Hi, I've been using Shiro + Tomcat parallel deployment without issues for some years. Currently I'm using Tomcat 8.5.20 and Shiro 1.4.0.
Here is my shiro.ini file: [main] shiro.loginUrl = /login.jsf authc.loginUrl = /login.jsf user = br.com.tecnico.login.UserFilter user.loginUrl = /login.jsf logout = br.com.tecnico.login.LogoutFilter logout.redirectUrl = http://www.company-name.com.br roles = br.com.tecnico.login.RolesAuthorizationFilter roles.loginUrl = /login.jsf roles.unauthorizedUrl = /authorizationError.jsf # DataSource config ds = org.apache.shiro.jndi.JndiObjectFactory ds.requiredType = javax.sql.DataSource ds.resourceName = openejb:Resource/MySql # JDBC realm config jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm jdbcRealm.authorizationCachingEnabled = true jdbcRealm.permissionsLookupEnabled = false jdbcRealm.authenticationQuery = SELECT senha FROM TBTecnico WHERE usuario = ? jdbcRealm.userRolesQuery = SELECT role FROM RoleUsuario WHERE usuario = ? jdbcRealm.dataSource = $ds securityManager.realms = $jdbcRealm # Cache cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager securityManager.cacheManager = $cacheManager [urls] /logout = logout # Chat interno /page/chatInterno/mensagens.jsf = user # Capacitação /page/capacitacao/inscricao.jsf = user /page/capacitacao/certificado.jsf = user /page/capacitacao/participacao.jsf = user /page/capacitacao/prova.jsf = user /page/capacitacao/video/visualizarVideos.jsf = user /page/capacitacao/consultaInscricao.jsf = roles[gerente, consulta_inscricao_capacitacao] /page/capacitacao/etiquetas.jsf = user /page/capacitacao/** = roles[admin_capacitacao, coordenador_projeto] # Comercial /page/comercial/bonificacaoImplantacao.jsf = roles[admin_comercial] /page/comercial/tipoContato.jsf = roles[admin_comercial, gerente, contato_cliente] /page/comercial/contatos.jsf = roles[admin_comercial, gerente, contato_cliente] /page/comercial/gestaoClientes.jsf = roles[gerente, admin_comercial, comercial] /page/comercial/gerarProposta.jsf = roles[admin_comercial, comercial, comercial_proposta] /page/comercial/gestaoProposta.jsf = roles[admin_comercial, comercial, comercial_proposta] /page/comercial/captacaoClientes.jsf = roles[admin_comercial, comercial] /page/comercial/licenca.jsf = roles[admin] /page/comercial/assinaturaHmac.jsf = roles[assinatura_hmac] /page/comercial/tabelaReajusteSolucao.jsf = roles[admin_comercial] # Colaboradores /page/colaboradores/portal.jsf = user /page/agenda/calendario.jsf = roles[admin_agenda, agenda, tecnico, comercial, coordenador_projeto] /page/rdv/protocoloRecebimento.jsf = roles[admin_rdv] /page/rdv/valorKm.jsf = roles[admin_rdv] /page/rdv/** = roles[admin_rdv, tecnico, comercial, coordenador_projeto, viajante, rdv] /page/agenda/evento/agenda.jsf = roles[evento] /page/colaboradores/gestaoComunicacao.jsf = user /page/colaboradores/habilidades.jsf = roles[admin_escritorioProjeto] /page/colaboradores/nivelConhecimento.jsf = roles[admin_escritorioProjeto] /page/colaboradores/assinaturaEmail.jsf = user # Gerencia /page/agenda/painelGestao/painelGestao.jsf = roles[admin_agenda, gerente] /page/agenda/gestaoAutorizacao/autorizacaoVisita.jsf = roles[admin_agenda, gerente] /page/agenda/rat/atendimentoEmAdamento.jsf = roles[admin_agenda, gerente] /page/gerencia/atores.jsf = roles[admin_projeto] /page/gerencia/controlePassagemAerea/** = roles[gerente] /page/gerencia/pesquisa/acompanhamento.jsf = roles[gerente] /page/gerencia/pesquisa/pesquisasRecusadas.jsf = roles[gerente] /page/gerencia/pesquisa/** = roles[admin_pesquisa] /page/gerencia/atendimentoTecnicoDialog.jsf = roles[gerente] /page/gerencia/painel/painelGerencia.jsf = roles[gerente] /page/gerencia/gestaoProjeto.jsf = roles[gerente, admin_projeto] /page/gerencia/projetos/timeLine.jsf = roles[gerente, admin_projeto] /page/gerencia/projetos/gestaoRecursos.jsf = roles[gerente, admin_projeto] /page/gerencia/apartamentos.jsf = roles[admin_agenda, gerente] /page/solicitacaoVisita/visitaDiagnostico.jsf = roles[gerente] /page/gerencia/rdv/consultaRdv.jsf = roles[admin_rdv, coordenador_projeto] /page/gerencia/elicitacao/** = roles[diagnostico_situacional, coordenador_projeto] /page/gerencia/relatorio/** = roles[gerente, diretor] /page/gerencia/escritorios.jsf = roles[gerente, diretor] /page/plano/kanban.jsf = roles[gerente, coordenador_projeto, kanban] /page/plano/acompanhamentoProjetosKanban.jsf = roles[gerente, coordenador_projeto, kanban] /page/gerencia/monitorProjeto/monitorProjeto.jsf = roles[gerente, coordenador_projeto, monitor_projeto] /page/gerencia/hotel.jsf = roles[admin_agenda, gerente] /page/gerencia/reservaHotel.jsf = roles[admin_agenda, gerente] /page/rpc/relatorioRPC.jsf = roles[gerente] /page/agenda/rat/atendidosRat.jsf = roles[admin_agenda, gerente] # Financeiro /page/financeiro/** = roles[admin_financeiro] /page/mensagemBoleto.jsf = roles[mensagem_boleto] # RH /page/rh/** = roles[rh] # Serviços /page/comunicados.jsf = user /page/calendarioOficial.jsf = user /page/comprovanteRendimentos.jsf = user /page/consultaGastoUnimed.jsf = user /page/demonstrativoPagamento.jsf = user /page/sistema/leituraEmailBounce.jsf = roles[admin_sac] /page/recadastramentoSenha.jsf = user /page/envioEmail/envioEmail.jsf = roles[envio_email, admin_comercial, comercial] /page/rh/aniversariantesMes.jsf = user # Site /page/site/suporte.jsf = user /page/site/gestaoSuporte.jsf = roles[moderador_suporte] /page/permissao/permissaoUsuario.jsf = roles[admin_permissao] /page/site/emailPendente.jsf = roles[admin_agenda, admin_sac, admin_capacitacao, admin_comercial, admin_rdv] /page/site/dbs.jsf = roles[site] /page/site/imagemPopUp.jsf = roles[site] /page/site/cadastroComunicado.jsf = roles[site] /page/site/cadastroCliente.jsf = roles[cadastro_cliente] /page/site/cadastroColaborador.jsf = roles[cadastro_colaborador] /page/startTestServer.jsf = user /page/site/cadastroComunicadoSgh.jsf = roles[comunicado_sgh] ########### # Suporte # ########### #Consulta RAT /page/agenda/rat/consultaRat.jsf = roles[atendente, gerente, tecnico, coordenador_projeto] # Tele Suporte /page/servico/classificacaoAtendimento.jsf = roles[admin_sac] /page/servico/produto.jsf = roles[admin_produto, admin_comercial, comercial] /page/teleSuporte/bancoInformacoes/** = roles[supervisor] /page/teleSuporte/informacaoProvisoriaCliente/informacaoProvisoriaCliente.jsf = roles[supervisor, informacoes_provisorias_cliente] /page/teleSuporte/relatoriosSacweb.jsf = roles[supervisor] /page/teleSuporte/finalizarAtendimento.jsf = roles[supervisor] /page/teleSuporte/indicadores.jsf = roles[supervisor] /page/teleSuporte/historicoSacweb.jsf = user /page/teleSuporte/sacwebEmailGerente.jsf = roles[gerente] /page/teleSuporte/geracaoPacoteDialog.jsf = user /page/teleSuporte/** = user /page/sistema/** = roles[admin_sac] /page/upload/fileUploadDialogCliente.jsf = roles[atendente] /template/fileUploadDialog.jsf = user # Você on-line /page/atendimento/atendimento.jsf = user /page/atendimento/cadastroAtendente.jsf = roles[admin_sac] /page/atendimento/monitoria.jsf = roles[admin_sac] /page/atendimento/** = roles[atendente, admin_sac] # Home Office /page/teleTrabalho/cadastroImpressaoDigital.jsf = roles[admin_biometria] /page/teleTrabalho/marcacaoPonto.jsf = roles[biometria] /page/teleTrabalho/relatorioPonto.jsf = roles[admin_biometria] /page/solicitacaoVisita/solicitacaoVisita.jsf = user /page/solicitacaoVisita/acompanhamentoSolicitacaoVisita.jsf = roles[gerente] ############ # Técnicos # ############ # Agenda /page/agenda/atendimentoEscritorio.jsf = roles[atendimento_escritorio, gerente] /page/agenda/cadastroReservaVeiculo.jsf = roles[reserva_veiculo, gerente] /page/agenda/painelVeiculos/painelVeiculos.jsf = roles[reserva_veiculo, gerente] /page/agenda/pesquisa.jsf = roles[admin_agenda] /page/agenda/localizacao.jsf = roles[admin_agenda, agenda, tecnico] /page/agenda/** = roles[admin_agenda, tecnico, coordenador_projeto] ## Veículos ## /page/servico/modeloVeiculo.jsf = roles[admin_veiculo] /page/servico/veiculo.jsf = roles[admin_veiculo] # Atualizações /page/download/download.jsf = roles[atualizacoes, tecnico, coordenador_projeto] /page/atualizacaoSus/gerenciamento.jsf = roles[atualizacao_sus] /page/atualizacaoSus/gerenciamentoAtualizacaoSus.jsf = roles[atualizacao_sus] /page/atualizacaoSus/download.jsf = roles[atualizacoes, tecnico] /page/atualizacaoSus/downloadAtualizacaoSus.jsf = roles[atualizacoes, tecnico, coordenador_projeto] /page/senhaCliente.jsf = roles[atualizacoes, tecnico, coordenador_projeto] # Plano de Ação /page/plano/plano.jsf = roles[tecnico, admin_plano, gerente, coordenador_projeto] /page/plano/** = roles[admin_plano, gerente, coordenador_projeto] # Relatórios /page/perfilCliente.jsf = roles[tecnico, perfil_cliente] # Solicitações /page/solicitacaoServico/** = roles[tecnico, solicitacao_servico, coordenador_projeto] # Tarefa Interna /page/tarefaInterna/visualizacaoTarefaInterna.jsf = user # Gerador de Relatórios /page/cadastroRelatorio.jsf = roles[tecnico, gerente, gerador_relatorio] # Dialgos /dialogs/** = user ############################################################################### # Previne que páginas sem mapeamento sejam acessadas /page/** = roles[admin] 2017-11-02 8:16 GMT-02:00 malbinola <[email protected]>: > Hi all, > we are experiencing a strange behaviour using Shiro in conjunction with > Tomcat versioning/naming feature > (https://tomcat.apache.org/tomcat-8.0-doc/config/context.html#Naming). > Let's suppose that we have a deployed app named app##01.war on which we > have > several logged users. > If we realease a new version of our webapp (app##02.war), after the webapp > is started up by tomcat, users on the instance ##01 start receiving 401 > Unauthorized from the server and they are automatically redirected to login > page. > > It seems that sessions of both webapp instances are treated in the same > pool. > How can we separate the session handling in order to avoid any interference > between the instances? > > Any help would be appreciated. > Thanks. > > Matteo A. > > I leave here our shiro.ini configuration: > > [main] > cookie = org.apache.shiro.web.servlet.SimpleCookie > cookie.name = wtSessionId > cookie.path = / > sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager > sessionListener = com.sonicle.webtop.core.app.ShiroSessionListener > sessionManager.sessionIdCookie = $cookie > > securityManager.sessionManager = $sessionManager > securityManager.sessionManager.sessionIdCookieEnabled = true > securityManager.sessionManager.sessionIdUrlRewritingEnabled = false > securityManager.sessionManager.globalSessionTimeout = 900000 > securityManager.sessionManager.sessionListeners = $sessionListener > > cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager > securityManager.cacheManager = $cacheManager > > realm = com.sonicle.webtop.core.shiro.WTRealm > securityManager.realms = $realm > > authc = com.sonicle.webtop.core.shiro.WTFormAuthFilter > authc.loginUrl = /login > authc.successUrl = / > authc.usernameParam = wtusername > authc.passwordParam = wtpassword > authc.rememberMeParam = wtrememberme > authc.failureKeyAttribute = loginFailure > > > > -- > Sent from: http://shiro-user.582556.n2.nabble.com/ >
