Hi all,
We are using Shiro to manage security in our application server. The
application server also has a web server.
The way we had implemented in the previous version was using native
sessions in order to share all the sessions being from a web application or
not.
(this is our shiro.ini)
[main]
securityManager = org.apache.shiro.web.mgt.DefaultWebSecurityManager
# Cache for single sign on
ssoCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
ssoCacheManager.cacheManagerConfigFile = conf/engine/shiro/ehcache.xml
securityManager.cacheManager = $ssoCacheManager
# native for single sign on
securityManager.sessionMode = native
# DAO for single sign on
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
securityManager.sessionManager.sessionDAO = $sessionDAO
# cookie for single sign on
cookie = org.apache.shiro.web.servlet.SimpleCookie
cookie.name = SSOcookie
cookie.path = /
securityManager.sessionManager.sessionIdCookie = $cookie
Since shiro 1.2.0 we have being notified with the following message:
! 12-Jun 23:39:26 DefaultWebSecurityManager.setSessionMode:114
The 'sessionMode' property has been deprecated. Please configure an
appropriate WebSessionManager instance instead of using
this property. This property/method will be removed in a later version.
I've been looking in the documentation but I'm not certain of how to
achieve this...
Any help?
--Diogo
