At first glance, it looks like, b/c your login.html is submitting to /ams/main, the authc filter is not recognizing it as a login request.
I would try leaving out the action attribute on your login form (so that it just submits back to itself) and setting authc.successUrl=/main in your shiro.ini. On 07/10/2011 11:36 PM, James Whetstone wrote: > I've developed a test web app that duplicates the functionality of the > the example web app at > http://svn.apache.org/repos/asf/shiro/trunk/samples/web without using > JSP, Maven or a web.xml configuration file. It's an Eclipse java > project that uses the jetty embedded model with shiro. > > Here is a debug trace of the Request/Response flow that shows the problem: > > 2011-07-10 21:12:23 log [DEBUG] REQUEST /index.html on > org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 > <mailto:org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80%3C-%3E127.0.0.1:1364> > 2011-07-10 21:12:23 log [DEBUG] scope null||/index.html @ > o.e.j.s.ServletContextHandler{/ams,null} > 2011-07-10 21:12:23 log [DEBUG] RESPONSE /index.html 200 > 2011-07-10 21:12:34 log [DEBUG] REQUEST /ams/login.html on > org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 > <mailto:org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80%3C-%3E127.0.0.1:1364> > 2011-07-10 21:12:34 log [DEBUG] scope null||/ams/login.html @ > o.e.j.s.ServletContextHandler{/ams,null} > 2011-07-10 21:12:34 log [DEBUG] context=/ams||/login.html @ > o.e.j.s.ServletContextHandler{/ams,null} > 2011-07-10 21:12:34 log [DEBUG] Got Session ID > ko6d1o5558ws1191di9twoh2f from cookie > 2011-07-10 21:12:34 log [DEBUG] > sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9 > <mailto:sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9> > 2011-07-10 21:12:34 log [DEBUG] > session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:ko6d1o5558ws1191di9twoh2f@3098834 > 2011-07-10 21:12:34 log [DEBUG] servlet /ams||/login.html -> null > 2011-07-10 21:12:34 log [DEBUG] RESPONSE /ams/login.html 304 > 2011-07-10 21:12:38 log [DEBUG] closed > org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1373 > <mailto:org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80%3C-%3E127.0.0.1:1373> > 2011-07-10 21:12:40 log [DEBUG] REQUEST /ams/main on > org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 > <mailto:org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80%3C-%3E127.0.0.1:1364> > 2011-07-10 21:12:40 log [DEBUG] scope null||/ams/main @ > o.e.j.s.ServletContextHandler{/ams,null} > 2011-07-10 21:12:40 log [DEBUG] context=/ams||/main @ > o.e.j.s.ServletContextHandler{/ams,null} > 2011-07-10 21:12:40 log [DEBUG] Got Session ID > ko6d1o5558ws1191di9twoh2f from cookie > 2011-07-10 21:12:40 log [DEBUG] > sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9 > <mailto:sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9> > 2011-07-10 21:12:40 log [DEBUG] > session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:ko6d1o5558ws1191di9twoh2f@3098834 > 2011-07-10 21:12:40 log [DEBUG] servlet /ams|/main|null -> > com.ams.MainServlet-25396707 > 2011-07-10 21:12:40 log [DEBUG] chain= > 2011-07-10 21:12:40 log [DEBUG] call filter > org.apache.shiro.web.servlet.IniShiroFilter-11468767 > 2011-07-10 21:12:40 log [DEBUG] RESPONSE /ams/main 302 > 2011-07-10 21:12:40 log [DEBUG] REQUEST /ams/login.html on > org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 > <mailto:org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80%3C-%3E127.0.0.1:1364> > 2011-07-10 21:12:40 log [DEBUG] scope null||/ams/login.html @ > o.e.j.s.ServletContextHandler{/ams,null} > 2011-07-10 21:12:40 log [DEBUG] context=/ams||/login.html @ > o.e.j.s.ServletContextHandler{/ams,null} > 2011-07-10 21:12:40 log [DEBUG] Got Session ID > ko6d1o5558ws1191di9twoh2f from cookie > 2011-07-10 21:12:40 log [DEBUG] > sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9 > <mailto:sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9> > 2011-07-10 21:12:40 log [DEBUG] > session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:ko6d1o5558ws1191di9twoh2f@3098834 > 2011-07-10 21:12:40 