"Users are frequently logged out when trying to navigate to restricted resources"
There is nothing in Shiro that will do this automatically aside from session expiration. If a session expires however, the Subject is no longer considered authenticated, so if they try to access a restricted resource they will typically be redirected to a login page (usually done by the 'authc' filter or similar). Whether a session is sticky or not wouldn't have an impact. Also, I don't know what the 'forceEagerSessionCreation' mechanism does or why it would be used. Regards, -- Les Hazlewood CTO, Katasoft | http://www.katasoft.com | 888.391.5282 twitter: http://twitter.com/lhazlewood katasoft blog: http://www.katasoft.com/blogs/lhazlewood personal blog: http://leshazlewood.com
