You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by domfarr <do...@gmail.com> on 2014/03/19 13:50:43 UTC

Re: Shiro filter append JSESSIONID when entring into ajax4jsf filter

the first time a session is created containers and/or shiro will set a cookie
with the jsessionid. 
as a back up it will also add this to the url just in case cookies are
disabled.

this can cause some containers to misread the resource.

there are several things you can do. 

moved to servlet 3.0+ and configure to only use cookies and not rewrite urls
in the web.xml or config.

add a redirect filter that checks for JSESSIONID=xxxx and perform a 301
without the JSESSIONID=xxxx 

use a web server like apache to front your app and add a rewrite rule
similar to the filter that performs a 301.





--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-filter-append-JSESSIONID-when-entring-into-ajax4jsf-filter-tp7579757p7579786.html
Sent from the Shiro User mailing list archive at Nabble.com.