[jira] Commented: (SHIRO-164) The request/response pair should be available at all times to web-related components

Ryan McKinley (JIRA) Mon, 17 May 2010 21:17:09 -0700

    [ 
https://issues.apache.org/jira/browse/SHIRO-164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12868520#action_12868520
 ]


Ryan McKinley commented on SHIRO-164:
-------------------------------------

This problem also surfaces (intermittently) with wicket.  I often see an error 
that looks like:

java.lang.IllegalStateException: No ServletRequest found in ThreadContext. Make 
sure WebUtils.bind() is being called. (typically called by AbstractShiroFilter) 
 This could also happen when running integration tests that don't properly call 
WebUtils.bind().
        at 
org.apache.shiro.web.WebUtils.getRequiredServletRequest(WebUtils.java:472)
        at 
org.apache.shiro.web.session.ServletContainerSessionManager.doGetSession(ServletContainerSessionManager.java:68)
        at 
org.apache.shiro.session.mgt.AbstractSessionManager.getSession(AbstractSessionManager.java:246)
        at 
org.apache.shiro.session.mgt.AbstractSessionManager.getAttribute(AbstractSessionManager.java:220)
        at 
org.apache.shiro.mgt.SessionsSecurityManager.getAttribute(SessionsSecurityManager.java:173)
        at 
org.apache.shiro.session.mgt.DelegatingSession.getAttribute(DelegatingSession.java:188)
        at 
org.apache.shiro.subject.support.DefaultSubjectContext.resolveAuthenticated(DefaultSubjectContext.java:241)
        at 
org.apache.shiro.web.mgt.DefaultWebSubjectFactory.createSubject(DefaultWebSubjectFactory.java:57)
        at 
org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:340)
        at 
org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:819)
        at 
org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:101)
        at 
org.apache.shiro.web.servlet.AbstractShiroFilter.bind(AbstractShiroFilter.java:215)
        at 
org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:307)
        at 
org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:83)
        at 
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1190)

> The request/response pair should be available at all times to web-related 
> components
> ------------------------------------------------------------------------------------
>
>                 Key: SHIRO-164
>                 URL: https://issues.apache.org/jira/browse/SHIRO-164
>             Project: Shiro
>          Issue Type: Bug
>          Components: Session Management
>            Reporter: Tauren Mills
>
> According to Les, for web-initiated interaction, you should not be seeing 
> these messages:
> DEBUG - DefaultWebSessionManager   - No request or response bound to
> the thread.  Session ID cookie cannot be removed.  This could occur in
> a web application that also services non web clients (e.g. RMI
> remoting).
> DEBUG - DefaultWebSessionManager   - Request or response object is not
> bound to the thread.  Assuming this session start activity is due to a
> non web request (possible in a web application that also services non
> web clients.
> Full thread available here, with logs:
> http://shiro-user.582556.n2.nabble.com/Intermittent-problems-with-SecurityUtils-getSubject-getPrincipal-td5067869.html#a5068081

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (SHIRO-164) The request/response pair should be available at all times to web-related components

Reply via email to