You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Brian Demers (JIRA)" <ji...@apache.org> on 2017/02/20 15:28:44 UTC
[jira] [Commented] (SHIRO-614) UnknownSessionException when shiro
is again trying to access the deleted session.
[ https://issues.apache.org/jira/browse/SHIRO-614?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15874696#comment-15874696 ]
Brian Demers commented on SHIRO-614:
------------------------------------
[~nishok.j] Try the latest 1.3 version, if I recall correctly this was already fixed.
> UnknownSessionException when shiro is again trying to access the deleted session.
> ---------------------------------------------------------------------------------
>
> Key: SHIRO-614
> URL: https://issues.apache.org/jira/browse/SHIRO-614
> Project: Shiro
> Issue Type: Bug
> Components: Authentication (log-in), Configuration, Session Management, Subject
> Affects Versions: 1.2.4
> Environment: Linux, Multiple instance environment
> Reporter: Nishok
>
> Multiple sessions are created when secureCookie = true and eventually deleted, getting UnknownSessionException when shiro is again trying to access the deleted session.
> 15:59:33,787 DEBUG [Thread-7] AbstractValidatingSessionManager:290 - Invalidated session with id [edd4b1fa-9b36-492a-a22a-b9f677487e0b] (expired)
> 15:59:33,787 DEBUG [Thread-5] DefaultSecurityManager:447 - Resolved SubjectContext context session is invalid. Ignoring and creating an anonymous (session-less) Subject instance.
> org.apache.shiro.session.UnknownSessionException: There is no session with id [edd4b1fa-9b36-492a-a22a-b9f677487e0b]
> at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
> at org.apache.shiro.session.mgt.eis.CachingSessionDAO.readSession(CachingSessionDAO.java:261)
> at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
> at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
> at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118)
> at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:108)
> at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getSession(AbstractNativeSessionManager.java:100)
> at org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
> at org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
> at org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
> at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
> at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)