Thanks for clarifying that. On Wed, Sep 9, 2015 at 11:44 PM, Les Hazlewood <[email protected]> wrote:
> That line is invalid. There is no reason to configure anon and then authc > > -- > Les > > On Wed, Sep 9, 2015 at 10:25 AM, Sreyan Chakravarty < > [email protected]> wrote: > >> Okay then tell me what is the point of -: >> >> /home.jsp = anon, authc >> >> Why is home.jsp mapped to the anon filter ? >> Shouldn't it just be mapped to the authc filter ? I mean whats the point of >> mapping it to 2 filters. One which is not required. home.jsp is a protected >> resource so why would anyone even map it to anonymous access. >> >> This is done in the follwing example-: >> >> https://github.com/pires/simple-shiro-web-app/blob/master/src/main/webapp/WEB-INF/shiro.ini >> >> >> On Wed, Sep 9, 2015 at 8:01 PM, scSynergy <[email protected]> >> wrote: >> >>> authc.successUrl means after the authc filter has successfully validated >>> the >>> user redirect her to /home.jsp >>> /login.jsp = anon means do not apply any filter to /login.jsp, not even >>> authc, which means authc is never called and therefore never notices a >>> successful login attempt and therefore does not know it should redirect >>> >>> [main] >>> authc.loginUrl = /login.jsp >>> authc.successUrl = /home.jsp >>> >>> [urls] >>> /login.jsp = *authc* >>> >>> The above code on the other hand means >>> 1. the authc filter should treat /login.jsp as a login page - anonymous >>> access allowed >>> 2. if a successful login attempt is made, redirect the user to /home.jsp >>> 3. if someone navigates to /login.jsp activate the authc filter for the >>> request and do whatever is configured for the authc filter (loginUrl and >>> successUrl) >>> >>> >>> >>> -- >>> View this message in context: >>> http://shiro-user.582556.n2.nabble.com/Why-doesn-t-the-following-work-tp7580703p7580706.html >>> Sent from the Shiro User mailing list archive at Nabble.com. >>> >> >> >
