Hello group,
is there any support for filtering urls without looking at the extension? Maybe
we have overlooked it.
In our use case we work with JavaServer Faces (JSF). In web.xml we map the JSF
servlet to .jsf.
An example shiro.ini:
[urls]
/index.jsf = ssl, authBasic
You can bypass the JSF servlet *and* the Shiro Filter by requesting
/index.xhtml.
The requesting party only gets the xhtml page, with all the JSF spaghetti
included, but it won’t be processed.
It would be nice to declare /index = ssl, authBasic regardless of the extension.
Another option is a deny filter so I could have /index.xhtml = deny for example.
Any thoughts on this?
/Björn
