If you are using a shiro.ini the property would be: securityManager.sessionManager.sessionIdCookie.maxAge = <int>
Otherwise you can traverse your beans, something like: sessionManger.getSessionIdCookie().setMaxAge(<int>) On Mon, Mar 13, 2017 at 12:41 AM, Harshdeep S Jawanda <[email protected]> wrote: > Hi, > > I wondered if anybody could help me with setting the session cookie > lifetime for Shiro on GAE. > > I tried with DefaultWebSessionManager but I get an AccessControlException: > > java.security.AccessControlException: access denied > ("java.lang.RuntimePermission" "modifyThreadGroup") > > Tried org.apache.shiro.session.Session#setTimeout(432000 * 1000) but that > doesn't work either. The JSESSIONID cookie continues to show an Expires > value of "At end of session". > > Regards, > Harshdeep S Jawanda >
