shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Les Hazlewood (JIRA)" <>
Subject [jira] Reopened: (SHIRO-60) Standalone environment - automatically create new session after expiration
Date Wed, 05 May 2010 17:08:04 GMT


Les Hazlewood reopened SHIRO-60:

Apparently this is not working as expected and the DefaultSecurityManagerTest 'testAutoCreateSessionAfterInvalidation'
test case does not accurately verify the functionality.

> Standalone environment - automatically create new session after expiration
> --------------------------------------------------------------------------
>                 Key: SHIRO-60
>                 URL:
>             Project: Shiro
>          Issue Type: Improvement
>            Reporter: Les Hazlewood
>            Assignee: Les Hazlewood
> Per this thread:
> In a non-web environment, it would be nice if the SecurityManager would automatically/transparently
create a new Session for a subject if their existing session expires.  The web environment
already works this way.
> It would probably be best if there were a securityManager configuration attribute, say
'createNewSessionAfterExpiration' (or something similar) that would enable this feature.
> I'm thinking it should be enabled by default, as I assume the large majority of application
developers wouldn't want to catch InvalidSessionException in their code.  It could be disabled
by using the aforementioned config attribute.
> The DefaultWebSecurityManager could just piggyback the same logic, simplifying its code
(and its internal delegate WebSessionManager).

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message