You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Tauren Mills (JIRA)" <ji...@apache.org> on 2010/05/18 05:10:42 UTC
[jira] Created: (SHIRO-164) The request/response pair should be
available at all times to web-related components
The request/response pair should be available at all times to web-related components
------------------------------------------------------------------------------------
Key: SHIRO-164
URL: https://issues.apache.org/jira/browse/SHIRO-164
Project: Shiro
Issue Type: Bug
Components: Session Management
Reporter: Tauren Mills
According to Les, for web-initiated interaction, you should not be seeing these messages:
DEBUG - DefaultWebSessionManager - No request or response bound to
the thread. Session ID cookie cannot be removed. This could occur in
a web application that also services non web clients (e.g. RMI
remoting).
DEBUG - DefaultWebSessionManager - Request or response object is not
bound to the thread. Assuming this session start activity is due to a
non web request (possible in a web application that also services non
web clients.
Full thread available here, with logs:
http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Commented: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by Les Hazlewood <lh...@apache.org>.
Just a quick update - things are going well with the final fix. I'll
have this committed today. I'll have to merge in my branch to trunk
at that point.
- Les
On Tue, May 18, 2010 at 9:58 AM, Les Hazlewood (JIRA) <ji...@apache.org> wrote:
>
> [ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868736#action_12868736 ]
>
> Les Hazlewood commented on SHIRO-164:
> -------------------------------------
>
> Hi Guys,
>
> This is great feedback - thanks! Log messages and stack traces are definitely better than none - don't apologize for that :)
>
> The solution in place has one issue that does not clean up session id cookies properly after invalidation. I'll fix that now and then we should be done.
>
> Thanks again,
>
> Les
>
>> The request/response pair should be available at all times to web-related components
>> ------------------------------------------------------------------------------------
>>
>> Key: SHIRO-164
>> URL: https://issues.apache.org/jira/browse/SHIRO-164
>> Project: Shiro
>> Issue Type: Bug
>> Components: Session Management
>> Reporter: Tauren Mills
>>
>> According to Les, for web-initiated interaction, you should not be seeing these messages:
>> DEBUG - DefaultWebSessionManager - No request or response bound to
>> the thread. Session ID cookie cannot be removed. This could occur in
>> a web application that also services non web clients (e.g. RMI
>> remoting).
>> DEBUG - DefaultWebSessionManager - Request or response object is not
>> bound to the thread. Assuming this session start activity is due to a
>> non web request (possible in a web application that also services non
>> web clients.
>> Full thread available here, with logs:
>> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
>
[jira] Commented: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by "Les Hazlewood (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868550#action_12868550 ]
Les Hazlewood commented on SHIRO-164:
-------------------------------------
Hi Tauren and Ryan,
Would you guys please give this branch a try?
https://svn.apache.org/repos/asf/incubator/shiro/branches/session_manager_API_change
This should clear all thread binding issues. All of the project tests pass, but I'd like to get some real app feedback before attempting to merge into trunk. Please let me know how it goes.
- Les
> The request/response pair should be available at all times to web-related components
> ------------------------------------------------------------------------------------
>
> Key: SHIRO-164
> URL: https://issues.apache.org/jira/browse/SHIRO-164
> Project: Shiro
> Issue Type: Bug
> Components: Session Management
> Reporter: Tauren Mills
>
> According to Les, for web-initiated interaction, you should not be seeing these messages:
> DEBUG - DefaultWebSessionManager - No request or response bound to
> the thread. Session ID cookie cannot be removed. This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager - Request or response object is not
> bound to the thread. Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by "Ryan McKinley (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868520#action_12868520 ]
Ryan McKinley commented on SHIRO-164:
-------------------------------------
This problem also surfaces (intermittently) with wicket. I often see an error that looks like:
java.lang.IllegalStateException: No ServletRequest found in ThreadContext. Make sure WebUtils.bind() is being called. (typically called by AbstractShiroFilter) This could also happen when running integration tests that don't properly call WebUtils.bind().
