Yes - concerning the servlet Yes - concerning question 1. Yes - concerning question 2. No, instead you should use authc.loginUrl = /login.xhtml which tells Shiro to exempt '/login.xhtml' from permission checks.
-- View this message in context: http://shiro-user.582556.n2.nabble.com/Explanation-of-this-shiro-ini-tp7580693p7580705.html Sent from the Shiro User mailing list archive at Nabble.com.
