f a v's approach is a good one. Shiro's Security
On Thu, Sep 23, 2010 at 7:44 AM, f a v <[email protected]> wrote: > If it helps as an example, I've used ehcache and this configuration. > > shiro.ini: > > # Cache for single sign on > ssoCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager > ssoCacheManager.cacheManagerConfigFile = classpath:ehcache.xml > securityManager.cacheManager = $ssoCacheManager > > # native for single sign on > securityManager.sessionMode = native > > # DAO for single sign on > sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO > securityManager.sessionManager.sessionDAO = $sessionDAO > > # cookie for single sign on > cookie = org.apache.shiro.web.servlet.SimpleCookie > cookie.name = SSOcookie > cookie.path = / > securityManager.sessionManager.sessionIdCookie = $cookie > > # etc... > > ehcache.xml: > > <ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:noNamespaceSchemaLocation="ehcache.xsd" updateCheck="true" > monitoring="autodetect" dynamicConfig="true"> > > <diskStore path="java.io.tmpdir" /> > > <cacheManagerPeerProviderFactory > > class="net.sf.ehcache.distribution.RMICacheManagerPeerProviderFactory" > properties="peerDiscovery=automatic, > multicastGroupAddress=230.0.0.1, > multicastGroupPort=4446, timeToLive=1" > propertySeparator="," /> > > <cacheManagerPeerListenerFactory > > class="net.sf.ehcache.distribution.RMICacheManagerPeerListenerFactory" /> > > <cache name="shiro-activeSessionCache" maxElementsInMemory="600" > eternal="true" overflowToDisk="true" > memoryStoreEvictionPolicy="LFU"> > <cacheEventListenerFactory > > class="net.sf.ehcache.distribution.RMICacheReplicatorFactory" /> > </cache> > > <defaultCache maxElementsInMemory="100" eternal="true" > overflowToDisk="true" memoryStoreEvictionPolicy="LFU"> > </defaultCache> > </ehcache> > On Thu, Sep 23, 2010 at 11:09 AM, slott > <[email protected]> wrote: >> >> I guess you are asking this to achieve SSO between your webapps running on >> the same Tomcat (Jetty etc). >> >> I have been wondering about the same thing, and find the suggestions on this >> forum about using Terracotta or similar enterprise distributed caches to be >> quite an overkill for this situation. >> >> After my 5 min research into the issue, there does not immediately seem like >> you can share the shiro native session between apps on a single web >> container out of the box. >> >> But perhaps it is possible (and easier) to share such resources using Redis >> or Memcached,... etc? >
