You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by charmpeach <gl...@gmail.com> on 2014/07/01 13:26:49 UTC
NullPointerException using Shiro
I'm adding shiro to an existing Web application(using spring mvc), but I
always got NullPointerException.
Here are the error message:
Servlet.service() for servlet [jsp] in context with path [/haha-web]
threw exception [Filtered request failed.] with root cause
java.lang.NullPointerException
at
org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
at
org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
at
org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
at
org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
at
org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
at
org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
at
org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
org.apache.catalina.core.StandardWrapperValve invoke
Servlet.service() for servlet [static] in context with path [/haha-web]
threw exception [Filtered request failed.] with root cause
java.lang.NullPointerException
at
org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
at
org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
at
org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
at
org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
at
org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
at
org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
at
org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
org.apache.catalina.core.StandardWrapperValve invoke
Servlet.service() for servlet [static] in context with path [/haha-web]
threw exception [Filtered request failed.] with root cause
java.lang.NullPointerException
at
org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
at
org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
at
org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
at
org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
at
org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
at
org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
at
org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
I checked the source code of Shiro, seems the sessionManager is Null.
Here are part of my shiro config:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">
<bean id="cacheManager"
class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile"
value="classpath:spring/ehcache.xml"/>
</bean>
<bean id="credentialsMatcher"
class="org.haha.security.credentials.RetryLimitHashedCredentialsMatcher">
<constructor-arg ref="cacheManager"/>
<property name="hashAlgorithmName" value="md5"/>
<property name="hashIterations" value="2"/>
<property name="storedCredentialsHexEncoded" value="true"/>
</bean>
<bean id="userRealm" class="org.haha.security.realm.UserRealm">
<property name="operatorService" ref="operatorService"/>
<property name="credentialsMatcher" ref="credentialsMatcher"/>
<property name="cachingEnabled" value="true"/>
<property name="authenticationCachingEnabled" value="true"/>
<property name="authenticationCacheName"
value="authenticationCache"/>
<property name="authorizationCachingEnabled" value="true"/>
<property name="authorizationCacheName"
value="authorizationCache"/>
</bean>
<bean id="sessionIdGenerator"
class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
<bean id="sessionIdCookie"
class="org.apache.shiro.web.servlet.SimpleCookie">
<constructor-arg value="sid"/>
<property name="httpOnly" value="true"/>
<property name="maxAge" value="180000"/>
</bean>
<bean id="sessionDAO"
class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="activeSessionsCacheName"
value="shiro-activeSessionCache"/>
<property name="sessionIdGenerator" ref="sessionIdGenerator"/>
</bean>
<bean id="sessionValidationScheduler"
class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
<property name="sessionValidationInterval" value="1800000"/>
<property name="sessionManager" ref="sessionManager"/>
</bean>
<bean id="sessionManager"
class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="globalSessionTimeout" value="1800000"/>
<property name="deleteInvalidSessions" value="true"/>
<property name="sessionValidationSchedulerEnabled" value="true"/>
<property name="sessionValidationScheduler"
ref="sessionValidationScheduler"/>
<property name="sessionDAO" ref="sessionDAO"/>
<property name="sessionIdCookieEnabled" value="true"/>
<property name="sessionIdCookie" ref="sessionIdCookie"/>
</bean>
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="userRealm"/>
<property name="sessionManager" ref="sessionManager"/>
<property name="cacheManager" ref="cacheManager"/>
</bean>
<bean
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod"
value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
<property name="arguments" ref="securityManager"/>
</bean>
<bean id="lifecycleBeanPostProcessor"
class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/home"/>
<property name="successUrl" value="/home"/>
<property name="unauthorizedUrl" value="/home"/>
<property name="filterChainDefinitions">
<value>
/js/** = anon
/api-js/** = anon
/img/** = anon
/css/** = anon
/** = authc
</value>
</property>
</bean>
</beans>
I'm new to Shiro, and I've tried everything I could in the past 4 days T_T,
hope someone can help me.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: NullPointerException using Shiro
Posted by charmpeach <gl...@gmail.com>.
I've already read through the sample code, and didn't figure out any obvious
errors. I'm new to Shiro, also a green hand in spring.... Maybe there are
something important I missed?
--
View this message in context: http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580053.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: NullPointerException using Shiro
Posted by charmpeach <gl...@gmail.com>.
gracias~
--
View this message in context: http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580065.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: NullPointerException using Shiro
Posted by Brian Demers <br...@gmail.com>.
