The ShiroFilter config looks fine - I'm not sure why this wouldn't work for you. Can you supply a mini sample test app that we can use to test?
Also, for Vaadin apps, you'll probably want to add this to your filter chain definitions: /VAADIN/themes/** = anon We found that certain web browsers do not send any cookies (i.e. session id cookie) when requesting a favicon file. Because of this, no identity is associated with the request and Shiro will reject the favicon request (since everything else is /** = authc). This caused errors in our Vaadin application. By adding the line above for themes (which of course can include favicon files), those errors went away. HTH, Les On Thu, Mar 14, 2013 at 2:47 AM, Petri Turunen <[email protected]> wrote: > Hi, > > And thanks for the fast reply. > Here is the rest of the web.xml > > <!-- Vaadin servlet --> > <context-param> > <description>Vaadin production mode</description> > <param-name>productionMode</param-name> > <param-value>false</param-value> > </context-param> > <servlet> > <servlet-name>MWebUI</servlet-name> > <!-- > <servlet-class>com.vaadin.terminal.gwt.server.ApplicationServlet</servlet-class> > --> > > <servlet-class>com.my.app.webui.SpringVaadinServlet</servlet-class> > <init-param> > <description>Vaadin application class to > start</description> > <param-name>application</param-name> > > <param-value>com.my.app.webui.MftwebuiApplication</param-value> > </init-param> > <init-param> > <description>Application widgetset</description> > <param-name>widgetset</param-name> > > <param-value>com.my.app.webui.widgetset.MftwebuiWidgetset</param-value> > </init-param> > </servlet> > <servlet-mapping> > <servlet-name>MWebUI</servlet-name> > <url-pattern>/app/*</url-pattern> > </servlet-mapping> > <servlet-mapping> > <servlet-name>MWebUI</servlet-name> > <url-pattern>/VAADIN/*</url-pattern> > </servlet-mapping> > > <welcome-file-list> > <welcome-file>login.jsp</welcome-file> > </welcome-file-list> > > This is in applicationContext.xml: > <!-- Vaadin application (com.my.app.webui.MftwebuiApplication) --> > <bean scope="session" class="com.my.app.webui.MftwebuiApplication"/> > > > -- > Ystävällisin terveisin / Best Regards, > Petri Turunen > Flex Investing Oy > > > > Lainaus NabbleReallySucks <[email protected]>: > > >> First a comment. >> >> You do not need <context-param> in your web.xml because your config file >> is >> named applicationContext.xml and resides in the WEB-INF directory. That >> happens to be the default naming convention that the ContextLoaderListener >> automatically looks for. So adding the context-param is redundant. >> >> About your issue. In your mapping to URLs I notice the successUrl is the >> only one not having a ".jsp" ending. So if you have just "/app" you better >> or have to have a Controller method mapped to that URL. Which is a Spring >> thing and has nothing to do with Shiro. Now, this might not be the >> problem, >> and it still might be something Shiro specific. But my odds are more >> towards >> not having a mapping for "/app" >> >> What if you set it to "/app.jsp"? >> >> Or show the @RequestMapping in your @Controller. >> >> Thanks >> >> Mark >> >> >> >> -- >> View this message in context: >> http://shiro-user.582556.n2.nabble.com/shiro-not-redirecting-to-successUrl-tp7578381p7578382.html >> Sent from the Shiro User mailing list archive at Nabble.com. > > >