at org.apache.shiro.web.WebUtils.getRequiredServletRequest(WebUtils.java:472)
at org.apache.shiro.web.session.ServletContainerSessionManager.doGetSession(ServletContainerSessionManager.java:68)
at org.apache.shiro.session.mgt.AbstractSessionManager.getSession(AbstractSessionManager.java:246)
at org.apache.shiro.session.mgt.AbstractSessionManager.getAttribute(AbstractSessionManager.java:220)
at org.apache.shiro.mgt.SessionsSecurityManager.getAttribute(SessionsSecurityManager.java:173)
at org.apache.shiro.session.mgt.DelegatingSession.getAttribute(DelegatingSession.java:188)
at org.apache.shiro.subject.support.DefaultSubjectContext.resolveAuthenticated(DefaultSubjectContext.java:241)
at org.apache.shiro.web.mgt.DefaultWebSubjectFactory.createSubject(DefaultWebSubjectFactory.java:57)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:340)
at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:819)
at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:101)
at org.apache.shiro.web.servlet.AbstractShiroFilter.bind(AbstractShiroFilter.java:215)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:307)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:83)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1190)
> The request/response pair should be available at all times to web-related components
> ------------------------------------------------------------------------------------
>
> Key: SHIRO-164
> URL: https://issues.apache.org/jira/browse/SHIRO-164
> Project: Shiro
> Issue Type: Bug
> Components: Session Management
> Reporter: Tauren Mills
>
> According to Les, for web-initiated interaction, you should not be seeing these messages:
> DEBUG - DefaultWebSessionManager - No request or response bound to
> the thread. Session ID cookie cannot be removed. This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager - Request or response object is not
> bound to the thread. Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by "Les Hazlewood (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Les Hazlewood resolved SHIRO-164.
---------------------------------
Assignee: Les Hazlewood
Fix Version/s: 1.0.0
Resolution: Fixed
All tests pass w/ community validation.
> The request/response pair should be available at all times to web-related components
> ------------------------------------------------------------------------------------
>
> Key: SHIRO-164
> URL: https://issues.apache.org/jira/browse/SHIRO-164
> Project: Shiro
> Issue Type: Bug
> Components: Session Management
> Reporter: Tauren Mills
> Assignee: Les Hazlewood
> Fix For: 1.0.0
>
>
> According to Les, for web-initiated interaction, you should not be seeing these messages:
> DEBUG - DefaultWebSessionManager - No request or response bound to
> the thread. Session ID cookie cannot be removed. This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager - Request or response object is not
> bound to the thread. Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by "Tauren Mills (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868560#action_12868560 ]
Tauren Mills commented on SHIRO-164:
------------------------------------
Les,
I'm heading to bed, but wanted to give you some feedback. Sorry for the long logs, but I figured it would be better to give you more than you need than too little.
I tried out the branch you suggest, and I now no longer see the UnknownSessionException when I perform the same 2 concurrent ajax requests:
TRACE - OncePerRequestFilter - Filter 'null' not yet executed. Executing now.
TRACE - DefaultSecurityManager - Context already contains a SecurityManager instance. Returning.
DEBUG - SimpleCookie - Found string value [be36cfd8-5be1-47fb-9881-506a7508c07e] from Cookie [JSESSIONID]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - AbstractShiroFilter - No FilterChain configured for the current request. Using the default.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ShiroFilterFactoryBean - Ignoring non-Filter bean 'assignorsResource'
DEBUG - GameJsonServiceImpl - -----------------------------------------------------------------------------
DEBUG - GameJsonServiceImpl - Getting Games Managed By Member
TRACE - OncePerRequestFilter - Filter 'null' not yet executed. Executing now.
TRACE - DefaultSecurityManager - Context already contains a SecurityManager instance. Returning.
