Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Cannot Reproduce
-
1.3.2
-
None
Description
I am using default shiro native session manager and Session DAO backed by Db store for storing sessions. I have set the session timeout to 10 min and I have the same user login multiple times, say 8 times. Once the session is expired I tried to login with same user credentials from a different client and shiro is calling this delete(Session sn) method implemented in my DAO to delete those old sessions that are expired. Once the deletion is completed it throws an exception with the deleted Session id saying org.apache.shiro.session.StoppedSessionException: Session with id [a9dd97a1-90d4-435c-b363-f74052dfa0dc] has been explicitly stopped. No further interaction under this session is allowed, and it fails to login the user.