commit | 5c3fea0c8b32179115ee84127e9894824cfb2602 | [log] [tgz] |
---|---|---|
author | Brian Demers <bdemers@apache.org> | Wed Jul 13 12:21:05 2016 -0400 |
committer | Brian Demers <bdemers@apache.org> | Tue Jul 19 15:07:39 2016 -0400 |
tree | 53a62b3a1045dfb03bd5ab043dd0958d213057e3 | |
parent | fcc6613c719f75e22c3332ec19e5bc8f38089b50 [diff] |
SHIRO-361 Added property to support disabling of JSESSIONID in URL This can be turned off by setting: `sessionManager.sessionIdUrlRewritingEnabled` to false (recommended) in the shiro.ini (or equivalent configuration) This is a stop gap on the way to SHIRO-360
Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.