>>> >> /login.jsp = authc
>>> >> /anotherLoginPage.jsp = authc
>>> >>
>>> >> However, the authc controller only accepts a single login page for
>>> >> configuration:
>>> >>
>>> >> [main]
>>> >> authc.loginUrl = /login.jsp
>>> >>
>>> >> So if they're unauthenticated, that will be the page they're
>>> >> redirected to for login.
>>> >>
>>> >> If this doesn't meet your needs, you can also configure two of the
>>> >> FormAuthenticationFilters:
>>> >>
>>> >> [main]
>>> >> # use the default one
>>> >> authc.whatever = whatever
>>> >>
>>> >> # add and configure a 2nd FormAuthenticationController instance for
>>> other
>>> >> needs:
>>> >> authc2 = org.apache.shiro.web.filter.authc.FormAuthenticationFilter
>>> >> ...
>>> >>
>>> >> [urls]
>>> >> /login.jsp = authc
>>> >> /login2.jsp = authc2
>>> >>
>>> >> The default filters automatically available in the [main] section are
>>> >> just some beans provided by default - you can configure as many as you
>>> >> like, like any other object.
>>> >>
>>> >> HTH,
>>> >>
>>>
>>
>>
>