log [DEBUG] servlet /ams||/login.html -> null > 2011-07-10 21:12:40 log [DEBUG] RESPONSE /ams/login.html 304 > > Here is the contents of my shiro.ini file: > > #===================================== > [main] > authc.loginUrl = /login.html > > [users] > # format: username = password, role1, role2, ..., roleN > root = secret,admin > guest = guest,guestpresidentskroob = 12345,presidentdarkhelmet = > ludicrousspeed,darklord,schwartz > lonestarr = vespa,goodguy,schwartz > > [roles] > # format; roleName = permission1, permission2, ..., permissionN > admin = * > schwartz = lightsaber:* > goodguy = winnebago:drive:eagle5 > > [urls] > /index.html = anon > /login.html = authc > /main/** = authc, roles[goodguy] > /recovery = anon > #================================== > > Here is my main java application code: > > package com.ams; > > import org.eclipse.jetty.http.ssl.SslContextFactory; > import org.eclipse.jetty.server.Connector; > import org.eclipse.jetty.server.Handler; > import org.eclipse.jetty.server.Server; > import org.eclipse.jetty.server.handler.DefaultHandler; > import org.eclipse.jetty.server.handler.HandlerList; > import org.eclipse.jetty.server.handler.ResourceHandler; > import org.eclipse.jetty.server.nio.SelectChannelConnector; > import org.eclipse.jetty.server.ssl.SslSelectChannelConnector; > import org.eclipse.jetty.servlet.FilterHolder; > import org.eclipse.jetty.servlet.ServletContextHandler; > import org.eclipse.jetty.servlet.ServletHolder; > import org.apache.shiro.web.servlet.AbstractShiroFilter; > import org.apache.shiro.web.servlet.IniShiroFilter; > > public class AmsServer > { > public static void main(String[] args) throws Exception > { > Server server = new Server(); > > > > SelectChannelConnector connector = new SelectChannelConnector(); > connector.setPort(80); > connector.setMaxIdleTime(30000); > connector.setRequestHeaderSize(8192); > > > SslSelectChannelConnector ssl_connector = new > SslSelectChannelConnector(); > String jetty_home = > System.getProperty("jetty.home","C:/jetty-hightide-7.4.2.v20110526"); > System.setProperty("jetty.home",jetty_home); > ssl_connector.setPort(443); > SslContextFactory cf = ssl_connector.getSslContextFactory(); > cf.setKeyStore(jetty_home + "/etc/keystore"); > cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"); > cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g"); > > server.setConnectors(new Connector[]{ connector, ssl_connector }); > > ResourceHandler resource_handler = new ResourceHandler(); > resource_handler.setDirectoriesListed(true); > resource_handler.setWelcomeFiles(new String[]{ "index.html" }); > > resource_handler.setResourceBase("."); > > ServletContextHandler context = new > ServletContextHandler(ServletContextHandler.SESSIONS); > > context.setContextPath("/ams"); > context.addServlet(new ServletHolder(new MainServlet()), "/main"); > context.addServlet(new ServletHolder(new > RecoveryServlet()),"/recovery"); > > > /* setup shiro */ > > AbstractShiroFilter filter = new IniShiroFilter(); > filter.setServletContext(context.getServletContext()); > context.addFilter( new FilterHolder(filter) , "/*", 0); > > /* end setup shiro */ > > > > HandlerList handlers = new HandlerList(); > handlers.setHandlers(new Handler[] { context, resource_handler, new > DefaultHandler()}); > > server.setHandler(handlers); > > server.start(); > server.join(); > } > } > > > Lastly, here is my login.html page: > > <html> > <head><title>Login</title></head> > <body> > > <form name="loginform" action="/ams/main" method="post"> > <table align="left" border="0" cellspacing="0" cellpadding="3"> > <tr> > <td>Username:</td> > <td><input type="text" name="username" maxlength="30"></td> > </tr> > <tr> > <td>Password:</td> > <td><input type="password" name="password" maxlength="30"></td> > </tr> > <tr> > <td colspan="2" align="left"><input type="checkbox" > name="rememberMe"><font size="2">Remember Me</font></td> > </tr> > <tr> > <td colspan="2" align="right"><input type="submit" name="submit" > value="Login"></td> > </tr> > </table> > </form> > </body> > </html> > > > Thanks in advance, > James
