Hi, I would try to add a JSP fragment with a login form on every generic (not protected) page, form whose name is loginform, method is POST and *action points to a protected url where your authc filter is defined*. Your authc filter configuration should match the name of the input fields defined in the login form (username, password, rememberMe) and have a successUrl which is the default target protected page. Best regards, Jérôme
-- View this message in context: http://shiro-user.582556.n2.nabble.com/login-into-application-without-dedicated-login-page-using-shiro-API-tp7577620p7577624.html Sent from the Shiro User mailing list archive at Nabble.com.
