You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by "alina.frey" <af...@goscis.com> on 2021/06/18 19:46:27 UTC

Re: Shiro - Session Loss

A little update with my discoveries so far.

The code breaks when upgrading from shiro 1.2.6 to shiro 1.3.0.

I was able to access the server side as soon as I modified the URLs in
Shiro.ini to reflect path without the slash "/" at the beginning of the
path:

[urls]

<web_app>/FileUploadServlet = authc
<web_app>/FileDownloadServlet = authc
<web_app>/UserUnloadServlet = authc
<web_app>/soa_service = authc
<web_app>/data_update = authc
<web_app>/data_view = authc
<web_app>/load_lists = authc
<web_app>/error_services = authc
<web_app>/query_db = authc
<web_app>.html = authc

Also, another discovery is that currentUser.isAuthenticated() returns TRUE
with Shiro 1.2.6 and FALSE with Shiro 1.3.0. That's why my application was
not loading. This is the code used for that:

Subject currentUser = SecurityUtils.getSubject();
if (currentUser.isAuthenticated()) { 
  return true;
} else {
  return false;
}

So, I have to figure out if I need to call the current user in a different
way, or is there something that I need to change in my shiro.ini.

ANY suggestion would be very much appreciated. 



--
Sent from: http://shiro-user.582556.n2.nabble.com/