I have not tried this but imagine it should work:
Assuming you use CDI or something similar you could add a session scoped
bean to your custom realm which holds the organization and / or role of the
user. When the user picks his organization you save his choice in the helper
bean for use in your cu
It happens on glassfish, too, not only on tomcat, and I would love to see a
fix or workaround myself.
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Removing-JSESSIONID-xxx-from-the-url-after-login-tp7579370p7579379.html
Sent from the Shiro User mailing list archive at
I wrote an application implementing exactly this requirement. A filter got
the "organization ID" from a cookie and put it into a thread local
variable. The doGetAuthorizationInfo method in my custom authorizing realm
got the organization ID from the thread local variable. I used the Shiro
Thread
I'm developing a web application where when a user logs with a username and
passsword, they may belong to more than one organization. If they do, they
must select which organization they're logging in to, and for the rest of
their session that will be the only organization they have access to. I'm
Albert,
I'm experiencing the exact same issue so I'm curious to know if you find a
resolution to this problem. I'm running the same version of Tomcat that you
are running and have tried the same things. I hope you can turn up a clue on
how to address the issue because I didn't.
Mike
From: A
Thank you for sharing your success story !
Sorry that i forgot to mention i already had what you suggested in the
web.xml :
COOKIE
I also made sure that the dtd is correctly pointing to 3.0 :
http://java.sun.com/xml/ns/javaee";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-inst
So just to confirm, this is not possible? That means if I have a non-web API
which uses Shiro, it needs a single entry point so that I can configure Shiro
before the user does anything.
Thanks,
Eric
-Original Message-
From: Eric Stein
Sent: Friday, November 08, 2013 11:40 AM
To: user@s
I had success with setting to COOKIE in my web.xml.
Otherwise, if you want to do this with a filter, you'll have to make sure
your filter is installed at the correct place in the filter chain so that
it sees this to remove it. If you can't make any headway on where to place
it, I can probably ta
Hello, i'm currently using the latest stable version of Apache Shiro.
Everything has been working fine, until i want to remove ;JSESSIONID=xxx
from the url after successful login.
I tried suggestion here, by creating a filter that is making use of a
wrappedResponse, and register it into my web.xm
