I did another login test and obtained a trace with more information. I think the line that says "2011-07-11 11:51:50 DefaultSecurityManager [TRACE] No identity (PrincipalCollection) found in the context. Looking for a remembered identity." is a problem because I *think* it should have a PrincipalCollection.
2011-07-11 11:51:50 log [DEBUG] REQUEST /main on org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1985 2011-07-11 11:51:50 log [DEBUG] scope null||/main @ o.e.j.s.ServletContextHandler{/,file:/C:/Documents%20and%20Settings/James/My%20Documents/dc4x/code/android_workspace/ams/} 2011-07-11 11:51:50 log [DEBUG] context=||/main @ o.e.j.s.ServletContextHandler{/,file:/C:/Documents%20and%20Settings/James/My%20Documents/dc4x/code/android_workspace/ams/} 2011-07-11 11:51:50 log [DEBUG] Got Session ID 4fnchvwv5j4kdetoxlu08e8e from cookie 2011-07-11 11:51:50 log [DEBUG] sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d2906a 2011-07-11 11:51:50 log [DEBUG] session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:4fnchvwv5j4kdetoxlu08e8e@5998631 2011-07-11 11:51:50 log [DEBUG] servlet |/main|null -> com.ams.MainServlet-29485609 2011-07-11 11:51:50 log [DEBUG] chain= 2011-07-11 11:51:50 log [DEBUG] call filter org.apache.shiro.web.servlet.IniShiroFilter-14651230 2011-07-11 11:51:50 OncePerRequestFilter [TRACE] Filter 'org.apache.shiro.web.servlet.IniShiroFilter-14651230' not yet executed. Executing now. 2011-07-11 11:51:50 DefaultSecurityManager [TRACE] Context already contains a SecurityManager instance. Returning. 2011-07-11 11:51:50 DefaultSecurityManager [TRACE] No identity (PrincipalCollection) found in the context. Looking for a remembered identity. 2011-07-11 11:51:50 SimpleCookie [TRACE] No value found in request Cookies under cookie name [rememberMe] 2011-07-11 11:51:50 DefaultSecurityManager [TRACE] No remembered identity found. Returning original context. 2011-07-11 11:51:50 ThreadContext [TRACE] Bound value of type [org.apache.shiro.web.subject.support.WebDelegatingSubject] for key [org.apache.shiro.util.ThreadContext_SUBJECT_KEY] to thread [qtp26392982-15 - /main] 2011-07-11 11:51:50 ThreadContext [TRACE] Bound value of type [org.apache.shiro.web.mgt.DefaultWebSecurityManager] for key [org.apache.shiro.util.ThreadContext_SECURITY_MANAGER_KEY] to thread [qtp26392982-15 - /main] 2011-07-11 11:51:50 PathMatchingFilterChainResolver [TRACE] Matched path pattern [/main] for requestURI [/main]. Utilizing corresponding filter chain... 2011-07-11 11:51:50 AbstractShiroFilter [TRACE] Resolved a configured FilterChain for the current request. 2011-07-11 11:51:50 ProxiedFilterChain [TRACE] Invoking wrapped filter at index [0] 2011-07-11 11:51:50 OncePerRequestFilter [TRACE] Filter 'authc' not yet executed. Executing now. 2011-07-11 11:51:50 PathMatchingFilter [TRACE] Attempting to match pattern [/login.html] with current requestURI [/main]... 2011-07-11 11:51:50 PathMatchingFilter [TRACE] Attempting to match pattern [/main] with current requestURI [/main]... 2011-07-11 11:51:50 PathMatchingFilter [TRACE] Current requestURI matches pattern [/main]. Performing onPreHandle check... 2011-07-11 11:51:50 ThreadContext [TRACE] get() - in thread [qtp26392982-15 - /main] 2011-07-11 11:51:50 ThreadContext [TRACE] Retrieved value of type [org.apache.shiro.web.subject.support.WebDelegatingSubject] for key [org.apache.shiro.util.ThreadContext_SUBJECT_KEY] bound to thread [qtp26392982-15 - /main] 2011-07-11 11:51:50 PathMatchingFilter [TRACE] Attempting to match pattern [/login.html] with current requestURI [/main]... 2011-07-11 11:51:50 FormAuthenticationFilter [TRACE] Attempting to access a path which requires authentication. Forwarding to the Authentication url [/login.html] 2011-07-11 11:51:50 ThreadContext [TRACE] get() - in thread [qtp26392982-15 - /main] 2011-07-11 11:51:50 ThreadContext [TRACE] Retrieved value of type [org.apache.shiro.web.subject.support.WebDelegatingSubject] for key [org.apache.shiro.util.ThreadContext_SUBJECT_KEY] bound to thread [qtp26392982-15 - /main] 2011-07-11 11:51:50 DelegatingSubject [TRACE] attempting to get session; create = true; session is null = false; session has id = true 2011-07-11 11:51:50 AdviceFilter [TRACE] Invoked preHandle method. Continuing chain?: [false] 2011-07-11 11:51:50 AdviceFilter [TRACE] Successfully invoked postHandle method 2011-07-11 11:51:50 AdviceFilter [TRACE] Successfully invoked afterCompletion method. 2011-07-11 11:51:50 log [DEBUG] RESPONSE /main 302 2011-07-11 11:51:50 log [DEBUG] REQUEST /login.html on org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1985 2011-07-11 11:51:50 log [DEBUG] scope null||/login.html @ o.e.j.s.ServletContextHandler{/,file:/C:/Documents%20and%20Settings/James/My%20Documents/dc4x/code/android_workspace/ams/} 2011-07-11 11:51:50 log [DEBUG] context=||/login.html @ o.e.j.s.ServletContextHandler{/,file:/C:/Documents%20and%20Settings/James/My%20Documents/dc4x/code/android_workspace/ams/} 2011-07-11 11:51:50 log [DEBUG] Got Session ID 4fnchvwv5j4kdetoxlu08e8e from cookie 2011-07-11 11:51:50 log [DEBUG] sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d2906a 2011-07-11 11:51:50 log [DEBUG] session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:4fnchvwv5j4kdetoxlu08e8e@5998631 2011-07-11 11:51:50 log [DEBUG] servlet ||/login.html -> null 2011-07-11 11:51:50 log [DEBUG] RESPONSE /login.html 304 ----- Original Message ----- From: Jared Bunting To: [email protected] Sent: Monday, July 11, 2011 5:24 AM Subject: Re: Unexpected redirect when logging in. At first glance, it looks like, b/c your login.html is submitting to /ams/main, the authc filter is not recognizing it as a login request. I would try leaving out the action attribute on your login form (so that it just submits back to itself) and setting authc.successUrl=/main in your shiro.ini. On 07/10/2011 11:36 PM, James Whetstone wrote: I've developed a test web app that duplicates the functionality of the the example web app at http://svn.apache.org/repos/asf/shiro/trunk/samples/web without using JSP, Maven or a web.xml configuration file. It's an Eclipse java project that uses the jetty embedded model with shiro. Here is a debug trace of the Request/Response flow that shows the problem: 2011-07-10 21:12:23 log [DEBUG] REQUEST /index.html on org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 2011-07-10 21:12:23 log [DEBUG] scope null||/index.html @ o.e.j.s.ServletContextHandler{/ams,null} 2011-07-10 21:12:23 log [DEBUG] RESPONSE /index.html 200 2011-07-10 21:12:34 log [DEBUG] REQUEST /ams/login.html on org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 2011-07-10 21:12:34 log [DEBUG] scope null||/ams/login.html @ o.e.j.s.ServletContextHandler{/ams,null} 2011-07-10 21:12:34 log [DEBUG] context=/ams||/login.html @ o.e.j.s.ServletContextHandler{/ams,null} 2011-07-10 21:12:34 log [DEBUG] Got Session ID ko6d1o5558ws1191di9twoh2f from cookie 2011-07-10 21:12:34 log [DEBUG] sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9 2011-07-10 21:12:34 log [DEBUG] session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:ko6d1o5558ws1191di9twoh2f@3098834 2011-07-10 21:12:34 log [DEBUG] servlet /ams||/login.html -> null 2011-07-10 21:12:34 log [DEBUG] RESPONSE /ams/login.html 304 2011-07-10 21:12:38 log [DEBUG] closed org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1373 2011-07-10 21:12:40 log [DEBUG] REQUEST /ams/main on org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 2011-07-10 21:12:40 log [DEBUG] scope null||/ams/main @ o.e.j.s.ServletContextHandler{/ams,null} 2011-07-10 21:12:40 log [DEBUG] context=/ams||/main @ o.e.j.s.ServletContextHandler{/ams,null} 2011-07-10 21:12:40 log [DEBUG] Got Session ID ko6d1o5558ws1191di9twoh2f from cookie 2011-07-10 21:12:40 log [DEBUG] sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9 2011-07-10 21:12:40 log [DEBUG] session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:ko6d1o5558ws1191di9twoh2f@3098834 2011-07-10 21:12:40 log [DEBUG] servlet /ams|/main|null -> com.ams.MainServlet-25396707 2011-07-10 21:12:40 log [DEBUG] chain= 2011-07-10 21:12:40 log [DEBUG] call filter org.apache.shiro.web.servlet.IniShiroFilter-11468767 2011-07-10 21:12:40 log [DEBUG] RESPONSE /ams/main 302 2011-07-10 21:12:40 log [DEBUG] REQUEST /ams/login.html on org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@[email protected]:80<->127.0.0.1:1364 2011-07-10 21:12:40 