I am looking to, yes, but didn't realize that it does in fact do it itself, but now I see it with "setHashService" in the docs.
Thanks for the info, it does make soem sense, I also found out a lot of info here. https://crackstation.net/hashing-security.htm So to ask my question again, do I need to use the same ini file or no? I'm not sure if I need the same information for both. here is my ini file. [main] authc.loginUrl = /login.jsp authc.successUrl = /viewer.jsp # password matcher #passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher #passwordService = org.apache.shiro.authc.credential.DefaultPasswordService #passwordMatcher.passwordService = $passwordService #ds = com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource #ds.serverName = ******** #ds.port = 3306 #ds.databaseName = ******** #ds.user = ******* #ds.password = ***** #jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm #jdbcRealm.permissionsLookupEnabled = true #jdbcRealm.authenticationQuery = SELECT password FROM **** WHERE username = ? #jdbcRealm.userRolesQuery = SELECT roles FROM ***** WHERE username = ? #jdbcRealm.permissionsQuery = SELECT ***** FROM Company WHERE role_name = ? #jdbcRealm.credentialsMatcher = $passwordMatcher #jdbcRealm.dataSource=$ds #securityManager.realms = $jdbcRealm cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager securityManager.cacheManager = $cacheManager sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO securityManager.sessionManager = $sessionManager securityManager.sessionManager.sessionDAO = $sessionDAO I am looking to switch over to the EHCache as I hear it's better for web as the regular breaks sessions apparentyly. I'm not too sure if I need all of this or what exactly I need, but I have been forming bits and pieces of stuff I have seen. I don't think I need all of this, and somethings will change. Thanks for the help. -- View this message in context: http://shiro-user.582556.n2.nabble.com/Do-multiple-clients-of-the-same-Shiro-Application-use-the-same-shiro-ini-file-tp7580208p7580210.html Sent from the Shiro User mailing list archive at Nabble.com.
