Thanks. I've developed a Jetty session based alternative for now but I'll try your idea soon. Dave
On Mon, Mar 20, 2017 at 9:04 PM -0700, "sreenivas harshith [via Shiro User]" <[email protected]> wrote: https://issues.apache.org/jira/browse/SHIRO-613 On Tue, Mar 21, 2017 at 9:27 AM, sreenivas harshith<[hidden email]> wrote: Hi, This is the issue with thread context. I had the same issue. Use subject builder to build a subject and don't use securityutils.subject(). In a multi threaded environment there is this issue. Please have a look at the comments where I have found the issue and posted a solution Issue Navigator - ASF JIRA Issue Navigator - ASF JIRA Hope this helps. On Tue, Mar 21, 2017 at 8:42 AM, dsf49<[hidden email]> wrote: I'm just getting started with Shiro. I'm using it in a SparkJava site. I have authentication mostly working, but after turning on trace logging for the ThreadContext class, I'm noticing that the subject is suddenly not authenticated when there's a new thread being used in the Jetty request. I assumed that a subject's state is the same across all threads in the same Jetty instance, but that doesn't seem to be the case here. I did the Shiro init in the main SparkJava thread: Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); SecurityManager securityManager = factory.getInstance(); SecurityUtils.setSecurityManager(securityManager); And I'm not passing around a SecurityManager instance. My authentication check happens in a before() filter in SparkJava and that's where it will fail when the thread changes. What I am missing? Thanks, Dave -- View this message in context: http://shiro-user.582556.n2.nabble.com/isAuthenticated-returns-false-when-the-Jetty-thread-changes-tp7581554.html Sent from the Shiro User mailing list archive at Nabble.com. If you reply to this email, your message will be added to the discussion below: http://shiro-user.582556.n2.nabble.com/isAuthenticated-returns-false-when-the-Jetty-thread-changes-tp7581554p7581556.html To unsubscribe from isAuthenticated() returns false when the Jetty thread changes, click here. NAML -- View this message in context: http://shiro-user.582556.n2.nabble.com/isAuthenticated-returns-false-when-the-Jetty-thread-changes-tp7581554p7581557.html Sent from the Shiro User mailing list archive at Nabble.com.
