You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Nishok (JIRA)" <ji...@apache.org> on 2017/02/20 11:05:45 UTC

[jira] [Created] (SHIRO-614) UnknownSessionException when shiro is again trying to access the deleted session.

Nishok created SHIRO-614:
----------------------------

             Summary: UnknownSessionException when shiro is again trying to access the deleted session.
                 Key: SHIRO-614
                 URL: https://issues.apache.org/jira/browse/SHIRO-614
             Project: Shiro
          Issue Type: Bug
          Components: Authentication (log-in), Configuration, Session Management, Subject
    Affects Versions: 1.2.4
         Environment: Linux, Multiple instance environment
            Reporter: Nishok


Multiple sessions are created when secureCookie = true and eventually deleted, getting UnknownSessionException when shiro is again trying to access the deleted session.

15:59:33,787 DEBUG [Thread-7] AbstractValidatingSessionManager:290 - Invalidated session with id [edd4b1fa-9b36-492a-a22a-b9f677487e0b] (expired)
15:59:33,787 DEBUG [Thread-5] DefaultSecurityManager:447 - Resolved SubjectContext context session is invalid.  Ignoring and creating an anonymous (session-less) Subject instance.
org.apache.shiro.session.UnknownSessionException: There is no session with id [edd4b1fa-9b36-492a-a22a-b9f677487e0b]
	at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
	at org.apache.shiro.session.mgt.eis.CachingSessionDAO.readSession(CachingSessionDAO.java:261)
	at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
	at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
	at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118)
	at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:108)
	at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getSession(AbstractNativeSessionManager.java:100)
	at org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:125)
	at org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
	at org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
	at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
	at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)