The URI you are calling seems weird as it is missing the context root a.k.a. the name of the application. I would have expected to see something like http://localhost:8080/MyApplicaion/callback.
Apart from that Shiro filters are subclasses of https://docs.oracle.com/javaee/7/api/index.html?javax/servlet/GenericServlet.html and therefore call doFilter(). doFilter() calls the next filter along the chain, which means that if clientFilter does not explicitly stop processing the chain (@Overwrite doFilter()) tidRoles will be processed afterwards, too. -- View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-Path-Filter-doesn-t-work-tp7581032p7581033.html Sent from the Shiro User mailing list archive at Nabble.com.