DEBUG - MemberServiceImpl - Getting current member
DEBUG - MemberServiceImpl - Get member by id: 2
DEBUG - SimpleCookie - Found string value [be36cfd8-5be1-47fb-9881-506a7508c07e] from Cookie [JSESSIONID]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - AbstractShiroFilter - No FilterChain configured for the current request. Using the default.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ShiroFilterFactoryBean - Ignoring non-Filter bean 'assignorsResource'
DEBUG - MemberServiceImpl - Returning member: com.sprtz.model.Member@705ffe55[ID=2,Name=beck]
DEBUG - GameJsonServiceImpl - Get Games managed by member: com.sprtz.model.Member@705ffe55[ID=2,Name=beck]
DEBUG - GameJsonServiceImpl - -----------------------------------------------------------------------------
DEBUG - GameJsonServiceImpl - Getting Recommened Officiators
DEBUG - MemberServiceImpl - Getting current member
DEBUG - MemberServiceImpl - Get member by id: 2
DEBUG - MemberServiceImpl - Returning member: com.sprtz.model.Member@434d3d4f[ID=2,Name=beck]
However, when I restart jetty, and then hit it for the first time, I do get the UnknownSessionException:
INFO - log - Started SocketConnector@0.0.0.0:8080
INFO - log - Started SslSocketConnector@0.0.0.0:8443
TRACE - OncePerRequestFilter - Filter 'null' not yet executed. Executing now.
TRACE - DefaultSecurityManager - Context already contains a SecurityManager instance. Returning.
TRACE - SimpleCookie - No value found in request Cookies under cookie name [JSESSIONID]
DEBUG - DefaultSecurityManager - Resolved SubjectContext context session is invalid. Ignoring and creating an anonymous (session-less) Subject instance.
org.apache.shiro.session.UnknownSessionException: Unable to resolve a session id from SessionContext [org.apache.shiro.web.session.DefaultWebSessionContext@7ab890f6]. This is required to retrieve the corresponding session.
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getSession(AbstractNativeSessionManager.java:73)
at org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
at org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:390)
at org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:377)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:328)
at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:819)
at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:91)
at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:202)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:269)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:83)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1088)
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1088)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:729)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:829)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:513)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)
TRACE - DefaultSecurityManager - No identity (PrincipalCollection) found in the context. Looking for a remembered identity.
DEBUG - SimpleCookie - Found string value [p9PNM4iDmrfPhCG7w+2rX1l3HtwrvkzNfF7JBrMfpVwo9VdlAFFu+WDrtvChLPv+PG6lb3NDO6a4WxOcjWG7YaWX2BsDAUXnzgFcXHTvWp9LlNiTdl4pF/EbekI60SYCon77WWNsSqxSO+QwuleKkCIHf7Jm5FpMc+RIb7UGZFN6/LFLtolNIp5jZ17pBDymYyKzDjYP88U7SXU3A59kJLQW6eJ5kAw5b7MyNZqsDblHGQh6/6NJ0nK7KfFS5nTgs2X05C3mbXE2jsuCtJwBb/+8tuFAqAiVVQNlMDV7az7vxR/2Uh230Fw7J9WD9x/HFiBlrttygFiy/F5jwevf8h5bMqPEugpUpOEo8JQ3FhYEZQCloNBBH2bQ0yJCIYaKF5hNgIC2j2fV0sXd5L9iB7zchFbCX07hTBgeC5tXeqrGR5qi2RvBXaWaGzqSml3eL87lFW4urZHC1M9tP3UCpaYQjM/ZQMp1T7Qu9pa/VzmcGQkDAQthNkCUYrgnYRpl4KUMyply/HVlys02x+krAPq7lRDgXZY4sFgGcZ+LL/Tjqmi1sLkvMN1HQ9v3Nl0DsEDBazr7w/Hc5a4D2hi7Uw==] from Cookie [rememberMe]
TRACE - CookieRememberMeManager - Acquired Base64 encoded identity [p9PNM4iDmrfPhCG7w+2rX1l3HtwrvkzNfF7JBrMfpVwo9VdlAFFu+WDrtvChLPv+PG6lb3NDO6a4WxOcjWG7YaWX2BsDAUXnzgFcXHTvWp9LlNiTdl4pF/EbekI60SYCon77WWNsSqxSO+QwuleKkCIHf7Jm5FpMc+RIb7UGZFN6/LFLtolNIp5jZ17pBDymYyKzDjYP88U7SXU3A59kJLQW6eJ5kAw5b7MyNZqsDblHGQh6/6NJ0nK7KfFS5nTgs2X05C3mbXE2jsuCtJwBb/+8tuFAqAiVVQNlMDV7az7vxR/2Uh230Fw7J9WD9x/HFiBlrttygFiy/F5jwevf8h5bMqPEugpUpOEo8JQ3FhYEZQCloNBBH2bQ0yJCIYaKF5hNgIC2j2fV0sXd5L9iB7zchFbCX07hTBgeC5tXeqrGR5qi2RvBXaWaGzqSml3eL87lFW4urZHC1M9tP3UCpaYQjM/ZQMp1T7Qu9pa/VzmcGQkDAQthNkCUYrgnYRpl4KUMyply/HVlys02x+krAPq7lRDgXZY4sFgGcZ+LL/Tjqmi1sLkvMN1HQ9v3Nl0DsEDBazr7w/Hc5a4D2hi7Uw==]
TRACE - CookieRememberMeManager - Base64 decoded byte array length: 448 bytes.
