Thank you, Les! The definitely clears things up a lot. One more question:
I'm wiring Shiro in Spring, so would the filter bean definition look
something like this? (currently depending on Shiro 1.1.0)
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="filters">
<util:map>
<entry key="authc" value-ref="customFilter"/>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/login = anon
/logout = anon
/** = authc
</value>
</property>
</bean>
Systems integrating with us via our web based application will explicitly
hit a /login url and a /logout url.
Thanks again!
Allan
On Wed, Jun 15, 2011 at 11:32 PM, Les Hazlewood <[email protected]>wrote:
> P.P.S.
>
> I think this wins as my longest email on this list ever! Which, if you
> know me, says a lot, since I can be pretty long winded ;)
>
