Hi, I don't use the FormAuthenticationFilter. I call SecurityUtils.getSubject().login() inside a JSF ManagedBean.
I did some debug on the AccessControlFilter. On 1.2.6 getLoginUrl() returns the correct value, but I didn't figured out how loginUrl is populated since setLoginUrl is not called, so I changed on shiro.ini from shiro.loginUrl to roles.loginUrl, now it's working with both 1.2 and 1.3. Thanks 2016-09-16 10:44 GMT-03:00 Brian Demers <[email protected]>: > As far as additional info: What do the relevant bits in your shiro.ini > look like? > > I'm guessing something like: > > [main] > ... > shiro.loginUrl = /login.jsf > ... > > [urls] > ... > /my-resources/foo = authc ... > > > > Take a look at FormAuthenticationFilter.onAccessDenied() > https://github.com/apache/shiro/blob/master/web/src/ > main/java/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.java# > L148-L171 > > Keep us posted, > -Brian > > On Fri, Sep 16, 2016 at 8:04 AM, Felipe Jaekel <[email protected]> wrote: > >> Unfortunately no. >> >> Yes there additional information I can provide? >> >> If not, could point where on Shiro code is this redirect done? I could >> debug it and try to figure out why my loginUrl was not used. >> >> 2016-09-15 14:26 GMT-03:00 Brian Demers <[email protected]>: >> >>> Do you have a reproduce case that you can send us? >>> >>> I have a couple apps were i'm setting `shiro.loginUrl` to /login and >>> have not seen any issue >>> >>> On Thu, Sep 15, 2016 at 1:02 PM, Felipe Jaekel <[email protected]> >>> wrote: >>> >>>> Hi, >>>> >>>> I have the following configuration with shiro 1.2.x: >>>> >>>> shiro.loginUrl = /login.jsf >>>> >>>> After upgrading from 1.2.6 to 1.3.2, login redirect is going to >>>> login.jsp instead of login.jsf. >>>> >>>> Is this a bug or configuration changed? >>>> >>>> Thanks >>>> >>> >>> >> >
