Emmanuel Bourg created SHIRO-410:
------------------------------------
Summary: Clarify the configuration for the form based login
Key: SHIRO-410
URL: https://issues.apache.org/jira/browse/SHIRO-410
Project: Shiro
Issue Type: Bug
Components: Documentation
Affects Versions: 1.2.1
Reporter: Emmanuel Bourg
Priority: Trivial
I just started learning Shiro and I struggled a bit to integrate a simple form
based login into my web application. My mistake was to exclude the loginUrl
from the urls covered by the FormAuthenticationFilter. I assumed the login form
had to be accessible to anonymous users, so my configuration looked like this:
{code}
[main]
authc.loginUrl = /account/login.jsp
[urls]
/account/login.jsp = anon
/account/register.jsp = anon
/account/reset.jsp = anon
/account/** = authc
{code}
But this doesn't work because login.jsp must be processed by authc.
I would suggest mentioning this detail in the reference manual, that wasn't
obvious at first glance (but maybe I didn't read carefully enough).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
