[SHIRO-648] SecurityUtils.getSubject() throws org.apache.geode.security.AuthenticationFailedException intermittently - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.3.2
Fix Version/s: None
Component/s: Authentication (log-in)
Labels:
None

Description

When our application starts, we set the vm static SecurityManager using

SecurityUtils.setSecurityManager(xyz);

But sometimes when we do login using:

Subject currentUser = SecurityUtils.getSubject();
curentUser.login(tokent)

we occasionally get the following exception:

org.apache.geode.security.AuthenticationFailedException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.

We suspect that it's because the vm static SecurityManager is not volatile and not visible to the login thread....

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Jinmei Liao

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 06/Jun/18 22:22

Updated:: 14/Jun/18 16:58