Trouble implementing Single Sign On SSO Cookie with Remember Me

[tanvir <ta...@sportstats.ca>]

Hello Shiro,
I am trying to implement Single Sign On with remember me feature to two
webapplications. I am using shiro with stormpath. For some reason I have
been unable to get the remember me feature to work ever since I have
implemented the SSO feature. I am uploading my shiro.ini herewith this post. 

Please let me know what I am doing incorrectly here. 
Thanks for your time!

shiro.ini <http://shiro-user.582556.n2.nabble.com/file/n7580550/shiro.ini>  

Also note that my SportstatsSSOCookie implements SimpleCookie. During this
object's initialization I do the following-






--
View this message in context: http://shiro-user.582556.n2.nabble.com/Trouble-implementing-Single-Sign-On-SSO-Cookie-with-Remember-Me-tp7580550.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Trouble implementing Single Sign On SSO Cookie with Remember Me

[tanvir <ta...@sportstats.ca>]

Thank you for your help guys. This issue has been resolved. 



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Trouble-implementing-Single-Sign-On-SSO-Cookie-with-Remember-Me-tp7580550p7580555.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Trouble implementing Single Sign On SSO Cookie with Remember Me

[Lenny Primak <lp...@hope.nyc.ny.us>]

Yes, this is a Shiro conscious decision.

Basically, if the Subject is permitted or is in a role, Subject should have access to a resources.
authenticated vs. remembered shouldn't be a factor unless you are doing something
like changing a password, email address, personal information, etc. (security-critical interation)

On May 26, 2015, at 11:11 AM, tanvir wrote:

> Hi scSynergy,
> Thanks a bunch for your reply. I have got the SSO Login and Remember Me
> feature to work properly together. However I have noticed that after logging
> in using one application, when I browse to another application, it lets be
> browse its pages as a Rememebered User and not an Authenticated user. Is
> this a conscious decision from shiro?
> 
> How can I set the user's state as Authenticated when the SSO cookie's
> creation time is within the session MaxTime from current time? Or does Shiro
> prefer the user to log in again even if he just recently used the SSO login
> feature from another webapp.
> 
> Thanks again!
> 
> 
> 
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Trouble-implementing-Single-Sign-On-SSO-Cookie-with-Remember-Me-tp7580550p7580553.html
> Sent from the Shiro User mailing list archive at Nabble.com.
> 

Re: Trouble implementing Single Sign On SSO Cookie with Remember Me

[tanvir <ta...@sportstats.ca>]

Hi scSynergy,
Thanks a bunch for your reply. I have got the SSO Login and Remember Me
feature to work properly together. However I have noticed that after logging
in using one application, when I browse to another application, it lets be
browse its pages as a Rememebered User and not an Authenticated user. Is
this a conscious decision from shiro?

How can I set the user's state as Authenticated when the SSO cookie's
creation time is within the session MaxTime from current time? Or does Shiro
prefer the user to log in again even if he just recently used the SSO login
feature from another webapp.

Thanks again!



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Trouble-implementing-Single-Sign-On-SSO-Cookie-with-Remember-Me-tp7580550p7580553.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Trouble implementing Single Sign On SSO Cookie with Remember Me

[scSynergy <ro...@scsynergy.de>]

Maybe the following line helps to solve your problem
# set remember me path so all wars in container can see it
securityManager.rememberMeManager.cookie.path = /

Other than that you might want to check that your browser actually stores
the rememberMe cookie if you have not already done so.



--
View this message in context: http://shiro-user.582556.n2.nabble.com/Trouble-implementing-Single-Sign-On-SSO-Cookie-with-Remember-Me-tp7580550p7580552.html
Sent from the Shiro User mailing list archive at Nabble.com.