TRACE - JcaCipherService - Attempting to decrypt incoming byte array of length 432
DEBUG - MemberServiceImpl - Finding member by id: 2
DEBUG - DefaultSecurityManager - Found remembered PrincipalCollection. Adding to the context to be used for subject construction by the SubjectFactory.
TRACE - DefaultSecurityManager - No session in the current subject context. One will be created to persist principals [2] Doing this prevents unnecessary repeated RememberMe operations since an identity has been discovered.
DEBUG - ctValidatingSessionManager - No sessionValidationScheduler set. Attempting to create default instance.
TRACE - ctValidatingSessionManager - Created default SessionValidationScheduler instance of type [org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler].
INFO - ctValidatingSessionManager - Enabling session validation scheduler...
TRACE - DefaultSessionManager - Creating session for host 127.0.0.1
DEBUG - DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
TRACE - SimpleCookie - calculated path: /
DEBUG - SimpleCookie - Added HttpServletResponse Cookie [JSESSIONID=1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd; Path=/; HttpOnly]
TRACE - DefaultWebSessionManager - Set session ID cookie for session with id 1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd
DEBUG - DefaultSecurityManager - Created session with id 1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd to retain discovered principals 2
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - AbstractShiroFilter - No FilterChain configured for the current request. Using the default.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - AuthorizingRealm - Retrieving AuthorizationInfo for principals [2]
TRACE - AuthorizingRealm - Attempting to retrieve the AuthorizationInfo from cache.
TRACE - AuthorizingRealm - No AuthorizationInfo found in cache for principals [2]
DEBUG - MemberServiceImpl - Get member by id: 2
DEBUG - MemberServiceImpl - Returning member: com.sprtz.model.Member@6a8ba7d9[ID=2,Name=beck]
TRACE - AuthorizingRealm - Caching authorization info for principals: [2].
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [1dc68d74-f4c5-489c-aa3b-fa4a55ac86fd]
Also, when I log out, I get them as well:
INFO - AuthenticatedSession - Member logout: 2
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - SimpleCookie - calculated path: /
DEBUG - SimpleCookie - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Expires=Mon, 17-May-2010 07:43:25 GMT]
TRACE - SimpleCookie - Removed 'rememberMe' cookie by setting maxAge=0
DEBUG - DefaultSecurityManager - Logging out subject with primary principal {}2
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
DEBUG - AbstractSessionManager - Stopping session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - SimpleCookie - calculated path: /
DEBUG - SimpleCookie - Added HttpServletResponse Cookie [JSESSIONID=deleteMe; Path=/; Expires=Mon, 17-May-2010 07:43:25 GMT]
TRACE - SimpleCookie - Removed 'JSESSIONID' cookie by setting maxAge=0
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [be36cfd8-5be1-47fb-9881-506a7508c07e]
TRACE - OncePerRequestFilter - Filter 'null' not yet executed. Executing now.
TRACE - DefaultSecurityManager - Context already contains a SecurityManager instance. Returning.
TRACE - SimpleCookie - No value found in request Cookies under cookie name [JSESSIONID]
DEBUG - DefaultSecurityManager - Resolved SubjectContext context session is invalid. Ignoring and creating an anonymous (session-less) Subject instance.
org.apache.shiro.session.UnknownSessionException: Unable to resolve a session id from SessionContext [org.apache.shiro.web.session.DefaultWebSessionContext@74d7313b]. This is required to retrieve the corresponding session.
