diff --git a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/shiro/AdminWebSessionManager.java b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/shiro/AdminWebSessionManager.java
index e2795bbb..d9c784d9 100644
--- a/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/shiro/AdminWebSessionManager.java
+++ b/litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/shiro/AdminWebSessionManager.java
@@ -14,6 +14,14 @@ public class AdminWebSessionManager extends DefaultWebSessionManager {
     public static final String LOGIN_TOKEN_KEY = "X-Litemall-Admin-Token";
     private static final String REFERENCED_SESSION_ID_SOURCE = "Stateless request";
 
+
+    public AdminWebSessionManager() {
+        super();
+        setGlobalSessionTimeout(MILLIS_PER_HOUR * 6);
+        setSessionIdCookieEnabled(false);
+        setSessionIdUrlRewritingEnabled(false);
+    }
+
     @Override
     protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
         String id = WebUtils.toHttp(request).getHeader(LOGIN_TOKEN_KEY);
diff --git a/pom.xml b/pom.xml
index c1ca1d4e..a11ad039 100644
--- a/pom.xml
+++ b/pom.xml
@@ -73,7 +73,7 @@
             <dependency>
                 <groupId>org.apache.shiro</groupId>
                 <artifactId>shiro-spring-boot-web-starter</artifactId>
-                <version>1.4.0</version>
+                <version>1.6.0</version>
             </dependency>
 
             <dependency>