Probably related to this: https://github.com/apache/shiro/issues/1449
> On Apr 12, 2025, at 2:22 PM, Steinar Bang <s...@dod.no> wrote: > >>>>>> Steinar Bang <sb-1rlz5cwd...@public.gmane.org>: >>>>>> lenny-5o6p1tln9c5dpfhejli6iq-xmd5yjdbdmrexy1tmh2...@public.gmane.org: >>> famous last words he he :) > >> I have a plan! :-) > > This is what I did: > 1. One new OSGi service to return a cipherKey > > https://github.com/steinarb/authservice/blob/fc6c29fb5cede9d9f3e8d4212124adc815ac6cf6/authservice/authservice.definitions/src/main/java/no/priv/bang/authservice/definitions/CipherKeyService.java#L18 > > 2. An SCR component that checks karaf config for an existing cipherKey > and creates and saves the new cipherKey in config if none can be > found and returns the cipherKey from the service definend in 1 > > https://github.com/steinarb/authservice/blob/fc6c29fb5cede9d9f3e8d4212124adc815ac6cf6/authservice/authservice.web.security.cipherkey/src/main/java/no/priv/bang/authservice/web/security/cipherkey/ChipherKeyServiceProvider.java#L32 > > 3. Set the cipherkey in the shiro setup > > https://github.com/steinarb/authservice/blob/fc6c29fb5cede9d9f3e8d4212124adc815ac6cf6/authservice/authservice.web.security/src/main/java/no/priv/bang/authservice/web/security/AuthserviceShiroFilter.java#L86 > > The old log error have gone away. > > But now I have a new one... > https://gist.github.com/steinarb/63621658a7c5a1529f9f56998fdf4a37 >
