Still struggling with this. Forget what I said in the first post - this is completely reproducible in a new web application. It's some interaction between Shiro native sessions and Grails, which changed between Grails 1.3.x and Grails 2. In Grails 2, when native sessions are used, SecurityUtils.getSubject().logout() causes the UnknownSessionException when the response is rendered. With Grails 1.3.x this works fine.
-- View this message in context: http://shiro-user.582556.n2.nabble.com/What-might-cause-an-UnknownSessionException-tp7578179p7578187.html Sent from the Shiro User mailing list archive at Nabble.com.
