No problem Kalle, make sure to give credit to Janne though, most of the
work is his.
I wouldn't make this the default Serializer just yet, because it will
invalidate existing cookies for clients that will upgrade to the new
version. I would offer it as an optional Serializer implementation
(possibl
Perhaps there's no reason to wait for a fix in Shiro. I could just
implement this as a new default CookieRememberMeManager in
tapestry-security. Dusko, you mind if I use your SimplePrincipalSerializer?
Kalle
On Thu, Mar 6, 2014 at 3:21 AM, Dusko Jovanovski wrote:
> Thanks for pointing that out
Cookie size is 2K. Works like a charm, thank you :).
Regards,
Lidija
On Thu, Mar 6, 2014 at 12:21 PM, Dusko Jovanovski wrote:
> Thanks for pointing that out, I wasn't finishing the GZIP stream properly,
> already fixed in the updated gist.
> https://gist.github.com/duskote/0f8cce8d1b0d1cc56844
Thanks for pointing that out, I wasn't finishing the GZIP stream properly,
already fixed in the updated gist.
https://gist.github.com/duskote/0f8cce8d1b0d1cc56844
You could give it another try and see if it works for you.
On Thu, Mar 6, 2014 at 11:36 AM, Lidija Dolinar wrote:
> Dusko, thank you
Dusko, thank you for your reply.
If I use your SimplePrincipalSerializer, the rememberMe cookie is indeed
created and is very small:
[11:31:39] DEBUG [org.apache.shiro.web.servlet.SimpleCookie]: Added
HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0;
Expires=Wed, 05-Mar-2014 10
Hello Lidija, could you try out this custom serializer and report back with
the results?
https://gist.github.com/duskote/0f8cce8d1b0d1cc56844
On Thu, Mar 6, 2014 at 10:48 AM, Lidija Dolinar wrote:
> Ah, I see, you ment SimplePrincipalSerializer from the patch.
>
> It doesn't effect cookie size
Ah, I see, you ment SimplePrincipalSerializer from the patch.
It doesn't effect cookie size much though - it is now 4.3K instead of 4.6K
so it doesn't resolve our problem, cookie is still to big.
Regards,
Lidija
On Thu, Mar 6, 2014 at 10:14 AM, Lidija Dolinar wrote:
> By SimplePrincipalSeriali
By SimplePrincipalSerializer - did you mean this one that uses Kryo?
http://grepcode.com/file/repo1.maven.org/maven2/org.jasig.cas/cas-server-integration-memcached/4.0.0-RC1/org/jasig/cas/ticket/registry/support/kryo/serial/SimplePrincipalSerializer.java
Regards,
Lidija
On Wed, Mar 5, 2014 at 5
Ah yes, the size of the default remember me cookie can grow outrageously
big because it uses Java serialization. That's long running issue against
Shiro web (https://issues.apache.org/jira/browse/SHIRO-226). It's simply to
override with your own implementation - you could use the one attached as a
Sorry for talking to myself :-).
We managed to resolve the issue - the cookie was bigger than 4K. I had to
debug shiro-web since there was no warning whatsoever and browser obviously
just ignored the cookie.
This issue is nicely explained here:
http://shiro-user.582556.n2.nabble.com/Remember-me-p
I pasted shiro's debug logs below.
As far as I can see two rememberMe cookies are created: one with value
"deleteMe" that gets deleted immediately since Max-Age=0 and another
rememberMe cookie that has expiration date 1 year from now. So why don't I
see this cookie in a browser?
There's a debug m
Lenny and Kalle, thank you for your responses.
On Tue, Feb 25, 2014 at 10:26 PM, Kalle Korhonen wrote:
>
>
> Shiro makes a strong separation between remembered and authenticated use
> cases. It depends on your security settings whether you want to allow
> remembered only users.
How should the
On Mon, Feb 24, 2014 at 11:44 PM, Lidija Dolinar wrote:
> I tried "Remember Me" functionality here:
> http://tynamo-federatedaccounts.tynamo.org/ (live demo webapp) but the
> user
> isn't remembered.
> When I check the "Remember Me" checkbox and login, the cookie "rememberMe"
> is created. After I
I believe that "remember me" works only in production mode by default.
On Feb 25, 2014, at 2:44 AM, Lidija Dolinar wrote:
> Hi,
>
> I tried "Remember Me" functionality here:
> http://tynamo-federatedaccounts.tynamo.org/ (live demo webapp) but the user
> isn't remembered.
>
> When I check the "R
Hi,
I tried "Remember Me" functionality here:
http://tynamo-federatedaccounts.tynamo.org/ (live demo webapp) but the user
isn't remembered.
When I check the "Remember Me" checkbox and login, the cookie "rememberMe"
is created. After I close the browser and reopen it again I'm not logged
in. Am I
15 matches
Mail list logo
