Shiro Newbie here. I am still trying to get some simple Shiro integration
done and I am stuck on something and could use a push.
I have a Java Servlet app running under Tomcat 8, Java 8
Using a HTML/JS front end
Wanting to secure the server with FORM based Auth
I have a very simple Login.html file, and I am redirected to it upon
attempting to browse to any URL in my app. I see successful login
happening, but I am constantly redirected back to the Login.html. The
redirect is consistent on Chrome and IE. Firefox will occasionally redirect
correctly.
What I am doing is super basic, so I assume I am missing something simple
too...
Here is my shiro.ini
---------------------------------------------
#-----------
# Main
# ----------
[main]
shiro.loginUrl = /login.html
myRealm = com.my.MyCustomRealm
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager
securityManager.realms = $myRealm
#
-----------------------------------------------------------------------------
# URLS - followed by Filter Chains.
#
-----------------------------------------------------------------------------
[urls]
/** = authc
---------------------------------------------
Here is the auth method from MyCustomRealm:
----------------------------------------------------------------
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String name = upToken.getUsername();
String password = new String(upToken.getPassword());
if (name != null && password != null) {
Map userMap = MyDatabase.readCollection(User.USERS,
String.class);
if (userMap.containsKey(name)) {
User user = (User) userMap.get(name);
String pw = user.getPassword();
if (password.equals(pw)) {
return new
SimpleAuthenticationInfo(name, password.toCharArray(),
getName());
} else {
throw new
AuthenticationException("Invalid Password");
}
} else {
throw new AuthenticationException("Invalid
Username");
}
}
throw new AuthenticationException("Username and Password
required");
}
--------------------------------------------------------------
Here is my web.xml
-------------------------------------------------------------
<web-app xmlns="http://java.sun.com/xml/ns/javaee";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd";
version="3.0">
<context-param>
<param-name>resteasy.scan</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>resteasy.servlet.mapping.prefix</param-name>
<param-value>/v1</param-value>
</context-param>
<listener>
<listener-class>
org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap
</listener-class>
</listener>
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<servlet>
<display-name>resteasy</display-name>
<servlet-name>Resteasy</servlet-name>
<servlet-class>org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.my.MyRestApplication</param-value>
</init-param>
</servlet>
<servlet>
<display-name>My Application</display-name>
<servlet-name>MyApp-Init</servlet-name>
<servlet-class>com.my.AppInitServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<display-name>EventBus</display-name>
<servlet-name>EventBusServlet</servlet-name>
<servlet-class>com.my.init.EventBusInitServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Jersey2Config</servlet-name>
<servlet-class>io.swagger.jaxrs.config.DefaultJaxrsConfig</servlet-class>
<init-param>
<param-name>api.version</param-name>
<param-value>1.0.0</param-value>
</init-param>
<init-param>
<param-name>swagger.api.basepath</param-name>
<param-value>/CloudMgr/v1</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Resteasy</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>
</web-app>
---------------------------------------------------------
Do you see anything that would cause the constant redirection? Ive have
tried everything I can find from the docs...
Thanks, in Advance, and I apologize if I have missed something obvious.
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130.html
Sent from the Shiro User mailing list archive at Nabble.com.
