Even if you map /Admin to /admin, wouldn't you also need to map /aDmin, /adMin, /admIn, /admiN, /ADmin, /aDMin, etc. ?
Personally I just use the annotations, but I can see how that might be a bit difficult to retrofit into an application. Mark On Fri, Feb 4, 2011 at 6:32 AM, Barry Books <trs...@gmail.com> wrote: > First I'd like to say the Tynamo-Security/Shiro package is great, but > I've run into a simple problem I'm not sure how to solve. I don't > think it's really a Tynamo problem but an interaction between how > Shiro expects URLs to work and Tapestry case insensitive URLs. I was > working on a simple site with an admin account and an admin directory > so I added the following to the shiro.ini file: > > [urls] > /admin/** = authc, roles[administrator] > > The problem is if you go to /Admin the authentication is bypassed > because /admin != /Admin. I realize this is a feature but it does not > seem very desirable. I also realize I could annotate all my admin > pages and fix this but that's some amount of work and error prone. I > looked thru the Shiro docs and I don't see anyway to do a case > insensitive match. I thought I might be able to fix this with a > URLRewriter and map /Admin to /admin but that does not seem to work > either. > > Am I missing something? Is there any simple way to resolve this? > > Thanks > Barry > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
