shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amir Mohammad Vosough <>
Subject Problem with authentication
Date Wed, 26 Oct 2011 13:18:24 GMT
Hi there, tnx for great work on shiro!
I have configured shiro for SSO using ehcache to support different 
applications on same container. but i am facing a strange problem. the 
login page redirects user to page it was redirected from. but sometimes 
after the user is redirected, it is not yet authenticated! i debugged 
your filter and saw that actualy sometimes user is authenticated and 
sometimes not! so i used Thread.sleep(1000) before i redirect user to 
the page; well it works better now, but i wanna know where is the 
problem. i myself guess when user is redirected to the page, shiro has 
not flushed the authenticated status to the session, but how can i be 
sure? and what is the solution?
i use spring, and this is my application context:

    <bean id="myRealm"
    <property name="sessionFactory" ref="sessionFactory"></property>

    <bean id="securityManager"
    <!-- Single realm app. If you have multiple realms, use the 'realms'
                 instead. -->
    <property name="realm" ref="myRealm" />
    <property name="sessionMode" value="native"/>
    <property name="sessionManager" ref="shiroSessionManager"/>
    <property name="cacheManager" ref="shiroCacheManager"/>

    <bean id="shiroCacheManager"
    <property name="cacheManager" ref="ehCacheManager"/>

    <bean id="ehCacheManager"

    <bean id="shiroSessionManager"
    <property name="sessionDAO" ref="shiroSessionDAO"/>
    <property name="sessionIdCookie" ref="shiroIdCookie"></property>

    <bean id="shiroSessionDAO"

    <bean id="shiroIdCookie"
    <property name="name" value="SSOcookie"></property>
    <property name="path" value="/"></property>

    <bean id="shiroFilter"
    <property name="securityManager" ref="securityManager" />
    <property name="loginUrl" value="/../security/Login.jsp" />
    <property name="filterChainDefinitions">
                     # some example chain definitions:
                     #/*.html = authc
                     /**/*.rpc =    authc
                     # more URL-to-FilterChain definitions here

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message