My first thought is that this behavior of trying to read the POST content only makes sense if the request is form data. From that I am assuming that your request either comes in with a form data content type, or it comes in with no content-type header and tomcat is assuming form data. I'm mostly guessing the second. If that's the case, try posting with an appropriate content type.
If that solves the issue and you still want to support the no content type specified scenario, add a filter in front of shiro that sets a default content type. On Jul 30, 2013 12:03 PM, "Stephen McCants" <[email protected]> wrote: > I've looked at using the noSessionCreation filter, but that doesn't > prevent the code from consuming the POST content looking for a session that > might exist. Is there a filter that would prevent Shiro from not even > looking for a session id? > > Thanks! > > Sincerely, > > Stephen > > -- > Stephen McCants > Senior Software Engineer > Healthcare Control Systems > 1-877-877-8795 x116 > >
