It took a lot longer then I hoped but I got it now... Turns out I needed to set up the UserFilter (so I had some content a known user could visit) and set the RememberMe cookie path to root.
I now have Single Sign On and RememberMe working with Tomcat 7, Shiro 1.2.3 and EHCache 2.6.8 Here' s my config in case it's helpful to someone else. [main] # Use the configured native session manager: sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager securityManager.sessionManager=$sessionManager # Cache for single sign on ehCacheManager = com.corix.mblink.shiro.EhCacheManagerFactory ehCacheManager.cacheManagerConfigFile = classpath:shiro_ehcache.xml cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager cacheManager.cacheManager = $ehCacheManager securityManager.cacheManager = $cacheManager # DAO for single sign on sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO securityManager.sessionManager.sessionDAO = $sessionDAO # cookie for single sign on cookie = org.apache.shiro.web.servlet.SimpleCookie cookie.name = ssoCookie cookie.path = / securityManager.sessionManager.sessionIdCookie = $cookie # set remember me path so all wars in container can see it securityManager.rememberMeManager.cookie.path = / #Configure filter chains and filter parameters # /login points to a servlet so all wars can show same login page logout.redirectUrl = /login user.loginUrl = /login authc.loginUrl = /login authc.successUrl = /index.jsp [users] admin = 123, ADMIN [roles] # 'ADMIN' role has all permissions, indicated by the wildcard '*' ADMIN = * [urls] /login = authc /logout = logout /secure/** = authc /user/** = user /unsecure/** = anon /* = anon -- View this message in context: http://shiro-user.582556.n2.nabble.com/Trouble-getting-SSO-and-Remember-Me-to-work-together-tp7580041p7580063.html Sent from the Shiro User mailing list archive at Nabble.com.
