I created a Jira issue: https://issues.apache.org/jira/browse/SHIRO-95
I'll try this workaround now. Thanks, Les! Andy > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Les Hazlewood > Sent: Wednesday, September 02, 2009 3:03 PM > To: [email protected] > Subject: Re: need help plugging in my own session cache > > This is an order of operations bug. Please open a Jira issue so we > can fix it. > > In the mean time, setting the sessionDAO on the securityManager > _before_ setting the cache manager should do the trick. > > Here is a configuration that is working for me: > > <filter> > <filter-name>ShiroFilter</filter-name> > <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter- > class> > <init-param> > <param-name>config</param-name> > <param-value> > [main] > > securityManager.sessionMode = native > > sessionDAO = > org.apache.shiro.session.mgt.eis.MemorySessionDAO > securityManager.sessionDAO = $sessionDAO > > cacheManager = TestCacheManager > securityManager.cacheManager = $cacheManager > > demoRealm = org.apache.shiro.realm.text.PropertiesRealm > securityManager.realm = $demoRealm > > # add [filters] and [urls] sections here as necessary > > </param-value> > </init-param> > </filter> > > On Wed, Sep 2, 2009 at 1:16 PM, Les Hazlewood<[email protected]> > wrote: > > Hi Andy, > > > > There is definitely a bug in the configuration stuff - I'm looking in > > to it to find out what may be wrong. I'll keep you posted. > > > > - Les > > > > On Tue, Sep 1, 2009 at 2:39 PM, Les Hazlewood<[email protected]> > wrote: > >> Hi Andy, > >> > >> I'll have to give this a look sometime later tonight or tomorrow when > >> I have time - I'm kinda slammed today. But don't worry - we'll get it > >> working! > >> > >> Best, > >> > >> Les > >> > >> On Tue, Sep 1, 2009 at 11:58 AM, Andy Tripp<[email protected]> > wrote: > >>> I made some progress on this issue. > >>> > >>> > >>> > >>> I added tracing to AuthorizingRealm.setAuthorizationCache(). I see > that it's > >>> first being correctly called to set the cache to my "custom" > >>> VonageDistributedSessionCache that I specified in my ShiroFilter. But > then, > >>> I see that it's being called a second time, and getting *reset* to > some > >>> instance of SoftHashMapCache. > >>> > >>> > >>> > >>> The stack trace of that 2nd call is below. So the issue is "where in > that > >>> stack trace is some code having the audacity to do something that > results in > >>> a call to AuthorizingRealm.setAuthorizationCache(), which replaces the > >>> user-specified cache with the default of a SoftHashMapCache? > >>> > >>> > >>> > >>> My (uneducated) guess is that the culprit is the > createSecurityManager() > >>> call in IniConfiguration.processIni(). Why would we want to create a > >>> security manager when in the middle of processing configuration data? > >>> > >>> > >>> > >>> In any case, I think the use case is simple: trying to specify your > own > >>> CacheManager doesn't work. Here's my ShiroFilter: > >>> > >>> # pull in vonage centralized authentication: > >>> > >>> realmA = com.vonage.auth.VonageAuthenticationRealm > >>> > >>> securityManager = > >>> org.apache.shiro.web.DefaultWebSecurityManager > >>> > >>> sessionManager = > >>> org.apache.shiro.web.session.DefaultWebSessionManager > >>> > >>> securityManager.sessionManager = $sessionManager > >>> > >>> securityManager.sessionMode = native > >>> > >>> #cacheManager = > org.apache.shiro.cache.DefaultCacheManager > >>> > >>> > >>> > >>> cacheManager = > >>> com.vonage.auth.VonageDistributedSessionCacheManager > >>> > >>> securityManager.cacheManager = $cacheManager > >>> > >>> > >>> > >>> sessionDAO = > >>> org.apache.shiro.session.mgt.eis.MemorySessionDAO > >>> > >>> #sessionDAO.cacheManager = $cacheManager > >>> > >>> securityManager.sessionDAO = $sessionDAO > >>> > >>> securityManager.realm = $realmA > >>> > >>> > >>> > >>> And here's the stack trace I talked about: > >>> > >>> > >>> > >>> > >>> > >>> java.lang.Exception: Stack trace > >>> > >>> at java.lang.Thread.dumpStack(Thread.java:1206) > >>> > >>> at > >>> > org.apache.shiro.realm.AuthorizingRealm.setAuthorizationCache(AuthorizingR > ealm.java:109) > >>> > >>> at > >>> > org.apache.shiro.realm.AuthorizingRealm.initAuthorizationCache(Authorizing > Realm.java:199) > >>> > >>> at > >>> > org.apache.shiro.realm.AuthorizingRealm.afterCacheManagerSet(AuthorizingRe > alm.java:166) > >>> > >>> at > >>> > org.apache.shiro.realm.CachingRealm.setCacheManager(CachingRealm.java:73) > >>> > >>> at > >>> > org.apache.shiro.mgt.RealmSecurityManager.applyCacheManagerToRealms(RealmS > ecurityManager.java:116) > >>> > >>> at > >>> > org.apache.shiro.mgt.RealmSecurityManager.afterRealmsSet(RealmSecurityMana > ger.java:86) > >>> > >>> at > >>> > org.apache.shiro.mgt.AuthenticatingSecurityManager.afterRealmsSet(Authenti > catingSecurityManager.java:178) > >>> > >>> at > >>> > org.apache.shiro.mgt.AuthorizingSecurityManager.afterRealmsSet(Authorizing > SecurityManager.java:129) > >>> > >>> at > >>> > org.apache.shiro.mgt.RealmSecurityManager.setRealms(RealmSecurityManager.j > ava:82) > >>> > >>> at > >>> > org.apache.shiro.config.IniConfiguration.createSecurityManagerForSection(I > niConfiguration.java:242) > >>> > >>> at > >>> > org.apache.shiro.config.IniConfiguration.createSecurityManager(IniConfigur > ation.java:188) > >>> > >>> at > >>> > org.apache.shiro.config.IniConfiguration.processIni(IniConfiguration.java: > 172) > >>> > >>> at > >>> > org.apache.shiro.config.IniConfiguration.process(IniConfiguration.java:161 > ) > >>> > >>> at > >>> > org.apache.shiro.config.IniConfiguration.load(IniConfiguration.java:127) > >>> > >>> at > >>> > org.apache.shiro.config.TextConfiguration.loadTextConfig(TextConfiguration > .java:70) > >>> > >>> at > >>> > org.apache.shiro.config.TextConfiguration.init(TextConfiguration.java:86) > >>> > >>> at > >>> > org.apache.shiro.config.IniConfiguration.init(IniConfiguration.java:114) > >>> > >>> at > org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:47) > >>> > >>> at > org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:41) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.ShiroFilter.configure(ShiroFilter.java:322) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.ShiroFilter.onFilterConfigSet(ShiroFilter.jav > a:269) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.OncePerRequestFilter.init(OncePerRequestFilte > r.java:140) > >>> > >>> at > >>> > org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilt > erConfig.java:221) > >>> > >>> at > >>> > org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationF > ilterConfig.java:302) > >>> > >>> at > >>> > org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterC > onfig.java:78) > >>> > >>> at > >>> > org.apache.catalina.core.StandardContext.filterStart(StandardContext.java: > 3635) > >>> > >>> at > >>> > org.apache.catalina.core.StandardContext.start(StandardContext.java:4222) > >>> > >>> at > >>> > org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java > :760) > >>> > >>> at > >>> > org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) > >>> > >>> at > >>> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) > >>> > >>> at > >>> > org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:927 > ) > >>> > >>> at > >>> > org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:8 > 90) > >>> > >>> at > >>> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492) > >>> > >>> at > org.apache.catalina.startup.HostConfig.start(HostConfig.java:1150) > >>> > >>> at > >>> > org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) > >>> > >>> at > >>> > org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupp > ort.java:120) > >>> > >>> at > >>> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) > >>> > >>> at > org.apache.catalina.core.StandardHost.start(StandardHost.java:736) > >>> > >>> at > >>> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) > >>> > >>> at > >>> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) > >>> > >>> at > >>> > org.apache.catalina.core.StandardService.start(StandardService.java:448) > >>> > >>> at > >>> org.apache.catalina.core.StandardServer.start(StandardServer.java:700) > >>> > >>> at org.apache.catalina.startup.Catalina.start(Catalina.java:552) > >>> > >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > >>> > >>> at > >>> > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > 39) > >>> > >>> at > >>> > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorIm > pl.java:25) > >>> > >>> at java.lang.reflect.Method.invoke(Method.java:597) > >>> > >>> at > org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) > >>> > >>> at > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) > >>> > >>> > >>> > >>> Andy > >>> > >>> > >>> > >>> > >>> > >>> ________________________________ > >>> > >>> From: Andy Tripp [mailto:[email protected]] > >>> Sent: Monday, August 31, 2009 10:25 AM > >>> To: [email protected] > >>> Subject: RE: need help plugging in my own session cache > >>> > >>> > >>> > >>> I need to get this working, and I'm happy to track it down myself, but > I > >>> need some starting direction. > >>> > >>> > >>> > >>> If I want to use my own cache for storing session data, I know I > should > >>> write my own CacheManager and a class that implements Cache. But which > class > >>> do I tell to use my own cache? Is it SessionDAO, securityManager, or > my own > >>> Realm (in my case a subclass of JDBCRealm)? All three have a > cacheManager > >>> property. > >>> > >>> > >>> > >>> Thanks, > >>> > >>> Andy > >>> > >>> > >>> > >>> ________________________________ > >>> > >>> From: Andy Tripp [mailto:[email protected]] > >>> Sent: Friday, August 28, 2009 2:56 PM > >>> To: [email protected] > >>> Subject: need help plugging in my own session cache > >>> > >>> > >>> > >>> Hi again, > >>> > >>> > >>> > >>> I'm having trouble with specifying my own Cache. > >>> > >>> I've specified my own CacheManager and Cache classes in my > ShiroFilter: > >>> > >>> > >>> > >>> realmA = com.vonage.auth.VonageAuthenticationRealm > >>> > >>> securityManager = > >>> org.apache.shiro.web.DefaultWebSecurityManager > >>> > >>> sessionManager = > >>> org.apache.shiro.web.session.DefaultWebSessionManager > >>> > >>> securityManager.sessionManager = $sessionManager > >>> > >>> securityManager.sessionMode = native > >>> > >>> #cacheManager = > org.apache.shiro.cache.DefaultCacheManager > >>> > >>> cacheManager = > >>> com.vonage.auth.VonageDistributedSessionCacheManager > >>> > >>> sessionDAO = > >>> org.apache.shiro.session.mgt.eis.MemorySessionDAO > >>> > >>> sessionDAO.cacheManager = $cacheManager > >>> > >>> securityManager.sessionDAO = $sessionDAO > >>> > >>> securityManager.cacheManager = $cacheManager > >>> > >>> securityManager.realm = $realmA > >>> > >>> realmA.cacheManager = $cacheManager > >>> > >>> > >>> > >>> My VonageDistributedSessionCacheManager class simply returns an > instance of > >>> my VonageDistributedSessionCache class, which implements the Cache > >>> interface. > >>> > >>> > >>> > >>> The problem is that the various methods in my > VonageDistributedSessionCache > >>> class (get(), put(), etc) are never being called. By adding tracing, I > can > >>> confirm that my VonageDistributedSessionCache constructor is being > called > >>> from AuthorizationRealm.initAuthorizationCache(). But when I login to > my > >>> servlet, my get() and put() methods are never called. On my first > login > >>> attempt to get to my servlet, I have no session and so I'm challenged > for > >>> username/password. Then on a second attempt, it lets me through. So > >>> somewhere Shiro is caching my sessionid, but I don't know where. All I > know > >>> is that it's not using the Cache that I told it to :) In fact, I told > it 3 > >>> times ($cacheManager is mentioned 3 times above)! > >>> > >>> > >>> > >>> So where is it in Shiro that checks the session cache? I see that > >>> AuthorizingRealm.initAuthorizationCache() does create an instance of > my > >>> VonageDistributedSessionCache class, and calls setAuthorizationCache() > to > >>> store it. But I don't see any calls to the corresponding > >>> getAuthorizationCache() to actually use it. > >>> > >>> > >>> > >>> I'm not sure if this helps or not, but below is a stack trace from my > >>> servlet. Somewhere along this chain of calls, somebody should have > called > >>> AuthorizingRealm.getAuthorizationCache() but didn't. > >>> > >>> > >>> > >>> Thanks, > >>> > >>> Andy > >>> > >>> ---------------------------------------------------------------------- > ------------------------ > >>> > >>> at java.lang.Thread.dumpStack(Thread.java:1206) > >>> > >>> at > >>> com.vonage.authenticatorTest.TestServlet1.doGet(TestServlet1.java:15) > >>> > >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:627) > >>> > >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > >>> > >>> at > >>> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati > onFilterChain.java:269) > >>> > >>> at > >>> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter > Chain.java:188) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChai > n.java:58) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:1 > 07) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.ja > va:137) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestF > ilter.java:190) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChai > n.java:63) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.ShiroFilter.executeChain(ShiroFilter.java:648 > ) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.ShiroFilter.doFilterInternal(ShiroFilter.java > :588) > >>> > >>> at > >>> > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestF > ilter.java:190) > >>> > >>> at > >>> > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati > onFilterChain.java:215) > >>> > >>> at > >>> > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter > Chain.java:188) > >>> > >>> at > >>> > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve. > java:213) > >>> > >>> at > >>> > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve. > java:172) > >>> > >>> at > >>> > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:1 > 27) > >>> > >>> at > >>> > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:1 > 17) > >>> > >>> at > >>> > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.ja > va:108) > >>> > >>> at > >>> > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174 > ) > >>> > >>> at > >>> > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:875) > >>> > >>> at > >>> > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proces > sConnection(Http11BaseProtocol.java:665) > >>> > >>> at > >>> > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.j > ava:528) > >>> > >>> at > >>> > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollower > WorkerThread.java:81) > >>> > >>> at > >>> > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.j > ava:689) > >>> > >>> at java.lang.Thread.run(Thread.java:619) > >>> > >>> > >> > >
