Hi,

I don't use the FormAuthenticationFilter. I
call SecurityUtils.getSubject().login() inside a JSF ManagedBean.

I did some debug on the AccessControlFilter. On 1.2.6 getLoginUrl() returns
the correct value, but I didn't figured out how loginUrl is populated since
setLoginUrl is not called, so I changed on shiro.ini from shiro.loginUrl to
roles.loginUrl, now it's working with both 1.2 and 1.3.

Thanks

2016-09-16 10:44 GMT-03:00 Brian Demers <brian.dem...@gmail.com>:

> As far as additional info:  What do the relevant bits in your shiro.ini
> look like?
>
> I'm guessing something like:
>
> [main]
> ...
> shiro.loginUrl = /login.jsf
> ...
>
> [urls]
> ...
> /my-resources/foo = authc ...
>
>
>
> Take a look at FormAuthenticationFilter.onAccessDenied()
> https://github.com/apache/shiro/blob/master/web/src/
> main/java/org/apache/shiro/web/filter/authc/FormAuthenticationFilter.java#
> L148-L171
>
> Keep us posted,
> -Brian
>
> On Fri, Sep 16, 2016 at 8:04 AM, Felipe Jaekel <fkjae...@gmail.com> wrote:
>
>> Unfortunately no.
>>
>> Yes there additional information I can provide?
>>
>> If not, could point where on Shiro code is this redirect done? I could
>> debug it and try to figure out why my loginUrl was not used.
>>
>> 2016-09-15 14:26 GMT-03:00 Brian Demers <brian.dem...@gmail.com>:
>>
>>> Do you have a reproduce case that you can send us?
>>>
>>> I have a couple apps were i'm setting `shiro.loginUrl` to /login and
>>> have not seen any issue
>>>
>>> On Thu, Sep 15, 2016 at 1:02 PM, Felipe Jaekel <fkjae...@gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I have the following configuration with shiro 1.2.x:
>>>>
>>>> shiro.loginUrl = /login.jsf
>>>>
>>>> After upgrading from 1.2.6 to 1.3.2, login redirect is going to
>>>> login.jsp instead of login.jsf.
>>>>
>>>> Is this a bug or configuration changed?
>>>>
>>>> Thanks
>>>>
>>>
>>>
>>
>

Reply via email to