shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dan Finkelstein (Created) (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SHIRO-350) Creating a subject should not create a session
Date Wed, 14 Mar 2012 19:06:41 GMT
Creating a subject should not create a session
----------------------------------------------

                 Key: SHIRO-350
                 URL: https://issues.apache.org/jira/browse/SHIRO-350
             Project: Shiro
          Issue Type: Bug
    Affects Versions: 1.2.0
            Reporter: Dan Finkelstein


When the following method is called:

public Subject getSubjectByLogin(final String login) {
                PrincipalCollection principals = new SimplePrincipalCollection(login, REALM_NAME);
                return new Subject.Builder().principals(principals).buildSubject();
        } 

it throws an exception on buildSubject():

Caused by: java.lang.IllegalArgumentException: SessionContext must be an HTTP compatible implementation.
        at org.apache.shiro.web.session.mgt.ServletContainerSessionManager.createSession(ServletContainerSessionManager.java:103)
        at org.apache.shiro.web.session.mgt.ServletContainerSessionManager.start(ServletContainerSessionManager.java:64)
        at org.apache.shiro.mgt.SessionsSecurityManager.start(SessionsSecurityManager.java:121)
        at org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:336)
        at org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:314)
        at org.apache.shiro.mgt.DefaultSubjectDAO.mergePrincipals(DefaultSubjectDAO.java:182)
        at org.apache.shiro.mgt.DefaultSubjectDAO.saveToSession(DefaultSubjectDAO.java:163)
        at org.apache.shiro.mgt.DefaultSubjectDAO.save(DefaultSubjectDAO.java:144)
        at org.apache.shiro.mgt.DefaultSecurityManager.save(DefaultSecurityManager.java:383)
        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:350)
        at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) 

It tries to create a session but really should not.

Please see forum http://shiro-user.582556.n2.nabble.com/Subject-being-changed-td7370203.html
for more details

In our app, in our backoffice area, we display lists of users and their roles, and this functionality
is used in this way.



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message