The following shiro.ini code no worky. Tomcat running on port 8080, with SSL running on 8443.
(It looks to me like PortFilter.onAccessDenied() appends the request.getServerPort() instead of the port. If I now read this correctly [might not, this is my first foray into Shiro source], it appears that you can only have SSL on 443 or 80, or else it must be on the same port as the request itself )
As far as I can tell, this occurs in all versions up until the current trunk.