You're welcome. I got to the bottom of the Terracotta Clustering issues I was having.
The solution required correct sessionMode and cookie configuration as well as working around a problem with the favicon.ico request in some browsers (Chrome and Safari in particular). The configuration provided by F A V http://shiro-user.582556.n2.nabble.com/Shiro-and-multiple-wars-within-the-same-Servlet-Container-tp5560737p5563334.html on another question supplied a working shiro.ini main config: > [main] > # Cache for single sign on > ssoCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager > ssoCacheManager.cacheManagerConfigFile = classpath:ehcache.xml > securityManager.cacheManager = $ssoCacheManager > > # Native mode for single sign on > securityManager.sessionMode = native > > # DAO for single sign on > sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO > securityManager.sessionManager.sessionDAO = $sessionDAO > > # Cookie for single sign on > cookie = org.apache.shiro.web.servlet.SimpleCookie > cookie.name = SSOcookie > cookie.path = / > securityManager.sessionManager.sessionIdCookie = $cookie > > [urls] > # Some browsers experience 404 errors when requesting the favicon.ico > /favicon.ico = anon > Note the favicon.ico pattern match. The ehcache.xml file also needed to be tweaked from the default configuration file following the http://ehcache.org/documentation/distributed_caching_with_terracotta.html Ehcache documentation : > <ehcache> > <terracottaConfig url="localhost:9510"/> > <diskStore path="java.io.tmpdir/shiro-ehcache"/> > <defaultCache > maxElementsInMemory="10000" > eternal="false" > timeToIdleSeconds="120" > timeToLiveSeconds="120" > overflowToDisk="false" > diskPersistent="false" > diskExpiryThreadIntervalSeconds="120"> > <terracotta/> > </defaultCache> > <cache name="shiro-activeSessionCache" > maxElementsInMemory="10000" > eternal="true" > timeToLiveSeconds="0" > timeToIdleSeconds="0" > diskPersistent="false" > overflowToDisk="false" > diskExpiryThreadIntervalSeconds="600"> > <terracotta/> > </cache> > <cache name="org.apache.shiro.realm.text.PropertiesRealm-0-accounts" > maxElementsInMemory="1000" > eternal="true" > overflowToDisk="false"> > <terracotta/> > </cache> > </ehcache> > Also note the addition of the Terracotta elements in the ehcache and cache blocks. The cache disk options have been toggled to false as well, as these operations aren't supported in a cluster in this form. I hope I haven't missed anything obvious with this configuration. Together with an Active/Passive Terracotta array I've successfully configured two webapps served on each of three Tomcat servers to use a single sign on in a proof of concept system. I'm very impressed with Shiro. -- View this message in context: http://shiro-user.582556.n2.nabble.com/Updated-Session-Management-documentation-tp6550877p6664346.html Sent from the Shiro User mailing list archive at Nabble.com.
