I just got done working through an issue trying to get single sign-on working
with EhCacheManager, following some examples I found elsewhere on the
mailing list (except I was using Spring configuration). It wasn't working
for me at first with this:
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="factorlabRealm" />
<property name="subjectFactory" ref="factorlabSubjectFactory" />
<property name="cacheManager" ref="ssoCacheManager" />
<property name="sessionManager" ref="sessionManager" />
<property name="sessionMode" value="native" />
</bean>
After lots of debugging, I got it to work with this:
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="sessionMode" value="native" />
<property name="realm" ref="factorlabRealm" />
<property name="subjectFactory" ref="factorlabSubjectFactory" />
<property name="cacheManager" ref="ssoCacheManager" />
<property name="sessionManager" ref="sessionManager" />
</bean>
The difference is moving the sessionMode to earlier in the property list,
because the setter for sessionMode was replacing my configured
sessionManager with a new DefaultWebSessionManager.
This seems pretty fragile. Is it a bug? This was with version 1.0.0. Has
it been addressed in later versions?
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Order-of-setting-sessionMode-matters-tp6371025p6371025.html
Sent from the Shiro User mailing list archive at Nabble.com.
