You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Brian Demers (JIRA)" <ji...@apache.org> on 2017/02/20 15:28:44 UTC

[jira] [Commented] (SHIRO-614) UnknownSessionException when shiro is again trying to access the deleted session.

    [ https://issues.apache.org/jira/browse/SHIRO-614?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15874696#comment-15874696 ] 

Brian Demers commented on SHIRO-614:
------------------------------------

[~nishok.j] Try the latest 1.3 version, if I recall correctly this was already fixed.

> UnknownSessionException when shiro is again trying to access the deleted session.
> ---------------------------------------------------------------------------------
>
>                 Key: SHIRO-614
>                 URL: https://issues.apache.org/jira/browse/SHIRO-614
>             Project: Shiro
>          Issue Type: Bug
>          Components: Authentication (log-in), Configuration, Session Management, Subject
>    Affects Versions: 1.2.4
>         Environment: Linux, Multiple instance environment
>            Reporter: Nishok
>
> Multiple sessions are created when secureCookie = true and eventually deleted, getting UnknownSessionException when shiro is again trying to access the deleted session.
> 15:59:33,787 DEBUG [Thread-7] AbstractValidatingSessionManager:290 - Invalidated session with id [edd4b1fa-9b36-492a-a22a-b9f677487e0b] (expired)
> 15:59:33,787 DEBUG [Thread-5] DefaultSecurityManager:447 - Resolved SubjectContext context session is invalid.  Ignoring and creating an anonymous (session-less) Subject instance.
> org.apache.shiro.session.UnknownSessionException: There is no session with id [edd4b1fa-9b36-492a-a22a-b9f677487e0b]
> 	at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
> 	at org.apache.shiro.session.mgt.eis.CachingSessionDAO.readSession(CachingSessionDAO.java:261)
> 	at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
> 	at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
> 	at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118)
> 	at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:108)
> 	at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getSession(AbstractNativeSessionManager.java:100)
> 	at org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
> 	at org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
> 	at org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
> 	at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
> 	at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)