Take a look at this:
https://github.com/apache/shiro/blob/trunk/core/src/main/java/org/apache/shiro/mgt/SessionsSecurityManager.java#L159-L163
It is a few parents up, but these classes are Destroyable:
https://github.com/apache/shiro/blob/trunk/core/src/main/java/org/apache/shiro/mgt/CachingSecurityManager.java#L40
However you are reloading your app, you will need to handle reinitializing
Shiro (or do something with spring)
On Wed, Jul 2, 2014 at 9:09 PM, charmpeach <gl...@gmail.com> wrote:
> It will be very helpful if you can give me some cue on where sessionManager
> become null and where to implement the life cycle handling. Thanks in
> advance!
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580058.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: NullPointerException using Shiro
Posted by charmpeach <gl...@gmail.com>.
It will be very helpful if you can give me some cue on where sessionManager
become null and where to implement the life cycle handling. Thanks in
advance!
--
View this message in context: http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580058.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: NullPointerException using Shiro
Posted by Brian Demers <br...@gmail.com>.
Ahhh, some of the core classes implement life cycle handling, if you want to be able to restart you app, you may need to code around this.
(Away from my desk, but if you don't see what I'm talking about let me know and I'll send a better response later)
-Brian
> On Jul 2, 2014, at 1:21 AM, charmpeach <gl...@gmail.com> wrote:
>
> My web application will reload context on `ContextRefreshedEvent`(when
> `ApplicationContext` get initialized), I rewrite the code to avoid the
> reload, and the NullPointerException disappear. Though I didn't quite
> understand the logic, but it seems the reload make sessionManager become
> null. Do you know what happen in this process? .
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580054.html
> Sent from the Shiro User mailing list archive at Nabble.com.
Re: NullPointerException using Shiro
Posted by charmpeach <gl...@gmail.com>.
My web application will reload context on `ContextRefreshedEvent`(when
`ApplicationContext` get initialized), I rewrite the code to avoid the
reload, and the NullPointerException disappear. Though I didn't quite
understand the logic, but it seems the reload make sessionManager become
null. Do you know what happen in this process? .
--
View this message in context: http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580054.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: NullPointerException using Shiro
Posted by Brian Demers <br...@gmail.com>.
Are you hitting the web impls (WebSecurityManager, etc)? it isn't obvious
from the stacktrace
I'm guessing something with your bean config isn't setup right, I'm not
much of a Spring guy though.
If you haven't already seen the Spring example, take a look at this config:
https://github.com/apache/shiro/blob/shiro-root-1.2.3/samples/spring/src/main/webapp/WEB-INF/applicationContext.xml
Otherwise, someone else can chime in.
On Tue, Jul 1, 2014 at 10:14 AM, charmpeach <gl...@gmail.com> wrote:
> 1.2.3
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580051.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
Re: NullPointerException using Shiro
Posted by charmpeach <gl...@gmail.com>.
1.2.3
--
View this message in context: http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049p7580051.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: NullPointerException using Shiro
Posted by Brian Demers <br...@gmail.com>.
Which version are you using ?
On Tue, Jul 1, 2014 at 7:26 AM, charmpeach <gl...@gmail.com> wrote:
> I'm adding shiro to an existing Web application(using spring mvc), but I
> always got NullPointerException.
>
> Here are the error message:
>
> Servlet.service() for servlet [jsp] in context with path [/haha-web]
> threw exception [Filtered request failed.] with root cause
> java.lang.NullPointerException
> at
>
> org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
> at
> org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
> at
>
> org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
> at
>
> org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
> at
>
> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
> at
>
> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at
>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
> at
>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
> at
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
> at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
> at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
> at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
> at
>
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
> at
>
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
> at
>
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
> at
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
>
> org.apache.catalina.core.StandardWrapperValve invoke
> Servlet.service() for servlet [static] in context with path [/haha-web]
> threw exception [Filtered request failed.] with root cause
> java.lang.NullPointerException
> at
>
> org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
> at
> org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
> at
>
> org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
> at
>
> org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
> at
>
> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
> at
>
> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at
>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
> at
>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
> at
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
> at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
> at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
> at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
> at
>
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
> at
>
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
> at
>
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
> at
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
>
> org.apache.catalina.core.StandardWrapperValve invoke
> Servlet.service() for servlet [static] in context with path [/haha-web]
> threw exception [Filtered request failed.] with root cause
> java.lang.NullPointerException
> at
>
> org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
> at
>
> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
> at
> org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
> at
>
> org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
> at
>
> org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
> at
>
> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
> at
>
> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
> at
>
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at
>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
> at
>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
> at
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
> at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
> at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
> at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
> at
>
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
> at
>
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
> at
>
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
> at
>
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
>
> I checked the source code of Shiro, seems the sessionManager is Null.