log [DEBUG] scope null||/ams/login.html @ o.e.j.s.ServletContextHandler{/ams,null} 2011-07-10 21:12:40 log [DEBUG] context=/ams||/login.html @ o.e.j.s.ServletContextHandler{/ams,null} 2011-07-10 21:12:40 log [DEBUG] Got Session ID ko6d1o5558ws1191di9twoh2f from cookie 2011-07-10 21:12:40 log [DEBUG] sessionManager=org.eclipse.jetty.server.session.HashSessionManager@d0a5d9 2011-07-10 21:12:40 log [DEBUG] session=org.eclipse.jetty.server.session.HashSessionManager$HashedSession:ko6d1o5558ws1191di9twoh2f@3098834 2011-07-10 21:12:40 log [DEBUG] servlet /ams||/login.html -> null 2011-07-10 21:12:40 log [DEBUG] RESPONSE /ams/login.html 304 Here is the contents of my shiro.ini file: #===================================== [main] authc.loginUrl = /login.html [users] # format: username = password, role1, role2, ..., roleN root = secret,admin guest = guest,guestpresidentskroob = 12345,presidentdarkhelmet = ludicrousspeed,darklord,schwartz lonestarr = vespa,goodguy,schwartz [roles] # format; roleName = permission1, permission2, ..., permissionN admin = * schwartz = lightsaber:* goodguy = winnebago:drive:eagle5 [urls] /index.html = anon /login.html = authc /main/** = authc, roles[goodguy] /recovery = anon #================================== Here is my main java application code: package com.ams; import org.eclipse.jetty.http.ssl.SslContextFactory; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.Handler; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.handler.DefaultHandler; import org.eclipse.jetty.server.handler.HandlerList; import org.eclipse.jetty.server.handler.ResourceHandler; import org.eclipse.jetty.server.nio.SelectChannelConnector; import org.eclipse.jetty.server.ssl.SslSelectChannelConnector; import org.eclipse.jetty.servlet.FilterHolder; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; import org.apache.shiro.web.servlet.AbstractShiroFilter; import org.apache.shiro.web.servlet.IniShiroFilter; public class AmsServer { public static void main(String[] args) throws Exception { Server server = new Server(); SelectChannelConnector connector = new SelectChannelConnector(); connector.setPort(80); connector.setMaxIdleTime(30000); connector.setRequestHeaderSize(8192); SslSelectChannelConnector ssl_connector = new SslSelectChannelConnector(); String jetty_home = System.getProperty("jetty.home","C:/jetty-hightide-7.4.2.v20110526"); System.setProperty("jetty.home",jetty_home); ssl_connector.setPort(443); SslContextFactory cf = ssl_connector.getSslContextFactory(); cf.setKeyStore(jetty_home + "/etc/keystore"); cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"); cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g"); server.setConnectors(new Connector[]{ connector, ssl_connector }); ResourceHandler resource_handler = new ResourceHandler(); resource_handler.setDirectoriesListed(true); resource_handler.setWelcomeFiles(new String[]{ "index.html" }); resource_handler.setResourceBase("."); ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS); context.setContextPath("/ams"); context.addServlet(new ServletHolder(new MainServlet()), "/main"); context.addServlet(new ServletHolder(new RecoveryServlet()),"/recovery"); /* setup shiro */ AbstractShiroFilter filter = new IniShiroFilter(); filter.setServletContext(context.getServletContext()); context.addFilter( new FilterHolder(filter) , "/*", 0); /* end setup shiro */ HandlerList handlers = new HandlerList(); handlers.setHandlers(new Handler[] { context, resource_handler, new DefaultHandler()}); server.setHandler(handlers); server.start(); server.join(); } } Lastly, here is my login.html page: <html> <head><title>Login</title></head> <body> <form name="loginform" action="/ams/main" method="post"> <table align="left" border="0" cellspacing="0" cellpadding="3"> <tr> <td>Username:</td> <td><input type="text" name="username" maxlength="30"></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="password" maxlength="30"></td> </tr> <tr> <td colspan="2" align="left"><input type="checkbox" name="rememberMe"><font size="2">Remember Me</font></td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="submit" value="Login"></td> </tr> </table> </form> </body> </html> Thanks in advance, James
