On Mon, Aug 8, 2011 at 6:47 AM, Chris <[email protected]> wrote: > You're welcome. > > I got to the bottom of the Terracotta Clustering issues I was having. > > The solution required correct sessionMode and cookie configuration as well > as working around a problem with the favicon.ico request in some browsers > (Chrome and Safari in particular). > > The configuration provided by F A V > http://shiro-user.582556.n2.nabble.com/Shiro-and-multiple-wars-within-the-same-Servlet-Container-tp5560737p5563334.html > on another question supplied a working shiro.ini main config: > > > >> [main] >> # Cache for single sign on >> ssoCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager >> ssoCacheManager.cacheManagerConfigFile = classpath:ehcache.xml >> securityManager.cacheManager = $ssoCacheManager >> >> # Native mode for single sign on >> securityManager.sessionMode = native >> >> # DAO for single sign on >> sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO >> securityManager.sessionManager.sessionDAO = $sessionDAO >> >> # Cookie for single sign on >> cookie = org.apache.shiro.web.servlet.SimpleCookie >> cookie.name = SSOcookie >> cookie.path = / >> securityManager.sessionManager.sessionIdCookie = $cookie >> >> [urls] >> # Some browsers experience 404 errors when requesting the favicon.ico >> /favicon.ico = anon >> > > Note the favicon.ico pattern match.
Yep, this is good to point out - I myself have that same rule in the Shiro configurations I use for the same reason. > The ehcache.xml file also needed to be tweaked from the default > configuration file following the > http://ehcache.org/documentation/distributed_caching_with_terracotta.html > Ehcache documentation : > > > >> <ehcache> >> <terracottaConfig url="localhost:9510"/> >> <diskStore path="java.io.tmpdir/shiro-ehcache"/> >> <defaultCache >> maxElementsInMemory="10000" >> eternal="false" >> timeToIdleSeconds="120" >> timeToLiveSeconds="120" >> overflowToDisk="false" >> diskPersistent="false" >> diskExpiryThreadIntervalSeconds="120"> >> <terracotta/> >> </defaultCache> >> <cache name="shiro-activeSessionCache" >> maxElementsInMemory="10000" >> eternal="true" >> timeToLiveSeconds="0" >> timeToIdleSeconds="0" >> diskPersistent="false" >> overflowToDisk="false" >> diskExpiryThreadIntervalSeconds="600"> >> <terracotta/> >> </cache> >> <cache name="org.apache.shiro.realm.text.PropertiesRealm-0-accounts" >> maxElementsInMemory="1000" >> eternal="true" >> overflowToDisk="false"> >> <terracotta/> >> </cache> >> </ehcache> >> > > Also note the addition of the Terracotta elements in the ehcache and cache > blocks. The cache disk options have been toggled to false as well, as these > operations aren't supported in a cluster in this form. This is great - thanks for sharing Chris. I'll add this to the documentation as well. > I hope I haven't missed anything obvious with this configuration. Together > with an Active/Passive Terracotta array I've successfully configured two > webapps served on each of three Tomcat servers to use a single sign on in a > proof of concept system. > > I'm very impressed with Shiro. We're glad you enjoy it! Any time you have feedback like what you've shared already, please keep it coming - it is what helps Shiro become better. Best, -- Les Hazlewood CTO, Katasoft | http://www.katasoft.com | 888.391.5282 twitter: @lhazlewood | http://twitter.com/lhazlewood katasoft blog: http://www.katasoft.com/blogs/lhazlewood personal blog: http://leshazlewood.com
