Hi Andy,
I *think* this might be due to the way your filters are declared?
The AUTHC filter needs to be told what the login url is ("/login.jsp") so
it knows to let requests to that URL pass through (otherwise the page won't
be rendered!).
If you do that first and then define the filter chain, I think that will
solve it.
HTH,
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
On Sun, Sep 1, 2013 at 3:00 PM, AndyW <[email protected]> wrote:
> Hello,
>
> I'm trying to make my web app use ssl, but I'm having a strange problem
> with
> the login.jsp page. When I load https://www.myexample.com as a
> non-loggedin
> user, the browser redirects to http://www.myexample.com/login.jsp (instead
> of https).
>
> I'm using Shiro with Guice, Jersey and Jetty, deployed to Heroku.
>
> I've tried changing the login.jsp filter chain in my ShiroWebModule, e.g.:
>
> addFilterChain("/login.jsp", SSL, AUTHC);
>
> Although this forces a redirect to the https login.jsp, the browser then
> displays an error page showing an ERR_TOO_MANY_REDIRECTS error.
>
> Any help getting to the bottom of this would be much appreciated!
>
> Thanks,
> Andy
>
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/SSL-Login-https-redirects-to-http-tp7579103.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
