Hello and thanks for an awesome project!
Here is my problem, I am attempting to do the poor mans SSO by using
domain level cookies (so multiple web apps/contexts can use the same
session) with terracotta. I think I have everything working with the
exception that when I add ShiroFilter to my web.xml:
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
I can no longer use sessionCookieDomain= and sessionCookiePath= in my
applications context.xml to allow the cookie to be set at the domain
level. It seems that the Shiro filter is setting the JSESSIONID cookie
and not obeying the settings in the context tag. Is this correct, can I
get the Shiro Filter not set the context path or the sub domain?
I am running:
Tomcat 7.0.27, shiro-core-1.2.0.jar, shiro-ehcache-1.2.0.jar and
shiro-web-1.2.0.jar with openjdk 1.7 on Ubuntu 12.04
Any help would be greatly appreciated!
Thanks,
Chuck
