[jira] [Comment Edited] (SHIRO-613) StoppedSessionException: Session with id has been explicitly stopped. No further interaction under this session is allowed.

sreenivas Harshith (JIRA) Tue, 21 Feb 2017 08:08:15 -0800

    [ 
https://issues.apache.org/jira/browse/SHIRO-613?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15876201#comment-15876201
 ]


sreenivas Harshith edited comment on SHIRO-613 at 2/21/17 4:07 PM:
-------------------------------------------------------------------

[~bdemers]

https://shiro.apache.org/subject.html#thread-association 

This doc explains a lot. But for a beginner
 https://shiro.apache.org/tutorial.html#using-shiro   

will have a very hard time trying to figure this Threadlocal Issue. May be it 
will be better to add a note when used with multithreaded servers like Tomcat. 
Also as you said its handled out of the box in servlet environments. Mine was 
almost the same with Jersey jax-rs and Java EE CDI in TomEE Server and I still 
had this issue.


was (Author: sreenivash09):
[~bdemers]

https://shiro.apache.org/subject.html#thread-association 

This doc explains a lot. But for a beginner
 https://shiro.apache.org/tutorial.html#using-shiro   

will have a very hard time trying to figure this Threadlocal Issue. May be it 
will be better to add a note when used with multithreaded servers like Tomcat. 
Also as you said its handled out of the box in servlet environments. Mine was 
almost the same with Jersey jax-rs and Java EE CDI in TomEE Server I still had 
this issue.

> StoppedSessionException: Session with id has been explicitly stopped.  No 
> further interaction under this session is allowed.
> ----------------------------------------------------------------------------------------------------------------------------
>
>                 Key: SHIRO-613
>                 URL: https://issues.apache.org/jira/browse/SHIRO-613
>             Project: Shiro
>          Issue Type: Bug
>          Components: Authentication (log-in), Session Management
>    Affects Versions: 1.3.2
>            Reporter: sreenivas Harshith
>              Labels: Sessiontimeout, StoppedSessionException, login, session
>
> I am using default shiro native session manager and Session DAO backed by Db 
> store for storing sessions. I have set the session timeout to 10 min and I 
> have the same user login multiple times, say 8 times. Once the session is 
> expired I tried to login with same user credentials from a different client 
> and shiro is calling this delete(Session sn) method implemented in my DAO to 
> delete those old sessions that are expired. Once the deletion is completed it 
> throws an exception with the deleted Session id saying 
> org.apache.shiro.session.StoppedSessionException: Session with id 
> [a9dd97a1-90d4-435c-b363-f74052dfa0dc] has been explicitly stopped.  No 
> further interaction under this session is allowed, and  it fails to login the 
> user.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Comment Edited] (SHIRO-613) StoppedSessionException: Session with id has been explicitly stopped. No further interaction under this session is allowed.

Reply via email to