Hey Brian, I did try to add the session clustering using hazelcast, it still gave the same errors
To explain the scenario a bit further, there are vertx servers which are running shiro for auth, there are two apis one for authenticate to verify the credentials and return a custom generated token and a second api for authorisation to do a role and permission check in this api I have the following line which is giving the subject is anonymous error Subject currentUser = SecurityUtils.getSubject(); The get subject method performs a thread context bind, what I do not understand is how after configuring the session management on shiro will this change. I feel I am missing something here or I might have to get the subject in a different way. If there is some other way can you point me to some documentation for that. Thanks & Regards, Prem > On 22-Jan-2019, at 7:55 PM, Brian Demers <[email protected]> wrote: > > You can either configure your container for the clustering or have Shiro > manage it: > https://shiro.apache.org/session-management.html#SessionManagement-SessionClustering > > On Tue, Jan 22, 2019 at 6:41 AM Prem Prakash Sharma <[email protected]> wrote: > Hi all, > > I was trying to run shiro on multiple nodes with a load balancer for routing > the requests, I have written two wrapper APIs on top for authenticate and > role/permission check respectively. I was able to get it working on a single > node but in case of multiple nodes if subsequent apis hit different nodes I > get “ This subject is anonymous” error I figured that the subject is not > shared so I configured a session persistence with hazelcast and enterprise > cache session DAO but still got the error, I am pretty new to shiro so I feel > I am missing some configurations or have made some mistake in configs, PFA > the config file > > > > Regards, > Prem >
