Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-297

Setting sessionMode to native kills any SessionManager already configured

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Won't Fix
    • 1.0.0, 1.1.0
    • 1.2.0
    • None
    • None

    Description

      I just got done working through an issue trying to get single sign-on working with EhCacheManager, following some examples I found on the mailing list (except I was using Spring configuration). It wasn't working for me at first with this: 

      <bean id="securityManager" 
  class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> 
     <property name="realm" ref="factorlabRealm" /> 
     <property name="subjectFactory" ref="factorlabSubjectFactory" /> 
     <property name="cacheManager" ref="ssoCacheManager" /> 
     <property name="sessionManager" ref="sessionManager" /> 
     <property name="sessionMode" value="native" /> 
</bean>

      After lots of debugging, I got it to work with this:

      <bean id="securityManager"
      class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
      <property name="sessionMode" value="native" />
      <property name="realm" ref="factorlabRealm" />
      <property name="subjectFactory" ref="factorlabSubjectFactory" />
      <property name="cacheManager" ref="ssoCacheManager" />
      <property name="sessionManager" ref="sessionManager" />
      </bean>

      The difference is moving the sessionMode to earlier in the property list, because the setter for sessionMode was replacing my configured
      sessionManager with a new DefaultWebSessionManager.

      This seems pretty fragile.

      Attachments

        Activity

          People

            Unassigned Unassigned
            jhericks2 Jason Erickson
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: