Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.2.0
-
None
-
None
Description
When the following method is called:
public Subject getSubjectByLogin(final String login)
{ PrincipalCollection principals = new SimplePrincipalCollection(login, REALM_NAME); return new Subject.Builder().principals(principals).buildSubject(); }
it throws an exception on buildSubject():
Caused by: java.lang.IllegalArgumentException: SessionContext must be an HTTP compatible implementation.
at org.apache.shiro.web.session.mgt.ServletContainerSessionManager.createSession(ServletContainerSessionManager.java:103)
at org.apache.shiro.web.session.mgt.ServletContainerSessionManager.start(ServletContainerSessionManager.java:64)
at org.apache.shiro.mgt.SessionsSecurityManager.start(SessionsSecurityManager.java:121)
at org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:336)
at org.apache.shiro.subject.support.DelegatingSubject.getSession(DelegatingSubject.java:314)
at org.apache.shiro.mgt.DefaultSubjectDAO.mergePrincipals(DefaultSubjectDAO.java:182)
at org.apache.shiro.mgt.DefaultSubjectDAO.saveToSession(DefaultSubjectDAO.java:163)
at org.apache.shiro.mgt.DefaultSubjectDAO.save(DefaultSubjectDAO.java:144)
at org.apache.shiro.mgt.DefaultSecurityManager.save(DefaultSecurityManager.java:383)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:350)
at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
It tries to create a session but really should not.
Please see forum http://shiro-user.582556.n2.nabble.com/Subject-being-changed-td7370203.html for more details
In our app, in our backoffice area, we display lists of users and their roles, and this functionality is used in this way.
Attachments
Issue Links
- relates to
-
SHIRO-340 Shiro should avoid creating sessions if one doesn't exist
- Open