Platform: amd64, debian 11.2 "bullseye", openjdk 11.0.14, karaf 4.3.6, shiro 1.7.0
This a problem I have with shiro that appears and then disappears as mysteriously has it appears and "out of sight, out of mind". But today I have decided to dig a little bit deeper. Most of the time shiro works for me. But from time to time I run into a problem that requires me to do frequent logins. I.e. when shiro is the "gateway" to a SPA then entry works fine, but if I e.g. do a reload of the application I'm redirected to the login page and have to log in again. When this happens, I see a lot of the following in karaf.log: https://gist.github.com/steinarb/9d5240e78b0a177a115d3c10540fa1a4 Also, if I try a different browser, or if I try an incognito window of the same browser, authentication seems to work normally, and without the frequent login error. But when I try clearing the cookies of the browser with the problem (which should have the same effect...?) it doesn't help. I have googled for the error message without finding anything useful. I have also visited the suggested URL https://shiro.apache.org/web.html#remember_me_services without understanding much more. Is my problem that I am trying to remember a cookie without having set an encryption key? But if so: why does it sometimes seem to work. I have grepped my code for "rememberMe" and "RememberMe" and haven't found any matches, so that flag on the token I have not set.