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getSession(AbstractNativeSessionManager.java:73)
at org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
at org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:390)
at org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:377)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:328)
at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:819)
at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:91)
at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:202)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:269)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:83)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1088)
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1088)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:729)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:829)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:513)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)
TRACE - DefaultSecurityManager - No identity (PrincipalCollection) found in the context. Looking for a remembered identity.
TRACE - SimpleCookie - No value found in request Cookies under cookie name [rememberMe]
TRACE - DefaultSecurityManager - No remembered identity found. Returning original context.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - AbstractShiroFilter - No FilterChain configured for the current request. Using the default.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = true; session is null = true; session has id = false
TRACE - DelegatingSubject - Starting session for host 127.0.0.1
TRACE - DefaultSessionManager - Creating session for host 127.0.0.1
DEBUG - DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
TRACE - SimpleCookie - calculated path: /
DEBUG - SimpleCookie - Added HttpServletResponse Cookie [JSESSIONID=5173e73d-32e0-4eb6-a573-574a3bcc6c59; Path=/; HttpOnly]
TRACE - DefaultWebSessionManager - Set session ID cookie for session with id 5173e73d-32e0-4eb6-a573-574a3bcc6c59
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - OncePerRequestFilter - Filter 'null' not yet executed. Executing now.
TRACE - DefaultSecurityManager - Context already contains a SecurityManager instance. Returning.
TRACE - SimpleCookie - No value found in request Cookies under cookie name [JSESSIONID]
DEBUG - DefaultSecurityManager - Resolved SubjectContext context session is invalid. Ignoring and creating an anonymous (session-less) Subject instance.
org.apache.shiro.session.UnknownSessionException: Unable to resolve a session id from SessionContext [org.apache.shiro.web.session.DefaultWebSessionContext@cc94504]. This is required to retrieve the corresponding session.
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getSession(AbstractNativeSessionManager.java:73)
at org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
at org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:390)
at org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:377)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:328)
at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:819)
at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:91)
at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:202)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:269)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:83)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1088)
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1088)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:729)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:829)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:513)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)
TRACE - DefaultSecurityManager - No identity (PrincipalCollection) found in the context. Looking for a remembered identity.
TRACE - SimpleCookie - No value found in request Cookies under cookie name [rememberMe]
TRACE - DefaultSecurityManager - No remembered identity found. Returning original context.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - AbstractShiroFilter - No FilterChain configured for the current request. Using the default.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = true; session has id = false
TRACE - DelegatingSubject - attempting to get session; create = true; session is null = true; session has id = false
TRACE - DelegatingSubject - Starting session for host 127.0.0.1
TRACE - DefaultSessionManager - Creating session for host 127.0.0.1
DEBUG - DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null]
TRACE - SimpleCookie - calculated path: /
DEBUG - SimpleCookie - Added HttpServletResponse Cookie [JSESSIONID=443ad273-79f9-402b-8fd4-990dc0af913b; Path=/; HttpOnly]
TRACE - DefaultWebSessionManager - Set session ID cookie for session with id 443ad273-79f9-402b-8fd4-990dc0af913b
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - OncePerRequestFilter - Filter 'null' not yet executed. Executing now.
TRACE - DefaultSecurityManager - Context already contains a SecurityManager instance. Returning.
DEBUG - SimpleCookie - Found string value [5173e73d-32e0-4eb6-a573-574a3bcc6c59] from Cookie [JSESSIONID]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - DefaultSecurityManager - No identity (PrincipalCollection) found in the context. Looking for a remembered identity.
TRACE - SimpleCookie - No value found in request Cookies under cookie name [rememberMe]
TRACE - DefaultSecurityManager - No remembered identity found. Returning original context.
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - AbstractShiroFilter - No FilterChain configured for the current request. Using the default.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [5173e73d-32e0-4eb6-a573-574a3bcc6c59]
TRACE - OncePerRequestFilter - Filter 'null' not yet executed. Executing now.
TRACE - DefaultSecurityManager - Context already contains a SecurityManager instance. Returning.
