thanks for your suggestions,
here i am using native session but not servlet session.
when shiro session was extended from servlet session it has got some more
extra activities.
i searched in google and tried with the following different options
1) in web.xml
-----------------
<session-config>
<tracking-mode>COOKIE</tracking-mode></session-config>
2) context.xml
<?xml version='1.0' encoding='utf-8'?><Context
docBase="PATH_TO_WEBAPP" path="/CONTEXT"
disableURLRewriting="true"></Context>
3) added on filter
*package net.enhancesys.auth.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
public class DisableUrlSessionFilter implements Filter {
/*
* private static Log logger =
* LogFactory.getLog(DisableUrlSessionFilter.class);
*/
/**
* Filters requests to disable URL-based session identifiers.
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
{
// skip non-http requests
if (!(request instanceof HttpServletRequest)) {
chain.doFilter(request, response);
return;
}
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse)
response;
// clear session if session id in URL
if (httpRequest.isRequestedSessionIdFromURL()) {
HttpSession session = httpRequest.getSession();
if (session != null) {
session.invalidate();
}
}
// wrap response to remove URL encoding
HttpServletResponseWrapper wrappedResponse = new
HttpServletResponseWrapper(
httpResponse) {
@Override
public String encodeRedirectUrl(String url) {
return url;
}
@Override
public String encodeRedirectURL(String url) {
return url;
}
@Override
public String encodeUrl(String url) {
return url;
}
@Override
public String encodeURL(String url) {
return url;
}
};
// process next request in chain
chain.doFilter(request, wrappedResponse);
}
/**
* Unused.
*/
public void init(FilterConfig config) throws ServletException {
}
/**
* Unused.
*/
public void destroy() {
}
}*
for the above filter in web.xml
* <filter-mapping> <filter-name>somename</filter-name>
<url-pattern>/*</url-pattern> </filter-mapping> <filter>
<filter-name>somename</filter-name>
<filter-class>AboveFilterName</filter-class> </filter>
*
*but no solution was helpled me...*
*
*
*thanking you*
>
> --
>
> Regards,****
>
> Nagaraju.
>
>
--
Regards,****
Nagaraju.
