You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by "jim.piersol@gmail.com" <ji...@gmail.com> on 2016/07/18 15:37:39 UTC
Shiro rediecting back to Login after successful Login
Shiro Newbie here. I am still trying to get some simple Shiro integration
done and I am stuck on something and could use a push.
I have a Java Servlet app running under Tomcat 8, Java 8
Using a HTML/JS front end
Wanting to secure the server with FORM based Auth
I have a very simple Login.html file, and I am redirected to it upon
attempting to browse to any URL in my app. I see successful login
happening, but I am constantly redirected back to the Login.html. The
redirect is consistent on Chrome and IE. Firefox will occasionally redirect
correctly.
What I am doing is super basic, so I assume I am missing something simple
too...
Here is my shiro.ini
---------------------------------------------
#-----------
# Main
# ----------
[main]
shiro.loginUrl = /login.html
myRealm = com.my.MyCustomRealm
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager
securityManager.realms = $myRealm
#
-----------------------------------------------------------------------------
# URLS - followed by Filter Chains.
#
-----------------------------------------------------------------------------
[urls]
/** = authc
---------------------------------------------
Here is the auth method from MyCustomRealm:
----------------------------------------------------------------
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String name = upToken.getUsername();
String password = new String(upToken.getPassword());
if (name != null && password != null) {
Map userMap = MyDatabase.readCollection(User.USERS, String.class);
if (userMap.containsKey(name)) {
User user = (User) userMap.get(name);
String pw = user.getPassword();
if (password.equals(pw)) {
return new SimpleAuthenticationInfo(name, password.toCharArray(),
getName());
} else {
throw new AuthenticationException("Invalid Password");
}
} else {
throw new AuthenticationException("Invalid Username");
}
}
throw new AuthenticationException("Username and Password required");
}
--------------------------------------------------------------
Here is my web.xml
-------------------------------------------------------------
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<context-param>
<param-name>resteasy.scan</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>resteasy.servlet.mapping.prefix</param-name>
<param-value>/v1</param-value>
</context-param>
<listener>
<listener-class>
org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap
</listener-class>
</listener>
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<servlet>
<display-name>resteasy</display-name>
<servlet-name>Resteasy</servlet-name>
<servlet-class>org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.my.MyRestApplication</param-value>
</init-param>
</servlet>
<servlet>
<display-name>My Application</display-name>
<servlet-name>MyApp-Init</servlet-name>
<servlet-class>com.my.AppInitServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<display-name>EventBus</display-name>
<servlet-name>EventBusServlet</servlet-name>
<servlet-class>com.my.init.EventBusInitServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Jersey2Config</servlet-name>
<servlet-class>io.swagger.jaxrs.config.DefaultJaxrsConfig</servlet-class>
<init-param>
<param-name>api.version</param-name>
<param-value>1.0.0</param-value>
</init-param>
<init-param>
<param-name>swagger.api.basepath</param-name>
<param-value>/CloudMgr/v1</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Resteasy</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>
</web-app>
---------------------------------------------------------
Do you see anything that would cause the constant redirection? Ive have
tried everything I can find from the docs...
Thanks, in Advance, and I apologize if I have missed something obvious.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by itsvisher <an...@gmail.com>.
Same with me as well. Changing to MemorySessionDAO did the trick. But it
means I have to solve problem with my custom session dao class. Lookout at
my thread over here:
http://shiro-user.582556.n2.nabble.com/Login-successful-but-authenticated-call-to-any-other-api-results-in-302-response-td7581569.html
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581573.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
I would tend to agree with you. I am using box stock Tomcat8 and Jetty
9.3.10. Both on Windows. Jetty works with nothing special set for Session
Management, Tomcat does not. I must use Shiro native SessionManagement in
order for it to work.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581166.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
Since both Tomcact and Jetty are servlet containers, there should be zero difference on how
Shiro integration works. Something else is going on in your setup that’s interfering with normal operations.
> On Jul 21, 2016, at 10:56 AM, jim.piersol@gmail.com wrote:
>
> Ok, I finally made some progress. Seems that in order to get the Auth to
> work under Tomcat, I had to switch to native Shiro Session Management by
> adding the following properties to shiro.ini
>
> sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
> securityManager.sessionManager = $sessionManager
>
>
> I do not need these when running with Jetty.
>
> I would like to understand why the difference if anyone knows, and is anyone
> else using Tomcat8 without any issues?
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581164.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
Ok, I finally made some progress. Seems that in order to get the Auth to
work under Tomcat, I had to switch to native Shiro Session Management by
adding the following properties to shiro.ini
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager
I do not need these when running with Jetty.
