In your current config, there is no need to set the session mode or the ServletContainerSessionManager - those two are already Shiro's default settings.
In the securityManager() method, after you've set the realm, then call sm.setCacheManager(shiroCacheManager()) and that should work fine. If you connect a debugger, can you see that the CacheManager has been propagated to the realm? Cheers, Les P.S. Authorization Caching is available in 1.1. Authentication Caching is available in trunk now and will be generally available in Shiro 1.2
