You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Jason Shim <aq...@gmail.com> on 2011/08/26 10:24:25 UTC
Session Validation not work.
(sorry my poor english)
I configure : Shiro(*DefaultWebSessionManager,
ExecutorServiceSessionValidationScheduler) + Spring Integration + Servlet
*
But doesn't execute
sessionManager.validateSessions(); or SessionListener.onExpiration(..);
In Log4J debug mode, logs are ...
*....*
* .... some client connect*
2011-08-26 16:52:00 DEBUG ExecutorServiceSessionValidationScheduler.?(?) |
Executing session validation...
*.... no more log*
And see call hierarchy in the source...
ExecutorServiceSessionValidationScheduler.run() line 99 : print "Executing
session validation..."
AbstractValidatingSessionManager.validateSessions() line 265 : print
"Validating all active sessions..."
but doesn't print "Validating all active sessions..."
Also from SessionListener point of view, i write code
log.debug($methodname) in each method
2011-08-26 16:47:01 DEBUG P2PSessionListenerAdapter.?(?) | onStart
*... no more log (not print onExpiration)*
*... but same client reconnect at some time later( >= **
globalSessionTimeout)
** *
2011-08-26 18:09:52 DEBUG P2PSessionListenerAdapter.?(?) | onExpiration
Did i some configuration missing or wrong?
below my spring+shiro configuration(no ssl). Please help me. thanks.
<!-- =========================================================
Shiro Core Components - Not Spring Specific
========================================================= -->
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="cacheManager" ref="cacheManager"/>
<property name="sessionMode" value="native"/>
<property name="sessionManager" ref="sessionManager"/>
<property name="realm" ref="jdbcRealm"/>
</bean>
<bean id="sessionManager"
class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO">
<bean
class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/>
</property>
<property name="sessionValidationScheduler">
<bean
class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
<property name="interval" value="300000"/>
</bean>
</property>
<property name="globalSessionTimeout" value="180000"/>
<property name="sessionListeners">
<list>
<ref local="p2pSessionListener"/>
</list>
</property>
<property name="sessionValidationSchedulerEnabled" value="true"/>
<property name="deleteInvalidSessions" value="true"/>
</bean>
<bean id="p2pSessionListener"
class="com.acme.session.P2PSessionListenerAdapter"/>
<bean id="cacheManager"
class="org.apache.shiro.cache.ehcache.EhCacheManager">
</bean>
<bean id="jdbcRealm" class="org.apache.shiro.realm.jdbc.JdbcRealm">
<property name="name" value="jdbcRealm"/>
<property name="dataSource" ref="dataSource"/>
<!-- Omit -->
</bean>
<!-- =========================================================
Shiro Spring-specific integration
========================================================= -->
<bean id="lifecycleBeanPostProcessor"
class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<bean
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor"/>
<bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="unauthorizedUrl" value="/unauthorized.html"/>
<property name="filterChainDefinitions">
<value>
<!-- Omit -->
</value>
</property>
</bean>
Re: Session Validation not work.
Posted by Jason Shim <aq...@gmail.com>.
I found a problem (missing configuration or mutual dependency).
Fixed configuration is
...<!-- omit -->
<bean id="sessionManager"
class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO">
<bean
class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/>
</property>
<property name="sessionValidationScheduler"
ref="sessionValidationScheduler"/>
<property name="globalSessionTimeout" value="300000"/>
<property name="sessionListeners">
<list>
<ref local="p2pSessionListener"/>
</list>
</property>
</bean>
<bean id="sessionValidationScheduler"
class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
* <property name="sessionManager" ref="sessionManager"/>*
<property name="interval" value="60000"/>
</bean>
.... <!-- omit -->
But shiro has some strange things.
I write another thread that things.
Thanks.
On Fri, Aug 26, 2011 at 5:24 PM, Jason Shim <aq...@gmail.com> wrote:
> (sorry my poor english)
> I configure : Shiro(*DefaultWebSessionManager,
> ExecutorServiceSessionValidationScheduler) + Spring Integration + Servlet
> *
>
> But doesn't execute
> sessionManager.validateSessions(); or SessionListener.onExpiration(..);
>
> In Log4J debug mode, logs are ...
> *....*
> * .... some client connect*
> 2011-08-26 16:52:00 DEBUG ExecutorServiceSessionValidationScheduler.?(?)
> | Executing session validation...
> *.... no more log*
>
> And see call hierarchy in the source...
> ExecutorServiceSessionValidationScheduler.run() line 99 : print "Executing
> session validation..."
> AbstractValidatingSessionManager.validateSessions() line 265 : print
> "Validating all active sessions..."
> but doesn't print "Validating all active sessions..."
>
> Also from SessionListener point of view, i write code
> log.debug($methodname) in each method
>
> 2011-08-26 16:47:01 DEBUG P2PSessionListenerAdapter.?(?) | onStart
> *... no more log (not print onExpiration)*
> *... but same client reconnect at some time later( >= **
>
> globalSessionTimeout)
> ** *
> 2011-08-26 18:09:52 DEBUG P2PSessionListenerAdapter.?(?) | onExpiration
>
> Did i some configuration missing or wrong?
> below my spring+shiro configuration(no ssl). Please help me. thanks.
>
> <!-- =========================================================
> Shiro Core Components - Not Spring Specific
> ========================================================= -->
> <bean id="securityManager"
> class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
> <property name="cacheManager" ref="cacheManager"/>
> <property name="sessionMode" value="native"/>
> <property name="sessionManager" ref="sessionManager"/>
> <property name="realm" ref="jdbcRealm"/>
> </bean>
>
> <bean id="sessionManager"
> class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
> <property name="sessionDAO">
> <bean
> class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/>
> </property>
> <property name="sessionValidationScheduler">
> <bean
> class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
> <property name="interval" value="300000"/>
> </bean>
> </property>
> <property name="globalSessionTimeout" value="180000"/>
> <property name="sessionListeners">
> <list>
> <ref local="p2pSessionListener"/>
> </list>
> </property>
>
> <property name="sessionValidationSchedulerEnabled" value="true"/>
> <property name="deleteInvalidSessions" value="true"/>
>
> </bean>
>
> <bean id="p2pSessionListener"
> class="com.acme.session.P2PSessionListenerAdapter"/>
>
> <bean id="cacheManager"
> class="org.apache.shiro.cache.ehcache.EhCacheManager">
> </bean>
>
> <bean id="jdbcRealm" class="org.apache.shiro.realm.jdbc.JdbcRealm">
> <property name="name" value="jdbcRealm"/>
> <property name="dataSource" ref="dataSource"/>
> <!-- Omit -->
> </bean>
>
>
> <!-- =========================================================
> Shiro Spring-specific integration
> ========================================================= -->
>
> <bean id="lifecycleBeanPostProcessor"
> class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
>
> <bean
> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
> depends-on="lifecycleBeanPostProcessor"/>
> <bean
> class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
> <property name="securityManager" ref="securityManager"/>
> </bean>
>
> <bean id="shiroFilter"
> class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
> <property name="securityManager" ref="securityManager"/>
> <property name="unauthorizedUrl" value="/unauthorized.html"/>
> <property name="filterChainDefinitions">
> <value>
> <!-- Omit -->
> </value>
> </property>
> </bean>
>
>