this isn't a shiro issue per se, see. http://stackoverflow.com/questions/11327631/remove-jsessionid-from-url
On 17 September 2014 15:32, niels <[email protected]> wrote: > Hi , > > I'm trying shiro as an replacement of spring securiy. I configured it > with spring java-config for an web-app. > Most parts work fine, except the following: > > At login I get a sessionId as > paramter /login;JSESSIONID=b1cffc7e-8643-4692-96c7-33053f9e6acd. Any idea > how I could avoid it? It only happens for login. > > I'm using > final DefaultWebSessionManager sessionManager = > new DefaultWebSessionManager(); > sessionManager.setSessionIdCookieEnabled(true); > > > Best regards > Niels > > >
