Each redeploy deletes RememberMe Cookies

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Each redeploy deletes RememberMe Cookies

Simeó Reig

How can we avoid to shiro removes all rememberMe cookies on each redeploy?

We have implemented a custom realm, we thougth it was because we haven't setted serialVersionUID in oir User pojo, but neither work with it

Thanks again

Simeo Reig


Shiro.ini

[main]
authc.loginUrl = /login
user.loginUrl = /login

adronicaRealm = com.mycompany.shirofaces.AdronicaRealm

authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
securityManager.rememberMeManager.cookie.name = shiroTest
securityManager.realms = $adronicaRealm

[roles]
admin = *
user = usuaris:* , ventes:edicio, ventes:delete
user_grant = ventes:canvi

[urls]
/      = anon
/welcome = anon
/login = user
/admin/** = user





Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Each redeploy deletes RememberMe Cookies

Rob Young
Hey, I can actually help with one of these q's!  :)

Look in the documentation for the cipherKey property, you need to set it or it gets regenerated each deploy.  I can't remember what format it needs, but it needs to be a fairly specific format.

securityManager.rememberMeManager.cipherKey = <your key here>

On Thu, Feb 23, 2017 at 12:43 PM, Simeó Reig <[hidden email]> wrote:

How can we avoid to shiro removes all rememberMe cookies on each redeploy?

We have implemented a custom realm, we thougth it was because we haven't setted serialVersionUID in oir User pojo, but neither work with it

Thanks again

Simeo Reig


Shiro.ini

[main]
authc.loginUrl = /login
user.loginUrl = /login

adronicaRealm = com.mycompany.shirofaces.AdronicaRealm

authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
securityManager.rememberMeManager.cookie.name = shiroTest
securityManager.realms = $adronicaRealm

[roles]
admin = *
user = usuaris:* , ventes:edicio, ventes:delete
user_grant = ventes:canvi

[urls]
/      = anon
/welcome = anon
/login = user
/admin/** = user






Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Each redeploy deletes RememberMe Cookies

Brian Demers
In reply to this post by Simeó Reig
Set `securityManager.rememberMeManager.cipherKey` to a unique (and private) value:
https://shiro.apache.org/configuration.html#byte-array-values

On Thu, Feb 23, 2017 at 12:43 PM, Simeó Reig <[hidden email]> wrote:

How can we avoid to shiro removes all rememberMe cookies on each redeploy?

We have implemented a custom realm, we thougth it was because we haven't setted serialVersionUID in oir User pojo, but neither work with it

Thanks again

Simeo Reig


Shiro.ini

[main]
authc.loginUrl = /login
user.loginUrl = /login

adronicaRealm = com.mycompany.shirofaces.AdronicaRealm

authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
securityManager.rememberMeManager.cookie.name = shiroTest
securityManager.realms = $adronicaRealm

[roles]
admin = *
user = usuaris:* , ventes:edicio, ventes:delete
user_grant = ventes:canvi

[urls]
/      = anon
/welcome = anon
/login = user
/admin/** = user






Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Each redeploy deletes RememberMe Cookies

Simeó Reig
In reply to this post by Rob Young

Many many Thanks Rob, what an amazing community

Thanks Again

Simeó Reig


Hey, I can actually help with one of these q's!  :)

Look in the documentation for the cipherKey property, you need to set it or it gets regenerated each deploy.  I can't remember what format it needs, but it needs to be a fairly specific format.

securityManager.rememberMeManager.cipherKey = <your key here>

On Thu, Feb 23, 2017 at 12:43 PM, Simeó Reig <[hidden email]> wrote:

How can we avoid to shiro removes all rememberMe cookies on each redeploy?

We have implemented a custom realm, we thougth it was because we haven't setted serialVersionUID in oir User pojo, but neither work with it

Thanks again

Simeo Reig


Shiro.ini

[main]
authc.loginUrl = /login
user.loginUrl = /login

adronicaRealm = com.mycompany.shirofaces.AdronicaRealm

authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
securityManager.rememberMeManager.cookie.name = shiroTest
securityManager.realms = $adronicaRealm

[roles]
admin = *
user = usuaris:* , ventes:edicio, ventes:delete
user_grant = ventes:canvi

[urls]
/      = anon
/welcome = anon
/login = user
/admin/** = user






Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Each redeploy deletes RememberMe Cookies

Simeó Reig
In reply to this post by Brian Demers

Many many Thanks Brian, really an amazing community

Thanks Again

Simeó Reig


A 23-02-2017 19:33, Brian Demers escrigué:

Set `securityManager.rememberMeManager.cipherKey` to a unique (and private) value:
https://shiro.apache.org/configuration.html#byte-array-values

On Thu, Feb 23, 2017 at 12:43 PM, Simeó Reig <[hidden email]> wrote:

How can we avoid to shiro removes all rememberMe cookies on each redeploy?

We have implemented a custom realm, we thougth it was because we haven't setted serialVersionUID in oir User pojo, but neither work with it

Thanks again

Simeo Reig


Shiro.ini

[main]
authc.loginUrl = /login
user.loginUrl = /login

adronicaRealm = com.mycompany.shirofaces.AdronicaRealm

authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
securityManager.rememberMeManager.cookie.name = shiroTest
securityManager.realms = $adronicaRealm

[roles]
admin = *
user = usuaris:* , ventes:edicio, ventes:delete
user_grant = ventes:canvi

[urls]
/      = anon
/welcome = anon
/login = user
/admin/** = user






Loading...