1. The user accesses the server
2. filters all resources accessed to determine whether the user authentication destination here login authentication controller
No user login authentication will jump to this method, this method only judgment error, if error, mv will fight back to the login page and message; if the information is correct, the default filter will call back on a request the page, which is the access to the site index page.
3. The first time you log no session, no authentication, login page jump to
the front
Background login.jsp must write:
The reason: Before you configure a filter, Form Filler default parameter name and can not be altered, including the name of the above exception information shiroLoginFailure
4. User information fill out the form, click Submit, the background data authentication
4.1 calls the abstract class AuthorizingRealm shrio provided by inheritance, writing our own authentication method, which provides two override methods doGetAuthenticationInfo doGetAuthorizationInfo user authentication and user authorization, for now understand user authentication.
After successful authentication