I beg to differ there is a authc.successUrl Look at the following shiro.ini-:
[main] authc.loginUrl = /login.jsp authc.successUrl = /home.jsp This was found in one of Lez Hazelwood's authored posts from https://github.com/pires/simple-shiro-web-app On Wed, Sep 9, 2015 at 12:44 PM, scSynergy <[email protected]> wrote: > [main] > // is there a line missing which would look something like 'shiro = > org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter' ? > shiro.loginUrl = /login.jsp // this line tells Shiro what to do when an > unauthenticated user tries to acces a secured page: redirect the user to > /login.jsp > > [urls] > /login.jsp = authc // defines a servlet filter of type AuthenticationFilter > https://shiro.apache.org/static/1.2.3/apidocs/; this page is open to let > unauthenticated users access it (shiro.loginUrl tells Shiro to excempt this > page from restrictions) > /logout = logout // this line maps the pseudo URL '/logout' to the Shiro > logout functionality > /account/** = authc // every page beneath /account is restricted to > authenticated users (which may pass the authc filter) > /remoting/** = authc, roles[b2bClient], perms["remote:invoke:lan,wan"] // > every page beneath /remoting is restricted to authenticated users (authc) > which have the role 'b2bClient' and / or (not sure which) the permission > "remote:invoke:lan,wan" > > There is no failed login page and no 'authc.successUrl = /welcome.xhtml' , > so on failed or successful logins you will stay on the login page unless > that page does an explicit redirect. > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Explanation-of-this-shiro-ini-tp7580693p7580699.html > Sent from the Shiro User mailing list archive at Nabble.com. >
