shiro 配置都正确，不能进入自定义realm

解决办法： 表单应该为post 方式， 而且访问路径后缀也必须一样。

分析原因：

org.apache.shiro.web.filter.authc.FormAuthenticationFilter protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {        if (isLoginRequest(request, response)) {            if (isLoginSubmission(request, response)) {                if (log.isTraceEnabled()) {                    log.trace("Login submission detected.  Attempting to execute login.");                }                return executeLogin(request, response);            } else {                if (log.isTraceEnabled()) {                    log.trace("Login page view.");                }                //allow them to see the login page ;)                return true;            }        } else {            if (log.isTraceEnabled()) {                log.trace("Attempting to access a path which requires authentication.  Forwarding to the " +                        "Authentication url [" + getLoginUrl() + "]");            }            saveRequestAndRedirectToLogin(request, response);            return false;        }    }

isLoginRequest 判断是否为 loginUrl 值
isLoginSubmission 源码： protected boolean isLoginSubmission(ServletRequest request, ServletResponse response) {        return (request instanceof HttpServletRequest) && WebUtils.toHttp(request).getMethod().equalsIgnoreCase(POST_METHOD);    }判断是否为post方式的表单提交。 所以非post 方式一直是登录页面死循环。