This is an automated email from the ASF dual-hosted git repository.
lprimak pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/shiro-site.git
The following commit(s) were added to refs/heads/main by this push:
new 8fae25597 Update documentation for new configuration parameters (#280)
8fae25597 is described below
commit 8fae255971c26dff2ac06b4e4d0ca8c5598c1eaf
Author: Ganesh Patil <[email protected]>
AuthorDate: Wed Jan 21 23:10:44 2026 +0530
Update documentation for new configuration parameters (#280)
* Update commercial support page and add navigation link
* Update documentation for new configuration parameters
* Update src/site/content/web.adoc
Co-authored-by: Copilot <[email protected]>
* Update src/site/content/spring-boot.adoc
Co-authored-by: Copilot <[email protected]>
* Revert "Update commercial support page and add navigation link"
This reverts commit a1c3f432d1758b0a16fa568f244b034e36ea2cb5.
* web: fix access control mechanism text
---------
Co-authored-by: Copilot <[email protected]>
Co-authored-by: lprimak <[email protected]>
---
src/site/content/spring-boot.adoc | 4 ++++
src/site/content/web.adoc | 28 +++++++++++++++++++++++++++-
2 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/src/site/content/spring-boot.adoc
b/src/site/content/spring-boot.adoc
index 3bfef03dd..f01913128 100644
--- a/src/site/content/spring-boot.adoc
+++ b/src/site/content/spring-boot.adoc
@@ -160,6 +160,10 @@ protected CacheManager cacheManager() {
|shiro.successUrl |`/` |Default landing page after a user logs in (if
alternative cannot be found in the current session)
|shiro.unauthorizedUrl |null |Page to redirect user to if they are
unauthorized (403 page)
+
+|shiro.caseInsensitive |`false` (2.x), `true` (3.x) |Enable case-insensitive
path matching. Can be set to true in 2.x. Defaults to true in 3.x.
+
+|shiro.allowAccessByDefault |`true` (2.x), `false` (3.x) |Allow access when no
filter chain matches. Defaults to true in 2.x and false in 3.x.
|===
== Standalone Applications
diff --git a/src/site/content/web.adoc b/src/site/content/web.adoc
index f28eb1e44..f012842aa 100644
--- a/src/site/content/web.adoc
+++ b/src/site/content/web.adoc
@@ -469,6 +469,32 @@ If you're currently allowing URL rewriting to allow for a
<code>jsessionid</code
URL rewriting for `jsessionid` is defined in section "7.1.3" of the Java
Servlet Specification, but it is generally NOT recommended.
====
+=== Configuring default behavior of the access control mechanism
+[NOTE]
+====
+This feature is only available in Shiro 2.1 or later, and in Shiro 3.0.0 or
later, this option will become the default (no additional configuration will be
required)
+====
+
+The filter chain resolver supports additional configuration options, including:
+
+- case-insensitive path matching
+- whether to allow access when no filter matches the request path
+
+[source,ini]
+----
+[main]
+# Enable case-insensitive path matching.
+# Can be set to true for Shiro 2.x.
+# Defaults to true in Shiro 3.x.
+filterChainResolver.caseInsensitive = true
+
+# Allow access when no filter chain matches the request path.
+# Can be set to true to allow access when no filter chain matches.
+# Can be set to false for Shiro 2.x.
+# Defaults to false in Shiro 3.x.
+filterChainResolver.allowAccessByDefault = false
+----
+
=== CORS Support
When using HTTP-based authentication (like Basic Auth or Bearer Token) in a
browser-based application, Cross-Origin Resource Sharing (CORS) pre-flight
`OPTIONS` requests are often sent by the browser. By default, these requests
might be rejected if they do not contain authentication headers.
@@ -478,7 +504,7 @@ To allow pre-flight `OPTIONS` requests to pass through the
authentication filter
This is commonly used with `authcBasic` (Basic Auth) or `authcBearer` (Bearer
Token / JWT).
[NOTE]
====
-this feature is only available in Shiro 2.0.7 or later, and in Shiro 3.0.0 or
later, this option will become the default (no additional configuration will be
required)
+this feature is only available in Shiro 2.1 or later, and in Shiro 3.0.0 or
later, this option will become the default (no additional configuration will be
required)
====
[source,ini]
