Please ignore the last post. I was able to resolve it by adding
securityManager.sessionMode = native
to my shiro.ini file. Woops!!
Anyway, now I can see quite an improvement. But my app still makes a call
to getSession() outside of shiro. Here's the debug stack:
http://shiro-user.582556.n2.nabble.com/file/n6821244/stackJspPage.png
It looks like JSP pages are bypassing the filter. Does this sound right?
Thanks a lot for all your patience!
Dan
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Using-native-web-sessions-tp6799265p6821244.html
Sent from the Shiro User mailing list archive at Nabble.com.
