shiro icon indicating copy to clipboard operation
shiro copied to clipboard

Published 20 hours ago verified publisher icon apache

FormAuthenticationFilter capacity limit in same production environments

Open sysuzhang opened this issue 8 years ago • 2 comments

when our application was runing behind a nginx proxy. The request context was different with tomcat's context, for example my nginx proxy configuare is something like: location ^~ / { proxy_pass http://MyTomcatServer/tomcatContext/; } the session will lost because of cookie path change. though I know I can use proxy_cookie_path to change the cookie' path, I found it's still very useful when my class extend the FormAuthenticationFilter class. so I think it's betther to provide two functions that are very useful when your application running behind a proxy server which has different context, also very useful for subclasses pass parameters to the login page. How do you think?

sysuzhang avatar Jul 14 '17 13:07 sysuzhang

Cool, we will take a closer look!

bdemers avatar Jul 18 '17 18:07 bdemers

We lost track of this one, sorry about that.

I'm not sure if you are still watching this issue or not, but it looks like you could just cal

WebUtils.issueRedirect(request, response, loginUrl, queryParams, contextRelative);

from your custom filter? As the overloaded methods in this PR don't actually change the functionality. Were you just trying to expose this to make it easier to call?

bdemers avatar Oct 17 '20 15:10 bdemers