Something strange happens when I try to follow talked algorithm. I'am at step
one. So I have one method in ejb and call it.
Factory<SecurityManager> factory = new
IniSecurityManagerFactory("classpath:shiro.ini");
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
if ( !currentUser.isAuthenticated() ) {
UsernamePasswordToken token = new
UsernamePasswordToken("lonestarr", "vespa");
System.out.println("#0:"+currentUser.getSession().getId());
currentUser.login(token);
}else{
currentUser.logout();
System.out.println("I logged out");
}
System.out.println("#1:"+currentUser.getSession().getId());
When I call it first time from my client I have:
#0:f7b3117d-b4e0-4eef-9221-f99dbb87ecc2
#1:f7b3117d-b4e0-4eef-9221-f99dbb87ecc2
When I call it second time from client I have:
I logged out
#1:2edcab36-cb97-4722-b91b-82ec225deb78
Again:
#0:2edcab36-cb97-4722-b91b-82ec225deb78
#1:2edcab36-cb97-4722-b91b-82ec225deb78
Again:
I logged out
#1:b92ba3f4-deb9-41f2-9a36-b571dc33f082]]
So as I understand somewhere(the question is where - I don't send any
session in parameter) the session is kept. What's wrong?
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Glassfish-4-EJB-Shiro-OSGI-standalone-client-tp7579977p7579987.html
Sent from the Shiro User mailing list archive at Nabble.com.
