Which container? By the spec, sessions should be serializable. In Tomcat, saveOnRestart is true by default (e.g. http://tomcat.apache.org/tomcat-6.0-doc/config/manager.html).
Kalle On Fri, Oct 1, 2010 at 4:21 PM, Jrrobles79 <[email protected]> wrote: > > I have this issue, I was running some test on my application with shiro ( Its > on web configuration), and accidently restarted my server, so I reloaded the > webpage and it didnt send me back to the login.jsp page, Shiro said I was > actually logged, whats going on? Isnt suppoused that shiro and all session > and users should be detroyed when the server is shutdown or in this case > restarted? > > Somebody has an idea why this happen? > > > currentUser = SecurityUtils.getSubject(); > session = currentUser.getSession(); > System.out.println("User logged: " + currentUser.getPrincipal().toString() + > " is auth?:"+ currentUser.isAuthenticated()); > if ( currentUser.isAuthenticated() ) { > System.out.println("user is logged"); > setMainWindow(new FinancialLifeWebTop ()); > } > > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Session-still-valid-after-server-is-reset-tp5593247p5593247.html > Sent from the Shiro User mailing list archive at Nabble.com. >