>
> Here are part of my shiro config:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:util="http://www.springframework.org/schema/util"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd
> http://www.springframework.org/schema/util
> http://www.springframework.org/schema/util/spring-util.xsd">
>
> <bean id="cacheManager"
> class="org.apache.shiro.cache.ehcache.EhCacheManager">
> <property name="cacheManagerConfigFile"
> value="classpath:spring/ehcache.xml"/>
> </bean>
>
> <bean id="credentialsMatcher"
> class="org.haha.security.credentials.RetryLimitHashedCredentialsMatcher">
> <constructor-arg ref="cacheManager"/>
> <property name="hashAlgorithmName" value="md5"/>
> <property name="hashIterations" value="2"/>
> <property name="storedCredentialsHexEncoded" value="true"/>
> </bean>
>
> <bean id="userRealm" class="org.haha.security.realm.UserRealm">
> <property name="operatorService" ref="operatorService"/>
> <property name="credentialsMatcher"
> ref="credentialsMatcher"/>
> <property name="cachingEnabled" value="true"/>
> <property name="authenticationCachingEnabled" value="true"/>
> <property name="authenticationCacheName"
> value="authenticationCache"/>
> <property name="authorizationCachingEnabled" value="true"/>
> <property name="authorizationCacheName"
> value="authorizationCache"/>
> </bean>
>
> <bean id="sessionIdGenerator"
> class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>
>
> <bean id="sessionIdCookie"
> class="org.apache.shiro.web.servlet.SimpleCookie">
> <constructor-arg value="sid"/>
> <property name="httpOnly" value="true"/>
> <property name="maxAge" value="180000"/>
> </bean>
>
> <bean id="sessionDAO"
> class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
> <property name="activeSessionsCacheName"
> value="shiro-activeSessionCache"/>
> <property name="sessionIdGenerator" ref="sessionIdGenerator"/>
> </bean>
>
> <bean id="sessionValidationScheduler"
>
> class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
> <property name="sessionValidationInterval"
> value="1800000"/>
> <property name="sessionManager" ref="sessionManager"/>
> </bean>
>
> <bean id="sessionManager"
> class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
> <property name="globalSessionTimeout" value="1800000"/>
> <property name="deleteInvalidSessions" value="true"/>
> <property name="sessionValidationSchedulerEnabled"
> value="true"/>
> <property name="sessionValidationScheduler"
> ref="sessionValidationScheduler"/>
> <property name="sessionDAO" ref="sessionDAO"/>
> <property name="sessionIdCookieEnabled" value="true"/>
> <property name="sessionIdCookie" ref="sessionIdCookie"/>
> </bean>
>
> <bean id="securityManager"
> class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
> <property name="realm" ref="userRealm"/>
> <property name="sessionManager" ref="sessionManager"/>
> <property name="cacheManager" ref="cacheManager"/>
> </bean>
>
> <bean
> class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
> <property name="staticMethod"
> value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
> <property name="arguments" ref="securityManager"/>
> </bean>
>
> <bean id="lifecycleBeanPostProcessor"
> class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
>
> <bean id="shiroFilter"
> class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
> <property name="securityManager" ref="securityManager"/>
> <property name="loginUrl" value="/home"/>
> <property name="successUrl" value="/home"/>
> <property name="unauthorizedUrl" value="/home"/>
> <property name="filterChainDefinitions">
> <value>
> /js/** = anon
> /api-js/** = anon
> /img/** = anon
> /css/** = anon
> /** = authc
> </value>
> </property>
> </bean>
>
> </beans>
>
> I'm new to Shiro, and I've tried everything I could in the past 4 days T_T,
> hope someone can help me.
>
>
>
> --
> View this message in context:
> http://shiro-user.582556.n2.nabble.com/NullPointerException-using-Shiro-tp7580049.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>