Hrm - that would be very odd if the DefaultWebSecurityManager was not the instance - that is what the ShiroFilter enables at startup by default. Just in case, try this as your very first config line:
securityManager = org.apache.shiro.web.DefaultWebSecurityManager What does your debugger say is the securityManager instance? Something is very strange... Thanks for the extra info. Are there any JUnit tests you might be able to send our way? - Les On Wed, Aug 19, 2009 at 1:56 PM, Andy Tripp<[email protected]> wrote: > Les, > I put tracing code in DefaultWebSecurityManager.setSessionMode(), and it > appears that this method is not getting called. So the > ServletContainerSessionManager is not getting replace by a > DefaultWebSessionManager. So it appears that this line in the filter config: > > securityManager.sessionMode = native > > is having no effect (note that it's securityManager, not sessionManager as > you suggest in the previous response). > > I'll keep trying to track it down further, any pointers would be appreciated. > I'm off to try to find the some SecurityManager instance, which I suspect is > something other than a DefaultWebSecurityManager, which would mean that this > config line is failing silently. > > Obviously, all this dependency injection via XML is driving me completely > crazy. I may be allergic to server-side Java :) > > Andy > >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] On >> Behalf Of Les Hazlewood >> Sent: Wednesday, August 19, 2009 12:46 PM >> To: [email protected] >> Subject: Re: need more help with SSO >> >> Hi Andy, >> >> A quick note about the message: that was a bug in the exception >> message, but the code is working as expected: if the wrapped >> SessionManager does not implement the SessionDAOAware interface, it >> cannot be injected with a SessionDAO. I have since fixed the message >> to be correct and committed this change, although the code logic has >> not been changed. >> >> Also, make sure that you do this: >> >> sessionManager.sessionMode = native >> >> before you try to inject the SessionDAO. The above call will >> automatically substitute the ServletContainerSessionManager for a >> DefaultWebSessionManager implementation on the fly. This latter >> implementation does in fact implement SessionDAOAware and should >> readily accept SessionDAO instances that are passed through the >> securityManager.setSessionDAO(...) call. >> >> In the meantime, I'll try to create a unit test with the ShiroFilter >> to see I can accurately recreate your issue, but I've been strapped >> for time lately - if you could create one (if possible) and post it to >> a Jira issue, that would help a lot. >> >> Regards, >> >> Les >> >> On Tue, Aug 18, 2009 at 11:34 AM, Les Hazlewood<[email protected]> >> wrote: >> > Hi Andy, >> > >> > Thanks very much for sending this along - it is very helpful. I'll be >> > able to look into this a bit more later tonight. >> > >> > Regards, >> > >> > Les >> > >> > On Tue, Aug 18, 2009 at 11:21 AM, Andy Tripp<[email protected]> >> wrote: >> >> Les, >> >> I tracked this problem down through a maze of try/catch blocks, I see >> this exception: >> >> >> >> javax.servlet.ServletException: Unable to load from text configuration. >> e2=org.apache.shiro.config.ConfigurationException: >> org.apache.shiro.config.ConfigurationException: Unable to set property >> [sessionDAO] with value [$sessionDAO]. If '$sessionDAO' is a reference to >> another (previously defined) object, please prefix it with '$' to indicate >> that the referenced object should be used as the actual value. For >> example, $$sessionDAO >> >> >> >> ...which I tracked down to the ReflectionBuilder.applyProperty() method >> calling BeanUtils.setProperty() and catching an InvocationException. The >> cause of that exception is: >> >> >> >> java.lang.IllegalArgumentException: The underlying session manager is >> null or does not implement the org.apache.shiro.session.mgt.eis.SessionDAO >> >> interface, which is required if the underlying instance is to receive >> the sessionDAO argument. >> >> >> >> >> >> ...which comes from SessionsSecurityManager.setSessionDAO(), which >> checks >> >> to see that the SessionDAO parameter implements SessionDAOAware. The >> passed value is actually of class ServletContainerSessionManager, which >> does NOT >> >> implement SessionDAOAware. >> >> >> >> So I guess the mystery is why we're getting setSessionDAO() being >> passed a ServletContainerSessionManager, when in fact we have this config >> line: >> >> >> >> sessionDAO = org.apache.shiro.session.mgt.eis.MemorySessionDAO >> >> >> >> Hope this helps, >> >> Andy >> >> >> >> >> >> >> >> >> >>> -----Original Message----- >> >>> From: Andy Tripp [mailto:[email protected]] >> >>> Sent: Tuesday, August 18, 2009 10:04 AM >> >>> To: [email protected] >> >>> Subject: RE: need more help with SSO >> >>> >> >>> Les, >> >>> >> >>> I tried what you have below and still get the same "Unable to load >> from >> >>> text configuration" error. I tried it with the latest Shiro. I >> narrowed >> >>> the problem down to this line: >> >>> >> >>> securityManager.sessionDAO = $sessionDAO >> >>> >> >>> I get no errors with that line commented out. >> >>> >> >>> Any ideas? If not, I could put some tracing in the >> OncePerRequestFilter >> >>> class to narrow the problem down further. >> >>> >> >>> Andy >> >>> >> >>> > -----Original Message----- >> >>> > From: [email protected] [mailto:[email protected]] >> On >> >>> > Behalf Of Les Hazlewood >> >>> > Sent: Monday, August 17, 2009 5:11 PM >> >>> > To: [email protected] >> >>> > Subject: Re: need more help with SSO >> >>> > >> >>> > Hi Andy, >> >>> > >> >>> > I just verified that this simple test config works, although not in >> a >> >>> > web environment: >> >>> > >> >>> > ---- >> >>> > realmA = org.apache.shiro.realm.text.PropertiesRealm >> >>> > >> >>> > securityManager.sessionMode = native >> >>> > >> >>> > cacheManager = org.apache.shiro.cache.DefaultCacheManager >> >>> > >> >>> > sessionDAO = org.apache.shiro.session.mgt.eis.MemorySessionDAO >> >>> > sessionDAO.cacheManager = $cacheManager >> >>> > securityManager.sessionDAO = $sessionDAO >> >>> > securityManager.cacheManager = $cacheManager >> >>> > >> >>> > securityManager.realm = $realmA >> >>> > ---- >> >>> > >> >>> > Could you please try that out and see if it works in your web >> >>> > environment? If so, can you try substituting the >> DefaultCacheManager >> >>> > implementation (and your realm implementation) with with your >> >>> > implementations and see what happens? >> >>> > >> >>> > - Les >> >>> > >> >>> > On Mon, Aug 17, 2009 at 4:27 PM, Andy Tripp<[email protected]> >> >>> > wrote: >> >>> > > Here's the complete tomcat log file: >> >>> > > >> >>> > > Aug 17, 2009 3:40:13 PM org.apache.catalina.core.StandardContext >> >>> > filterStart >> >>> > > SEVERE: Exception starting filter ShiroFilter >> >>> > > javax.servlet.ServletException: Unable to load from text >> >>> configuration. >> >>> > > at >> >>> > >> >>> >> org.apache.shiro.web.servlet.OncePerRequestFilter.init(OncePerRequestFilte >> >>> > r.java:148) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilt >> >>> > erConfig.java:221) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationF >> >>> > ilterConfig.java:302) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterC >> >>> > onfig.java:78) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.core.StandardContext.filterStart(StandardContext.java: >> >>> > 3635) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.core.StandardContext.start(StandardContext.java:4222) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java >> >>> > :760) >> >>> > > at >> >>> > >> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) >> >>> > > at >> >>> > >> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:927 >> >>> > ) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:8 >> >>> > 90) >> >>> > > at >> >>> > >> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492) >> >>> > > at >> >>> > org.apache.catalina.startup.HostConfig.start(HostConfig.java:1150) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) >> >>> > > at >> >>> > >> >>> >> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupp >> >>> > ort.java:120) >> >>> > > at >> >>> > >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) >> >>> > > at >> >>> > org.apache.catalina.core.StandardHost.start(StandardHost.java:736) >> >>> > > at >> >>> > >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) >> >>> > > at >> >>> > >> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) >> >>> > > at >> >>> > >> org.apache.catalina.core.StandardService.start(StandardService.java:448) >> >>> > > at >> >>> > >> org.apache.catalina.core.StandardServer.start(StandardServer.java:700) >> >>> > > at >> >>> org.apache.catalina.startup.Catalina.start(Catalina.java:552) >> >>> > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native >> Method) >> >>> > > at >> >>> > >> >>> >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: >> >>> > 39) >> >>> > > at >> >>> > >> >>> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorIm >> >>> > pl.java:25) >> >>> > > at java.lang.reflect.Method.invoke(Method.java:597) >> >>> > > at >> >>> > org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) >> >>> > > at >> >>> org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) >> >>> > > Aug 17, 2009 3:40:13 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: org.apache.webapp.balancer.BalancerFilter: init(): >> ruleChain: >> >>> > [org.apache.webapp.balancer.RuleChain: >> >>> > [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: >> >>> News >> >>> > / Redirect URL: http://www.cnn.com], >> >>> > [org.apache.webapp.balancer.rules.RequestParameterRule: Target param >> >>> name: >> >>> > paramName / Target param value: paramValue / Redirect URL: >> >>> > http://www.yahoo.com], >> >>> > [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect >> URL: >> >>> > http://jakarta.apache.org]] >> >>> > > Aug 17, 2009 3:40:13 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: ContextListener: contextInitialized() >> >>> > > Aug 17, 2009 3:40:13 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: SessionListener: contextInitialized() >> >>> > > Aug 17, 2009 3:40:13 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: ContextListener: contextInitialized() >> >>> > > Aug 17, 2009 3:40:13 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: SessionListener: contextInitialized() >> >>> > > Aug 17, 2009 4:25:59 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: SessionListener: contextDestroyed() >> >>> > > Aug 17, 2009 4:25:59 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: ContextListener: contextDestroyed() >> >>> > > Aug 17, 2009 4:25:59 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: SessionListener: contextDestroyed() >> >>> > > Aug 17, 2009 4:25:59 PM >> org.apache.catalina.core.ApplicationContext >> >>> log >> >>> > > INFO: ContextListener: contextDestroyed() >> >>> > > >> >>> > >> -----Original Message----- >> >>> > >> From: Les Hazlewood [mailto:[email protected]] >> >>> > >> Sent: Monday, August 17, 2009 4:24 PM >> >>> > >> To: [email protected] >> >>> > >> Subject: Re: need more help with SSO >> >>> > >> >> >>> > >> Hi Andy, >> >>> > >> >> >>> > >> It goes in the main section, definitely. Is there any more to >> the >> >>> > >> exception? I'd like to see the entire stack trace if possible. >> >>> > >> >> >>> > >> - Les >> >>> > >> >> >>> > >> On Mon, Aug 17, 2009 at 3:41 PM, Andy >> Tripp<[email protected]> >> >>> > >> wrote: >> >>> > >> > I created my own Cache and CacheManager: >> >>> > >> > >> >>> > >> > public class VonageDistributedSessionCache implements Cache { >> >>> > >> > public VonageDistributedSessionCache(String name) { >> >>> > >> > System.err.println("VonageDistributedSessionCache >> >>> > >> > constructor."); >> >>> > >> > } >> >>> > >> > ... >> >>> > >> > } >> >>> > >> > >> >>> > >> > public class VonageDistributedSessionCacheManager implements >> >>> > >> > CacheManager { >> >>> > >> > public Cache getCache(String name) throws CacheException { >> >>> > >> > return new VonageDistributedSessionCache(name); >> >>> > >> > } >> >>> > >> > } >> >>> > >> > >> >>> > >> > Then in [main] section of my ShiroFilter in web.xml, I have: >> >>> > >> > [main] >> >>> > >> > realmA = com.vonage.auth.client.VonageAuthenticationRealm >> >>> > >> > >> >>> > >> > securityManager.sessionMode = native >> >>> > >> > >> >>> > >> > And when I add this: >> >>> > >> > # pull in vonage centralized authentication: >> >>> > >> > cacheManager = >> >>> > >> > com.vonage.auth.client.VonageDistributedSessionCacheManager >> >>> > >> > sessionDAO = org.apache.shiro.session.mgt.eis.MemorySessionDAO >> >>> > >> > sessionDAO.cacheManager = $cacheManager >> >>> > >> > securityManager.sessionDAO = $sessionDAO >> >>> > >> > securityManager.cacheManager = $cacheManager >> >>> > >> > >> >>> > >> > ...I get this error: >> >>> > >> > javax.servlet.ServletException: Unable to load from text >> >>> > configuration. >> >>> > >> > >> >>> > >> > So...does this injection go here in the [main] section of >> >>> > ShiroFilter, >> >>> > >> > or somewhere else? >> >>> > >> > >> >>> > >> > Thanks, >> >>> > >> > Andy >> >>> > >> > >> >>> > > >> >> >> > >
