我正在使用Apache Shiro开发用于用户访问管理的基于EJB的Web服务。我在我的Maven项目中添加了Apache Shiro的freshly released 1.5.0版,以利用新的sameSite cookie属性。然后,将sameSite属性的配置添加到我的shiro.ini文件中:
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
# configure properties (like session timeout) here if desired
sessionManager.sessionIdCookieEnabled = true
sessionManager.sessionIdCookie.path = /
sessionManager.sessionIdCookie.httpOnly = true
sessionManager.sessionIdCookie.secure = ${MY_WILDFLY_SHIRO_COOKIE_SECURE}
sessionManager.sessionIdCookie.name = mycookie
sessionManager.sessionIdCookie.domain = ${MY_WILDFLY_SHIRO_COOKIE_DOMAIN}
sessionManager.sessionIdCookie.sameSite = NONE
但是,如果我尝试使用Maven进行编译,则会收到以下错误消息:
[ERROR] Failed to execute goal org.wildfly.plugins:wildfly-maven-plugin:2.0.1.Final:deploy (default-cli) on project api: Failed to execute goal deploy: {"WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:" => {"Operation step-1" => {"WFLYCTL0080: Failed services" => {"jboss.deployment.unit.\"api.war\".undertow-deployment" => "java.lang.RuntimeException: org.apache.shiro.config.ConfigurationException: Unable to set property 'sessionIdCookie.sameSite' with value [NONE] on object of type org.apache.shiro.web.session.mgt.DefaultWebSessionManager. If 'NONE' is a reference to another (previously defined) object, prefix it with '$' to indicate that the referenced object should be used as the actual value. For example, $NONE
[ERROR] Caused by: java.lang.RuntimeException: org.apache.shiro.config.ConfigurationException: Unable to set property 'sessionIdCookie.sameSite' with value [NONE] on object of type org.apache.shiro.web.session.mgt.DefaultWebSessionManager. If 'NONE' is a reference to another (previously defined) object, prefix it with '$' to indicate that the referenced object should be used as the actual value. For example, $NONE
[ERROR] Caused by: org.apache.shiro.config.ConfigurationException: Unable to set property 'sessionIdCookie.sameSite' with value [NONE] on object of type org.apache.shiro.web.session.mgt.DefaultWebSessionManager. If 'NONE' is a reference to another (previously defined) object, prefix it with '$' to indicate that the referenced object should be used as the actual value. For example, $NONE
[ERROR] Caused by: org.apache.commons.beanutils.ConversionException: Default conversion to org.apache.shiro.web.servlet.Cookie$SameSiteOptions failed.
[ERROR] Caused by: org.apache.commons.beanutils.ConversionException: Can't convert value '' to type class org.apache.shiro.web.servlet.Cookie$SameSiteOptions"}}}}
我尝试过的事情:
NONE org.apache.shiro.web.servlet.Cookie.SameSiteOptions.NONE代替
只是NONE 如何配置shiro.ini文件,以使Shiro的会话Cookie的sameSite属性设置为NONE?
答案 0 :(得分:0)