I would like to understand why the difference if anyone knows, and is anyone
else using Tomcat8 without any issues?
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581164.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
I dont have a simple example formed up to submit yet, but what I have found
is that my requests are being handled on multiple Threads (box stock
Tomcat8) so I am seeing multiple different Subject (WebDelegatingSubject)
Objects being stored in the ThreadLocal of ThreadContext, so only one of
those gets set to isAuthenticated=true, so on next request from a different
Thread, it finds a Subject that has not been marked as isAuthenticated=true,
thus the redirect back to Login.html.
So I am not sure if there is something different I need to do when using
Tomcat to ensure use of the same Thread? Im assuming Jetty doesn't do this,
but just a guess.
Thoughts?
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581163.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by Brian Demers <br...@gmail.com>.
Any chance you have a simple example of the problem you can post to github
or someplace ?
On Wed, Jul 20, 2016 at 3:38 PM, jim.piersol@gmail.com <
jim.piersol@gmail.com> wrote:
> ok, I have been able to dig deeper...
>
> It seems that when the call comes into
> FormAuthenticationFilter.isAccessAllowed() (actually in super class of
> AuthenticatingFilter) AFTER a success login and redirect to successUrl,
> this
> method is always returning false. It seems the call to getSubject is not
> finding an Authenticated Subject in the ThreadContext. It is this method
> that doesn't find correct Subject:
>
> public static Subject getSubject() {
> Subject subject = ThreadContext.getSubject();
> if (subject == null) {
> subject = (new Subject.Builder()).buildSubject();
> ThreadContext.bind(subject);
> }
> return subject;
> }
>
> So my question is, what might cause this? I am authenticating in my custom
> Realm (which works fine thru BASIC auth), I can see the correct
> authenticated Subject being created. It is just not being found by
> SecurityUtils upon the next call.
>
> Here is my auth method from my custom realm:
> ----------------------------------------------------------
> protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
> token) throws AuthenticationException {
>
> UsernamePasswordToken upToken = (UsernamePasswordToken)
> token;
>
> String name = upToken.getUsername();
> String password = new String(upToken.getPassword());
>
> if (name != null && password != null) {
> Map userMap =
> VnfmDatabase.readCollection(User.USERS, String.class);
> if (userMap.containsKey(name)) {
> User user = (User) userMap.get(name);
> String pw = user.getPassword();
> if (password.equals(pw)) {
> return new
> SimpleAuthenticationInfo(name, password.toCharArray(),
> getName());
> } else {
> throw new
> AuthenticationException("Invalid Password");
> }
> } else {
> throw new AuthenticationException("Invalid
> Username");
> }
> }
> throw new AuthenticationException("Username and Password
> required");
> }
> ------------------------------------------------------------
>
> Does something else need to be done to ensure the authenticated Subject is
> stashed away somewhere properly?
>
> My subsequent requests do have a JSESSIONID attached to them...
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581158.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
ok, I have been able to dig deeper...
It seems that when the call comes into
FormAuthenticationFilter.isAccessAllowed() (actually in super class of
AuthenticatingFilter) AFTER a success login and redirect to successUrl, this
method is always returning false. It seems the call to getSubject is not
finding an Authenticated Subject in the ThreadContext. It is this method
that doesn't find correct Subject:
public static Subject getSubject() {
Subject subject = ThreadContext.getSubject();
if (subject == null) {
subject = (new Subject.Builder()).buildSubject();
ThreadContext.bind(subject);
}
return subject;
}
So my question is, what might cause this? I am authenticating in my custom
Realm (which works fine thru BASIC auth), I can see the correct
authenticated Subject being created. It is just not being found by
SecurityUtils upon the next call.
Here is my auth method from my custom realm:
----------------------------------------------------------
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
String name = upToken.getUsername();
String password = new String(upToken.getPassword());
if (name != null && password != null) {
Map userMap = VnfmDatabase.readCollection(User.USERS, String.class);
if (userMap.containsKey(name)) {
User user = (User) userMap.get(name);
String pw = user.getPassword();
if (password.equals(pw)) {
return new SimpleAuthenticationInfo(name, password.toCharArray(),
getName());
} else {
throw new AuthenticationException("Invalid Password");
}
} else {
throw new AuthenticationException("Invalid Username");
}
}
throw new AuthenticationException("Username and Password required");
}
------------------------------------------------------------
Does something else need to be done to ensure the authenticated Subject is
stashed away somewhere properly?
My subsequent requests do have a JSESSIONID attached to them...
