That line is invalid. There is no reason to configure anon and then authc -- Les
On Wed, Sep 9, 2015 at 10:25 AM, Sreyan Chakravarty < [email protected]> wrote: > Okay then tell me what is the point of -: > > /home.jsp = anon, authc > > Why is home.jsp mapped to the anon filter ? > Shouldn't it just be mapped to the authc filter ? I mean whats the point of > mapping it to 2 filters. One which is not required. home.jsp is a protected > resource so why would anyone even map it to anonymous access. > > This is done in the follwing example-: > > https://github.com/pires/simple-shiro-web-app/blob/master/src/main/webapp/WEB-INF/shiro.ini > > > On Wed, Sep 9, 2015 at 8:01 PM, scSynergy <[email protected]> > wrote: > >> authc.successUrl means after the authc filter has successfully validated >> the >> user redirect her to /home.jsp >> /login.jsp = anon means do not apply any filter to /login.jsp, not even >> authc, which means authc is never called and therefore never notices a >> successful login attempt and therefore does not know it should redirect >> >> [main] >> authc.loginUrl = /login.jsp >> authc.successUrl = /home.jsp >> >> [urls] >> /login.jsp = *authc* >> >> The above code on the other hand means >> 1. the authc filter should treat /login.jsp as a login page - anonymous >> access allowed >> 2. if a successful login attempt is made, redirect the user to /home.jsp >> 3. if someone navigates to /login.jsp activate the authc filter for the >> request and do whatever is configured for the authc filter (loginUrl and >> successUrl) >> >> >> >> -- >> View this message in context: >> http://shiro-user.582556.n2.nabble.com/Why-doesn-t-the-following-work-tp7580703p7580706.html >> Sent from the Shiro User mailing list archive at Nabble.com. >> > >
