Alex,
I already have a filter, but it doesn't working. The logic in preHandle of
PathMatchingFilter is allow the url if it not matches. I override that
logic.
Also can you please explain what do you mean by "put it at last" ?
public class ForbiddenUrlFilter extends PathMatchingFilter
{
private static final Logger log =
LoggerFactory.getLogger(ForbiddenUrlFilter.class);
@Override
protected boolean preHandle(final ServletRequest request, final
ServletResponse response) throws Exception {
if (appliedPaths == null || appliedPaths.isEmpty()) {
return true;
}
for (final String path : appliedPaths.keySet()) {
if (pathsMatch(path, request)) {
log.trace("Current requestURI matches pattern \'{}\'.
Determining filter chain execution...", path);
return true;
}
}
WebUtils.toHttp(response).sendError(404);
return false;
}
}
On Fri, 26 Feb 2016 at 15:52 Alex Ditu <[email protected]> wrote:
> Use a filter to redirect the request or tell the user that path doesen't
> exists, and put it last and make it match everything, like this:
>
> [urls]
> ...
> /** = yourFilterForBadPath
>
> On Thu, Feb 25, 2016 at 11:26 PM, Mohit Srivastava <
> [email protected]> wrote:
>
>> Hi,
>>
>> Shiro's default behaviour for path mismatch is nothing. I mean if a
>> request url path doesn't match any thing defined in Filter chain, shiro
>> used to pass it instead of failing.
>>
>> Is there a way I can simply reject those path which are not defined in
>> filterchain?
>>
>> Thanks & Regards,
>> Mohit
>>
>
>
