Okay then tell me what is the point of -: /home.jsp = anon, authc
Why is home.jsp mapped to the anon filter ? Shouldn't it just be mapped to the authc filter ? I mean whats the point of mapping it to 2 filters. One which is not required. home.jsp is a protected resource so why would anyone even map it to anonymous access. This is done in the follwing example-: https://github.com/pires/simple-shiro-web-app/blob/master/src/main/webapp/WEB-INF/shiro.ini On Wed, Sep 9, 2015 at 8:01 PM, scSynergy <[email protected]> wrote: > authc.successUrl means after the authc filter has successfully validated > the > user redirect her to /home.jsp > /login.jsp = anon means do not apply any filter to /login.jsp, not even > authc, which means authc is never called and therefore never notices a > successful login attempt and therefore does not know it should redirect > > [main] > authc.loginUrl = /login.jsp > authc.successUrl = /home.jsp > > [urls] > /login.jsp = *authc* > > The above code on the other hand means > 1. the authc filter should treat /login.jsp as a login page - anonymous > access allowed > 2. if a successful login attempt is made, redirect the user to /home.jsp > 3. if someone navigates to /login.jsp activate the authc filter for the > request and do whatever is configured for the authc filter (loginUrl and > successUrl) > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Why-doesn-t-the-following-work-tp7580703p7580706.html > Sent from the Shiro User mailing list archive at Nabble.com. >
