You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Kalle Korhonen (JIRA)" <ji...@apache.org> on 2010/05/17 10:31:46 UTC

[jira] Reopened: (SHIRO-161) No SecurityManager accessible to the calling code

     [ https://issues.apache.org/jira/browse/SHIRO-161?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kalle Korhonen reopened SHIRO-161:
----------------------------------


Reopening - this is definitely a critical issue in Shiro. I tracked down the cause but getting a bit late here, a comprehensive fix will have to wait for tomorrow. Thanks to Robert for providing the excellent test app.

> No SecurityManager accessible to the calling code
> -------------------------------------------------
>
>                 Key: SHIRO-161
>                 URL: https://issues.apache.org/jira/browse/SHIRO-161
>             Project: Shiro
>          Issue Type: Bug
>          Components: Web
>    Affects Versions: 1.0.0
>         Environment: Linux, Tomcat 6, Jetty 6
>            Reporter: Robert Hannebauer
>            Assignee: Kalle Korhonen
>            Priority: Critical
>             Fix For: 1.0.0
>
>         Attachments: Test-eclipse.zip, Test.war
>
>
> The security context is not bound to the thread context. 
> The application uses an ajax periodical updater to often refresh some zones. But the user is enabled to interact with the application, so it happens, that two simultaneous requests arrives at the application server. This often produces
> ERROR 2010-05-15 23:33:08,030 (SecurityModule.java:253) - Error handling SecurityException
> org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
> 	at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:124)
> 	at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:616)
> 	at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:57)
> 	at org.tynamo.security.services.impl.SecurityServiceImpl.getSubject(SecurityServiceImpl.java:37)
> 	at org.tynamo.security.services.impl.SecurityServiceImpl.isAuthenticated(SecurityServiceImpl.java:42)
> 	at $SecurityService_1289de25571.isAuthenticated($SecurityService_1289de25571.java)
> 	at org.tynamo.security.ShiroExceptionHandler.handle(ShiroExceptionHandler.java:74)
> 	at org.tynamo.security.services.SecurityModule$3.advise(SecurityModule.java:250)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.