Are your ajax requests including the session cookie? Is all your content being served from the same server ?
-Brian On Tue, May 31, 2016 at 1:23 AM, theStunnerz <[email protected]> wrote: > Googling further, I have come across the below web.xml settings. > <session-config> > <cookie-config> > <http-only>true</http-only> > <secure>true</secure> > </cookie-config> > </session-config> > > Even after this I am seeing the same issue. Should we do any client-side > programming to resolve this? I see few posts, that have commented that, the > browser does automatic stripping of cookies. I have no clue if that is > true, > and if so, what could be the possible solutions. > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Shiro-authentication-cache-does-not-work-when-security-is-enabled-tp7581053p7581057.html > Sent from the Shiro User mailing list archive at Nabble.com. >
