[jira] [Assigned] (SHIRO-350) Creating a subject should not create a session

Les Hazlewood (JIRA) Sat, 21 Jul 2012 18:10:38 -0700

     [ 
https://issues.apache.org/jira/browse/SHIRO-350?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Les Hazlewood reassigned SHIRO-350:
-----------------------------------

    Assignee: Les Hazlewood
    
> Creating a subject should not create a session
> ----------------------------------------------
>
>                 Key: SHIRO-350
>                 URL: https://issues.apache.org/jira/browse/SHIRO-350
>             Project: Shiro
>          Issue Type: Bug
>    Affects Versions: 1.2.0
>            Reporter: Dan Finkelstein
>            Assignee: Les Hazlewood
>             Fix For: 1.2.1, 1.3.0
>
>
> When the following method is called:
> public Subject getSubjectByLogin(final String login) {
>                 PrincipalCollection principals = new 
> SimplePrincipalCollection(login, REALM_NAME);
>                 return new 
> Subject.Builder().principals(principals).buildSubject();
>         } 
> it throws an exception on buildSubject():
> Caused by: java.lang.IllegalArgumentException: SessionContext must be an HTTP 
> compatible implementation.
>         at 
> org.apache.shiro.web.session.mgt.ServletContainerSessionManager.createSession(ServletContainerSessionManager.java:103)
>         at 
> org.apache.shiro.web.session.mgt.ServletContainerSessionManager.start(ServletContainerSessionManager.java:64)
>         at 
> org.apache.shiro.mgt.SessionsSecurityManager.start(SessionsSecurityManager.java:121)
>         at 
> org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:336)
>         at 
> org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:314)
>         at 
> org.apache.shiro.mgt.DefaultSubjectDAO.mergePrincipals(DefaultSubjectDAO.java:182)
>         at 
> org.apache.shiro.mgt.DefaultSubjectDAO.saveToSession(DefaultSubjectDAO.java:163)
>         at 
> org.apache.shiro.mgt.DefaultSubjectDAO.save(DefaultSubjectDAO.java:144)
>         at 
> org.apache.shiro.mgt.DefaultSecurityManager.save(DefaultSecurityManager.java:383)
>         at 
> org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:350)
>         at 
> org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) 
> It tries to create a session but really should not.
> Please see forum 
> http://shiro-user.582556.n2.nabble.com/Subject-being-changed-td7370203.html 
> for more details
> In our app, in our backoffice area, we display lists of users and their 
> roles, and this functionality is used in this way.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Assigned] (SHIRO-350) Creating a subject should not create a session

Reply via email to