question about loginUrl, successUrl in shiroFilter

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

question about loginUrl, successUrl in shiroFilter

yuwei

Hi guys,


I tried to integrate shiro into my web app.

I don't quite understand loginUrl, sucessfulUrl  configured in shiroFilter.


If I want to access an endpoint without logging firstly, should I be redirect to the login html pages?

Is loginUrl an login pages or just endpoint which could handle requests for endpoint "/login" ?



Thanks,

Jared, (韦煜)
Software developer
Interested in open source software, big data, Linux

Reply | Threaded
Open this post in threaded view
|

Re: question about loginUrl, successUrl in shiroFilter

armandoxxx
This post was updated on .
Let me explain as simple as possible in shiro.ini

loginUrl << url containing login form
successUrl << redirect to this url after successful authentication

somefilter.successUrl			= /authPages/index
somefilter.loginUrl			= /login.jspx

set every page under /authPages/ for shiro to check for user authenticated .. if not user is redirected to someFilter.loginUrl
/authPages/** = someFilter

sets all pages for annonimius access ... and will  no create any shiro session ..
/** = noSessionCreation, anon

I hope I wrote it easy enough to understand

regads

Armando