shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jcvidal <jcvi...@improve.fr>
Subject Re: SHIRO and Flex-RPC
Date Wed, 15 Jul 2009 09:16:04 GMT

Hi

In fact, there is a trouble : the filter create a "dummy" Subject (without
authencation and principals) and the HTTP datas are binding during the
SecurityUtils.getSubject(). So : let's say you login in thread24. After you
do other things (getting roles, for example), but in thread25. After the
SecurityUtils.getSubject(), you get a Subject, but a "dummy" one. So you
have to test the Subject.isAuthenticated() and if the result is false, you
have to unbind the Subject from the ThreadContext and retry.

I don't know why it's working in your case, but i suppose you're using
always the same thread (no flex concurrent accesses).


Jean-Charles





-- 
View this message in context: http://n2.nabble.com/SHIRO-and-Flex-RPC-tp3230066p3261968.html
Sent from the Shiro User mailing list archive at Nabble.com.

Mime
View raw message