You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@shiro.apache.org by milosm <mi...@oaza.rs> on 2011/04/28 11:17:41 UTC

Re: Forget RememberMe

I came to conclusion that all I need is:

...
Subject currentUser = SecurityUtils.getSubject();
currentUser.logout();
return "redirect:/login.do";

But the thing is that I get:
"org.springframework.web.util.NestedServletException: Request processing
failed; nested exception is java.lang.IllegalStateException:
org.apache.shiro.session.UnknownSessionException: There is no session with
id [429202b5-6405-4d9e-ac0f-7c824c33eaad]"

Here is the trace: 
http://shiro-user.582556.n2.nabble.com/file/n6312554/logout.do.htm
logout.do.htm 

--
View this message in context: http://shiro-user.582556.n2.nabble.com/Forget-RememberMe-tp6305821p6312554.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Forget RememberMe

Posted by milosm <mi...@oaza.rs>.

Hi Les,

I manage to make a workaround. Maybe spring framework is looking something
inside the session after I return "return "redirect:/login.do";", so instead
of that I just put:

response.sendRedirect("./login.do");

Thanks.--
View this message in context: http://shiro-user.582556.n2.nabble.com/Forget-RememberMe-tp6305821p6315904.html
Sent from the Shiro User mailing list archive at Nabble.com.

Re: Forget RememberMe

Posted by Les Hazlewood <lh...@apache.org>.

Hi Milos,

Yes, those 3 lines are all that is usually needed.

However, I can't see how that exception can be thrown - higher in the
call stack, the Shiro Filter will 'touch' the session to ensure its
last access timestamp is updated.  If it was successful in the Filter,
I can't see how the session would be expired only nanoseconds later in
your controller.

Is this easily reproducible?  Can you submit a test case?

Regards,

Les

On Thu, Apr 28, 2011 at 2:17 AM, milosm <mi...@oaza.rs> wrote:
> I came to conclusion that all I need is:
>
> ...
> Subject currentUser = SecurityUtils.getSubject();
> currentUser.logout();
> return "redirect:/login.do";
>
> But the thing is that I get:
> "org.springframework.web.util.NestedServletException: Request processing
> failed; nested exception is java.lang.IllegalStateException:
> org.apache.shiro.session.UnknownSessionException: There is no session with
> id [429202b5-6405-4d9e-ac0f-7c824c33eaad]"
>
> Here is the trace:
> http://shiro-user.582556.n2.nabble.com/file/n6312554/logout.do.htm
> logout.do.htm
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Forget-RememberMe-tp6305821p6312554.html
> Sent from the Shiro User mailing list archive at Nabble.com.