DEBUG - SimpleCookie - Found string value [443ad273-79f9-402b-8fd4-990dc0af913b] from Cookie [JSESSIONID]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - DefaultSecurityManager - No identity (PrincipalCollection) found in the context. Looking for a remembered identity.
TRACE - SimpleCookie - No value found in request Cookies under cookie name [rememberMe]
TRACE - DefaultSecurityManager - No remembered identity found. Returning original context.
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - AbstractShiroFilter - No FilterChain configured for the current request. Using the default.
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - DelegatingSubject - attempting to get session; create = false; session is null = false; session has id = true
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
TRACE - ctValidatingSessionManager - Attempting to retrieve session with id [443ad273-79f9-402b-8fd4-990dc0af913b]
Are these related to this issue, or is it something else?
> The request/response pair should be available at all times to web-related components
> ------------------------------------------------------------------------------------
>
> Key: SHIRO-164
> URL: https://issues.apache.org/jira/browse/SHIRO-164
> Project: Shiro
> Issue Type: Bug
> Components: Session Management
> Reporter: Tauren Mills
>
> According to Les, for web-initiated interaction, you should not be seeing these messages:
> DEBUG - DefaultWebSessionManager - No request or response bound to
> the thread. Session ID cookie cannot be removed. This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager - Request or response object is not
> bound to the thread. Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by "Les Hazlewood (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868967#action_12868967 ]
Les Hazlewood commented on SHIRO-164:
-------------------------------------
Ok, one more request - I've committed the changes from the branch back in to trunk. All tests pass.
Please run a fresh build from trunk and test against your apps. I'll resolve this when I get ok from both Ryan and Tauren.
> The request/response pair should be available at all times to web-related components
> ------------------------------------------------------------------------------------
>
> Key: SHIRO-164
> URL: https://issues.apache.org/jira/browse/SHIRO-164
> Project: Shiro
> Issue Type: Bug
> Components: Session Management
> Reporter: Tauren Mills
>
> According to Les, for web-initiated interaction, you should not be seeing these messages:
> DEBUG - DefaultWebSessionManager - No request or response bound to
> the thread. Session ID cookie cannot be removed. This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager - Request or response object is not
> bound to the thread. Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by "Les Hazlewood (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868736#action_12868736 ]
Les Hazlewood commented on SHIRO-164:
-------------------------------------
Hi Guys,
This is great feedback - thanks! Log messages and stack traces are definitely better than none - don't apologize for that :)
The solution in place has one issue that does not clean up session id cookies properly after invalidation. I'll fix that now and then we should be done.
Thanks again,
Les
> The request/response pair should be available at all times to web-related components
> ------------------------------------------------------------------------------------
>
> Key: SHIRO-164
> URL: https://issues.apache.org/jira/browse/SHIRO-164
> Project: Shiro
> Issue Type: Bug
> Components: Session Management
> Reporter: Tauren Mills
>
> According to Les, for web-initiated interaction, you should not be seeing these messages:
> DEBUG - DefaultWebSessionManager - No request or response bound to
> the thread. Session ID cookie cannot be removed. This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager - Request or response object is not
> bound to the thread. Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHIRO-164) The request/response pair should be
available at all times to web-related components
Posted by "Ryan McKinley (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868700#action_12868700 ]
Ryan McKinley commented on SHIRO-164:
-------------------------------------
Just checked out:
https://svn.apache.org/repos/asf/incubator/shiro/branches/session_manager_API_change
ran: mvn clean install
and then tested with my app....
I have not seen the error after messing around for a few mins. Previously it would pop up pretty quickly.
Thanks
Ryan
> The request/response pair should be available at all times to web-related components
> ------------------------------------------------------------------------------------
>
> Key: SHIRO-164
> URL: https://issues.apache.org/jira/browse/SHIRO-164
> Project: Shiro
> Issue Type: Bug
> Components: Session Management
> Reporter: Tauren Mills
>
> According to Les, for web-initiated interaction, you should not be seeing these messages:
> DEBUG - DefaultWebSessionManager - No request or response bound to
> the thread. Session ID cookie cannot be removed. This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager - Request or response object is not
> bound to the thread. Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.