>>>>> [email protected]:
>> On Apr 6, 2025, at 2:19 PM, Steinar Bang <[email protected]>
>> wrote:
>> Thanks, this means setting cipherkey to a constant is still the fix in 2.0.2?
> Yes, nothing changed there.
So far I've been unable to make it work.
I have multiple web application that share the same Realm and Session
and as I read your advice it struck me that this may be the reason I'm
getting the error, and having the same cipherKey in all applications
might fix the issue...?
But so far I have been unsuccessful in making the rememberMe errors go
away from the log.
Here is what I've done:
1. I have added the following to shiro.ini of all applications
securityManager.rememberMeManager.cipherKey =
0x15FC281159A0AB85212D0EFF32D5219F
2. I have rebuilt all applications with "mvn clean install" (to get
fresh local snapshots)
3. I have cleared all application data for all applications (cleared
existing JSESSIONID and rememberme cookies)
4. I have reloaded all applications from their most recent snapshots by
loading the apache karaf myapps feature
https://github.com/steinarb/myapps
5. I have logged into all web applications to create fresh rememberme
cookies
6. I have stopped karaf, deleted the data directory (basically cleared
the karaf instance) and reinstalled the myapps karaf feature
7. I have then reloaded the applications with rememberme cookies and
the error message reappear i the karaf.log once for each reloaded
application with rememberme cookies
I have gone through rebuilding all applications one extra time to be
sure I have the shiro.ini chages in the newest SNAPSHOT, and cleared all
cookies, logged in, and cleared karaf and reloaded the applications in
karaf.
But the problem persists.