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581158.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by Brian Demers <br...@gmail.com>.
Hey Jim,
I'm sorry to see you are having such a rough go at it.
I grabbed the current 1.3.0-SNAPSHOT web sample (should work with
1.2.x as well), and switched the login.jsp to login.html, without
issue.
Granted I didn't try this with tomcat, I used jetty.
https://github.com/bdemers/shiro-web-html-example
You can start this with mvn jetty:run
I hope this helps
On Tue, Jul 19, 2016 at 2:55 PM, jim.piersol@gmail.com
<ji...@gmail.com> wrote:
> Ive tried it both ways: authc.loginUrl & shiro.loginUrl with same results.
>
> Im wanting to try to see some of this logic in the debugger, but not sure if
> it is Tomcat or Shiro code that decides what to return to the browser once
> the Login form is submitted.
>
> This is making JAAS seem like a piece of cake :-) I really want to use
> Shiro Authorization scheme though.
>
> Is there any samples out there using html to login vs JSP? I haven't found
> anything that I can just download and try. Maybe its something else in my
> system, totally unrelated, that is causing this effect...
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581148.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
Ive tried it both ways: authc.loginUrl & shiro.loginUrl with same results.
Im wanting to try to see some of this logic in the debugger, but not sure if
it is Tomcat or Shiro code that decides what to return to the browser once
the Login form is submitted.
This is making JAAS seem like a piece of cake :-) I really want to use
Shiro Authorization scheme though.
Is there any samples out there using html to login vs JSP? I haven't found
anything that I can just download and try. Maybe its something else in my
system, totally unrelated, that is causing this effect...
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581148.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by Brian Demers <br...@gmail.com>.
Try changing `shiro.loginUrl` to `authc.loginUrl` in your shiro.ini file.
Also, basic auth works a little different, and your browser handles it
for you, so it is much easier to deal with.
On Tue, Jul 19, 2016 at 2:23 PM, Lenny Primak <lp...@hope.nyc.ny.us> wrote:
> try moving all your “authenticated” pages into a sub-folder and see if that takes any effect
>
>> On Jul 19, 2016, at 11:08 AM, jim.piersol@gmail.com wrote:
>>
>> I tried setting form action as suggested, and then also many other
>> variations, with no luck. Everything I can find about Shiro FORM based says
>> to leave action field as empty, i.e. "", but it was worth a try. I am
>> really amazed that I am struggling with this. It seems so simple on the
>> outside...maybe too simple :-)
>>
>>
>>
>> --
>> View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581140.html
>> Sent from the Shiro User mailing list archive at Nabble.com.
>>
>
Re: Shiro rediecting back to Login after successful Login
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
try moving all your “authenticated” pages into a sub-folder and see if that takes any effect
> On Jul 19, 2016, at 11:08 AM, jim.piersol@gmail.com wrote:
>
> I tried setting form action as suggested, and then also many other
> variations, with no luck. Everything I can find about Shiro FORM based says
> to leave action field as empty, i.e. "", but it was worth a try. I am
> really amazed that I am struggling with this. It seems so simple on the
> outside...maybe too simple :-)
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581140.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
RE: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
I tried setting form action as suggested, and then also many other
variations, with no luck. Everything I can find about Shiro FORM based says
to leave action field as empty, i.e. "", but it was worth a try. I am
really amazed that I am struggling with this. It seems so simple on the
outside...maybe too simple :-)
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581140.html
Sent from the Shiro User mailing list archive at Nabble.com.
RE: Shiro rediecting back to Login after successful Login
Posted by Richard Wheeldon <ri...@voxsmart.com>.
Try setting the form action to the same arg as the loginUrl parameter on your authcBasic config,
No promises but it looks wrong to me,
Richard
-----Original Message-----
From: jim.piersol@gmail.com [mailto:jim.piersol@gmail.com]
Sent: Tuesday, July 19, 2016 3:15 PM
To: user@shiro.apache.org
Subject: Re: Shiro rediecting back to Login after successful Login
This is very frustrating. With everything else exactly the same, I can change 1 line in my shiro.ini and it works vs not works.
If I switch to Basic AUTH it works. FORM based NOT.
[urls]
/login.html = anon
/** = authc <--------This doesn't work
[urls]
/login.html = anon
/** = authcBasic <---------This works.
Here is my Login.html page that FORM based uses:
-----------------------------------------------------------
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Login</title>
</head>
<body>
<form method=post action="" >
<p>
Username:
<br />
<input type="text" name= "username" >
</p>
<p>
Password:
<br />
<input type="password" name= "password" >
</p>
<p>
<input type="submit" value="Login">
</p>
<p>
<input type="checkbox" name="rememberMe" value="true"> Remember Me?<br>
</p>
</form>
</body>
-------------------------------------------------------------
Any ideas would be appreciated. I really want to use Shiro but can't get past this hiccup.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581138.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
This is very frustrating. With everything else exactly the same, I can
change 1 line in my shiro.ini and it works vs not works.
If I switch to Basic AUTH it works. FORM based NOT.
[urls]
/login.html = anon
/** = authc <--------This doesn't work
[urls]
/login.html = anon
/** = authcBasic <---------This works.
Here is my Login.html page that FORM based uses:
-----------------------------------------------------------
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Login</title>
</head>
<body>
<form method=post action="" >
<p>
Username:
<br />
<input type="text" name= "username" >
</p>
<p>
Password:
<br />
<input type="password" name= "password" >
</p>
<p>
<input type="submit" value="Login">
</p>
<p>
<input type="checkbox" name="rememberMe" value="true"> Remember
Me?<br>
</p>
</form>
</body>
-------------------------------------------------------------
Any ideas would be appreciated. I really want to use Shiro but can't get
past this hiccup.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581138.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
yes, I typically start with Chrome Incognito windows, and it fails 100% of
the time. As I revisit Firefox, it seems to be consistently failing now as
well. Maybe my earlier attempt to try a diff browser was just an odd case.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581136.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by Brian Demers <br...@gmail.com>.
You mentioned that Firefox will redirect correctly sometimes?
This has me more confused, can you reproduce this with a
incognito/private browsing mode in any of your browsers?
On Mon, Jul 18, 2016 at 3:13 PM, jim.piersol@gmail.com
<ji...@gmail.com> wrote:
> It is a bit tricky to see all the interaction, but I do beliece the
> JSESSIONID is being passed.
>
> When I hit the default URL for my App, at say http://localhost:8080/MyApp
>
> In the Dev Console, I see a GET request for that URL with a Return Status of
> 302 Found.
>
> Next I see a GET request to the Login.html page.
>
> Once I plug in my User & Password and hit Submit, I see a POST including the
> FORM data, username, password, and rememberMe. The response is the
> Login.html again...
>
> I can set a breakpoint and see that my realm is getting hit to Authenticate
> the User though.
>
> For what its worth, If I switch to Basic Auth and use the Browser to pop up
> the Auth Dialog, it works right.
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581134.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
It is a bit tricky to see all the interaction, but I do beliece the
JSESSIONID is being passed.
When I hit the default URL for my App, at say http://localhost:8080/MyApp
In the Dev Console, I see a GET request for that URL with a Return Status of
302 Found.
Next I see a GET request to the Login.html page.
Once I plug in my User & Password and hit Submit, I see a POST including the
FORM data, username, password, and rememberMe. The response is the
Login.html again...
I can set a breakpoint and see that my realm is getting hit to Authenticate
the User though.
For what its worth, If I switch to Basic Auth and use the Browser to pop up
the Auth Dialog, it works right.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581134.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by Lenny Primak <lp...@hope.nyc.ny.us>.
Try adding to [urls]
/login.html = anon
/** = authc
to disable authentication requirements to the login page.
That may help
> On Jul 18, 2016, at 11:44 AM, Brian Demers <br...@gmail.com> wrote:
>
> Are the session cookies being sent to/from your browser ?
>
> On Mon, Jul 18, 2016 at 11:50 AM, jim.piersol@gmail.com
> <ji...@gmail.com> wrote:
>> To add to above... I have tried using
>>
>> authc.loginUrl-/locgin.html
>> authc.successUrl=/index.html
>>
>> as well. I get same results everytime.
>>
>>
>>
>> --
>> View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581131.html
>> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: Shiro rediecting back to Login after successful Login
Posted by Brian Demers <br...@gmail.com>.
Are the session cookies being sent to/from your browser ?
On Mon, Jul 18, 2016 at 11:50 AM, jim.piersol@gmail.com
<ji...@gmail.com> wrote:
> To add to above... I have tried using
>
> authc.loginUrl-/locgin.html
> authc.successUrl=/index.html
>
> as well. I get same results everytime.
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581131.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: Shiro rediecting back to Login after successful Login
Posted by "jim.piersol@gmail.com" <ji...@gmail.com>.
To add to above... I have tried using
authc.loginUrl-/locgin.html
authc.successUrl=/index.html
as well. I get same results everytime.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-rediecting-back-to-Login-after-successful-Login-tp7581130p7581131.html
Sent from the Shiro User mailing list archive at Nabble.com.