First I'd like to say the Tynamo-Security/Shiro package is great, but I've run into a simple problem I'm not sure how to solve. I don't think it's really a Tynamo problem but an interaction between how Shiro expects URLs to work and Tapestry case insensitive URLs. I was working on a simple site with an admin account and an admin directory so I added the following to the shiro.ini file:
[urls] /admin/** = authc, roles[administrator] The problem is if you go to /Admin the authentication is bypassed because /admin != /Admin. I realize this is a feature but it does not seem very desirable. I also realize I could annotate all my admin pages and fix this but that's some amount of work and error prone. I looked thru the Shiro docs and I don't see anyway to do a case insensitive match. I thought I might be able to fix this with a URLRewriter and map /Admin to /admin but that does not seem to work either. Am I missing something? Is there any simple way to resolve this? Thanks Barry --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org