Good day. I have a scenario where we have multiple web applications running on the same server and we would like one login to serve all applications. Currently, if you switch applications, you need to be re-authenticated. Try as I may, I can not get this resolved.
I went through the session management page to try and implement what they call Poor Man's SSO (https://shiro.apache.org/session-management.html) *Here is my shiro.ini:* [main] contextFactory = org.apache.shiro.realm.ldap.JndiLdapContextFactory contextFactory.url = ldap://1.2.3.4:389 contextFactory.systemUsername = [email protected] contextFactory.systemPassword = Password realm = com.me.shared.security.shiro.meADRealm realm.ldapContextFactory = $contextFactory realm.searchBase = OU=ME,DC=testdomain,DC=local securityManager.realms = $realm sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager sessionIdCookie=org.apache.shiro.web.servlet.SimpleCookie sessionIdCookie.name=sid sessionIdCookie.maxAge=1800 sessionIdCookie.httpOnly=true sessionManager.sessionIdCookie=$sessionIdCookie sessionManager.sessionIdCookieEnabled=true securityManager.sessionManager = $sessionManager sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO securityManager.sessionManager.sessionDAO = $sessionDAO sessionValidationScheduler = org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler sessionValidationScheduler.interval = 3600000 securityManager.sessionManager.sessionValidationScheduler = $sessionValidationScheduler cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager securityManager.cacheManager = $cacheManager *URL mapping is done in a custom java IniWebEnvironment and looks like this */faces/common/LWCLogin.xhtml = authc /faces/common/unauthorized.xhtml = anon /faces/secured/** = authc /faces/myAdmin/** = roles[administrator] /faces/myManagement/** = roles[administrator] /faces/people/** = roles[administrator] *I have a custom JSF bean where I perform login like this: *Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(getUserName(), getPassword()); subject.login(token); I am open to doing SSO in a different fashion, but this is an internal application and doesn't need much. Any ideas? -- Sent from: http://shiro-user.582556.n2.nabble.com/
