What does your filter chain definition map look like? On Sun, Dec 18, 2016 at 6:54 AM, Guofeng Zhang <[email protected]> wrote:
> Hi, > > My Spring Rest application uses shiro-spring. It configured using Sping > Java Config. > > I defined an authentication filter and configure only this one filter > using ShiroFilterFactoryBean.setFilters() and > ShiroFilterFactoryBean.setFilterChainDefinitionMap() > using specific url pattern (not using wild pattern match). my application > works well. > > Then I defined another filter for logout by deriving from LogoutFilter, > and call "subject.logout()" from the overrided preHandle(). But I found > that even if I only add it to ShiroFilterFactoryBean's filters property, it > is invoked when I call a API annotated by @RequiresAuthentication and > @RequiresRoles and caused my application failed to work. > > I cannot figure out why this logout filter is invoked. > > I think a filter is only invoked when the request url matches the url > configured for the filter by filterChainDefinitionMap property. > > Your help is appreciated. > > Thanks, > > Guofeng >
