That seems convoluted.
Create a controller that had a GET and POST endpoint mapped to /login
GET returns the view for the login page.
POST handles the call to shiro login.
Authc filter
<bean id="authc" class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter">
<property name="loginUrl" value="/login"/>
</bean>
Filter chain def
<property name="filterChainDefinitions">
<value>
/login = authc
/logout = logout
/secure/** = authc
</value>
</property>
Controller
@RequestMapping(method = RequestMethod.GET)
public ModelAndView view() {
return new ModelAndView(view);
}
@RequestMapping(method = RequestMethod.POST)
public ModelAndView login(HttpServletRequest req, HttpServletResponse res, LoginForm loginForm) {
try {
Subject currentUser = SecurityUtils.getSubject();
currentUser.login(new UsernamePasswordToken(loginForm.getUsername(), loginForm.getPassword());
WebUtils.redirectToSavedRequest(req, res, fallBackUlr);
return null; //redirect
} catch(AuthenticationException e) {
ModelAndView mav = new ModelAndView(view)
mav.addObject("errorMessage", "error");
return mav;
}
}