I am replacing Siteminder with Apache Shiro in my web application. I noticed that shiro logs me in successfully and takes me to the home page. When i click on any other link on the home page, I am taken back to the login page. I login again and i am forwarded to the page i was looking to goto. How can i fix this?
Here is my shiro.ini
[main]
authc.loginUrl = /login.jsp
ssl.enabled=false
[users]
user=admin
[urls]
/css/** = anon
/images/** = anon
/js/** = anon
/login.jsp = authc
/logout = logout
/** = authc
A section from my web.xml
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
Printing out currentUser.isAuthenticated() in my User Class displays 'true'.
Is there any other info i can provide?
I figured out what was going on. My application was deployed on Weblogic and i had the following section inside weblogic.xml which was causing the issue. Removing it, fixed it. Any idea why this caused it?
<session-param>
<param-name>CookieSecure</param-name>
<param-value>true</param-value>
</session-param>