Hi all, I have a question regarding filter chains and authcBasic authentication failures. If a user tries to authenticate and aborts the request (hits escape with a browser or does not provide credentials using curl for example) shiro silently discards the user and does not return the default 401 error-page.
Is this an error in my config or is this the default behaviour of shiro? If so, is there any possibility in changing this behavior with a configuration switch? Regards, Falco ----------------------------------------------------------------------- ; shiro.ini [main] ; credentials are sha256 hashed sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher iniRealm.credentialsMatcher = $sha256Matcher ; restrict access to localhost ipRemote = org.apache.catalina.filters.RemoteIpFilter ipFilter = org.apache.catalina.filters.RemoteAddrFilter ipFilter.allow = 127.0.0.1|::1|0:0:0:0:0:0:0:1 ipFilter.denyStatus = 404 [users] test = <hash removed>, jmx [roles] jmx = * [urls] /jmx/** = ipRemote, ipFilter, authcBasic, roles[jmx] /jmx = ipRemote, ipFilter, authcBasic, roles[jmx]
