You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shiro.apache.org by "Francois Papon (Jira)" <ji...@apache.org> on 2022/01/15 20:57:00 UTC
[jira] [Resolved] (SHIRO-841) NullPointerException from SessionsSecurityManager.start()
[ https://issues.apache.org/jira/browse/SHIRO-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Francois Papon resolved SHIRO-841.
----------------------------------
Resolution: Resolved
> NullPointerException from SessionsSecurityManager.start()
> ---------------------------------------------------------
>
> Key: SHIRO-841
> URL: https://issues.apache.org/jira/browse/SHIRO-841
> Project: Shiro
> Issue Type: Task
> Reporter: Attila Magyar
> Priority: Minor
> Fix For: 2.0.0, 1.9.0
>
> Time Spent: 1.5h
> Remaining Estimate: 0h
>
> We see this NPE intermittently from KNOX when a topology is being redeployed and a request is still being processed in Shiro's AuthenticatingFilter.
> In DelegatingSubject.java:
> {code:java}
> log.trace("Starting session for host {}", getHost());
> SessionContext sessionContext = createSessionContext();
> // At this point the topology deploy already triggered a securityManager.destroy() so sessionManager is null
> Session session = this.securityManager.start(sessionContext);
> this.session = decorate(session); {code}
> This is not a critical problem since the request will fail no matter what, but NPE suggests a programming error instead of a normal operation.
> I suggest putting a null check in securityManager.start() and throw an IllegalStateException("Session already destroyed") or something similar.
>
> See https://issues.apache.org/jira/browse/KNOX-2297 for more context.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@shiro.apache.org
For additional commands, e-mail: issues-help@shiro.apache.org