>>>>> Steinar Bang <sb-1rlz5cwd...@public.gmane.org>: >>>>> Brian Demers >>>>> <brian.demers-re5jqeeqqe8avxtiumwx3w-xmd5yjdbdmrexy1tmh2...@public.gmane.org>:
>> Take a look at `ServletContainerSessionManager` if you just want to >> use the containers session management > Thanks for the tip! > However, I wasn't able to figure out how to use this to adjust the > storage path for the jsessionid (and the rememberme) cookie? > I'm perfectly fine with having shiro store the cookies in the response, > but I wish to change the cookie path. Hm... I guess I could use this to replace the WebSessionContext[1] which is where shiro retrieves the HttpServletRequest[2] it uses to get the context path[3] that it uses to set the cookie path...? Looks like the HttpServletRequesteWrapper[4] can be used to manipulate the context path and for all other things let the regular request through...? References: [1] <https://shiro.apache.org/static/1.3.0/apidocs/org/apache/shiro/web/session/mgt/WebSessionContext.html> [2] <https://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletRequest.html> [3] <https://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletRequest.html#getContextPath()> [4] <https://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletRequestWrapper.html>