You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by Steinar Bang <sb...@dod.no> on 2021/05/03 17:44:07 UTC
Can't get authorizedUrl to work
Platform: debian 10.9 "buster", openjdk-11 11.0.11+9-1~deb10u1, shiro 1.7.0
I would like shiro to redirect to a page of my own instead of the
default 401 page.
In the shiro.ini, I've tried
unauthorizedUrl = /unauthorized
and I've tried
authc.unauthorizedUrl = /unauthorized
and I've tried
shiro.unauthorizedUrl = /unauthorized
but so far without any success.
What should the setting be?
Thanks!
Note: I've haven't actually created the /unauthorized page yet. I was
trying to redirect to a non-existing page, get a 404 and then add the
/unauthorized page.
Here is my entire shiro.ini:
[main]
shiro.loginUrl = /login
authc.loginUrl = /login
user.loginUrl = /login
shiro.unauthorizedUrl = /unauthorized
[users]
[urls]
/ = authc
/api/login = anon
/api/** = authc
Re: Can't get authorizedUrl to work
Posted by Steinar Bang <sb...@dod.no>.
>>>>> Steinar Bang <sb...@public.gmane.org>:
> Platform: debian 10.9 "buster", openjdk-11 11.0.11+9-1~deb10u1, shiro 1.7.0
> I would like shiro to redirect to a page of my own instead of the
> default 401 page.
Er... my bad! I was editing the wrong shiro.ini file. I wondered why
there was no role in it and found the actual one when looking for the
role.
I will remove the unused shiro.ini file so I won't be bitten again.
Here is the working shiro.ini with shiro.unauthorizedUrl:
[main]
authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
shiro.loginUrl = /login
shiro.unauthorizedUrl = /unauthorized
[users]
[urls]
/ = authc
/api/login = anon
/api/** = authc
[users]
[urls]
/ = roles[handleregbruker]
/hurtigregistrering = roles[handleregbruker]
/statistikk/** = roles[handleregbruker]
/favoritter/** = roles[handleregbruker]
/nybutikk = roles[handleregbruker]
/endrebutikk = roles[handleregbruker]
/api/login = anon
/api/** = roles[handleregbruker]