shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Demers (JIRA)" <>
Subject [jira] [Commented] (SHIRO-648) SecurityUtils.getSubject() throws intermittently
Date Thu, 07 Jun 2018 14:14:00 GMT


Brian Demers commented on SHIRO-648:

This is likely an issue with how Geode is configured.

Typically you wouldn't call {{curentUser.login(token)}} directly.  Instead the underlying
framework would do this.

Can you provide more information about the request?  Is it made within the context of a servlet
request?  Is it async?

Take a look at: 

> SecurityUtils.getSubject() throws
> --------------------------------------------------------------------------------------------------------
>                 Key: SHIRO-648
>                 URL:
>             Project: Shiro
>          Issue Type: Bug
>          Components: Authentication (log-in)
>    Affects Versions: 1.3.2
>            Reporter: Jinmei Liao
>            Priority: Major
> When our application starts, we set the vm static SecurityManager using
> {code:java}
> SecurityUtils.setSecurityManager(xyz);
> {code}
> But sometimes when we do login using:
> {code:java}
> Subject currentUser = SecurityUtils.getSubject();
> curentUser.login(tokent)
> {code}
> we occasionally get the following exception:
> {code:java}
> No SecurityManager accessible
to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static
singleton.  This is an invalid application configuration.
> {code}
> We suspect that it's because the vm static SecurityManager is not volatile and not visible
to the login thread....

This message was sent by Atlassian JIRA

View raw message