If you encounter the following error:
Org.apache.shiro.session.ExpiredSessionException:Session with ID [5a8cb52b-e911-4ab7-91e1-11a11bb7c3a0] have expired . Last access time:16-12-14 am 11:21. Current time:16-12-14 am 11:24. Session timeout is set to seconds (1 minutes)
The cause of the bug: SessionManager Management to the Shiro
Specify the system SessionID, the default is: Jsessionid problem: conflict with the servlet container name, such as Jetty, TOMCAT and other default Jsessionid, when jumping out of Shiro A servlet when the Error-page container will reassign values for Jsessionid causes the logon session to be lost!
This bug can be fixed by adding the following configuration because of the Shiro itself:
<!--Session Manager--<bean id= "SessionManager" class= " Org.apache.shiro.web.session.mgt.DefaultWebSessionManager "> <property name=" globalsessiontimeout "value=" 60 "/> <property name=" deleteinvalidsessions "value=" true "/> <property name=" sessionvalidation Schedulerenabled "value=" true "/> <property name=" Sessionvalidationscheduler "ref=" Sessionvalidationscheduler "/> <property name=" Sessiondao "ref=" Sessiondao "/> <property name=" sessionidcookieenabled "va Lue= "true"/> <property name= "Sessionidcookie" ref= "Sessionidcookie"/> </bean> <!--session COO Kie template--<bean id= "Sessionidcookie" class= "Org.apache.shiro.web.servlet.SimpleCookie" > <construct Or-arg value= "Sid"/> <property name= "HttpOnly" value= "true"/> <property name= "MaxAge" value= "- 1 "/> </bean>