Hi, I'm not sure to fully understand you configuration: you have a web-based shiro-enabled application, several session beans used for authentication, and within the same thread/request, these beans are dealing with the same subject ; but they shouldn't !?
Anyway, if thread-bound subject does not fit your needs, simply don't use SecurityUtils to acquire "current" subject, build your own contextual subject provider utility which will acquire/build current subject from whatever you want. -- View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-authentication-problems-when-same-thread-is-used-J2EE-tp7578810p7578812.html Sent from the Shiro User mailing list archive at Nabble.com.
