Hi Les,
this is now my current configuration for a simple program with no Icefaces:
<param-value>
[main]
# override authc to 'pass thru' to an underlying MVC
mechanism:
authc =
org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
myRealmCredentialsMatcher =
org.apache.shiro.authc.credential.SimpleCredentialsMatcher
# now define the realm, and specify that it use the above
credentials
matcher:
myRealm = name.brucephillips.ecarsecurity.dao.EcarSecurityRealm
myRealm.credentialsMatcher = $myRealmCredentialsMatcher
[filters]
authc.loginUrl = /login.jsp
roles.unauthorizedUrl = /unauthorized.jsp
[urls]
/LoginUser = anon
/login.jsp = authc
/secure/** = authc, roles[user]
/admin/** = authc, roles[admin]
/** = authc
</param-value>
and it doesn't work. If I remove /** from the urls it does work, but
obviously does not restrict access to pages not in the list.
I will try debugging the onAccessDenied method as you suggest.
-----
regards,
Philip Kerrigan
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Using-Shiro-with-Icefaces-tp5600653p5606182.html
Sent from the Shiro User mailing list archive at Nabble.com.
