Author: lhazlewood
Date: Wed Jan 4 01:17:54 2012
New Revision: 1227013
URL: http://svn.apache.org/viewvc?rev=1227013&view=rev
Log:
SHIRO-298: implemented fix: try/catch w/ debug statement
Modified:
shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java
shiro/trunk/web/src/main/java/org/apache/shiro/web/filter/authc/LogoutFilter.java
Modified:
shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java
URL:
http://svn.apache.org/viewvc/shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java?rev=1227013&r1=1227012&r2=1227013&view=diff
==============================================================================
---
shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java
(original)
+++
shiro/trunk/core/src/main/java/org/apache/shiro/subject/support/DelegatingSubject.java
Wed Jan 4 01:17:54 2012
@@ -28,6 +28,7 @@ import org.apache.shiro.mgt.SecurityMana
import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.ProxiedSession;
import org.apache.shiro.session.Session;
+import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.DefaultSessionContext;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.subject.ExecutionException;
@@ -351,7 +352,13 @@ public class DelegatingSubject implement
public void logout() {
try {
- clearRunAsIdentities();
+ //try/catch added for SHIRO-298
+ try {
+ clearRunAsIdentities();
+ } catch (SessionException se) {
+ log.debug("Encountered session exception trying to clear
'runAs' identities during logout. This " +
+ "can generally safely be ignored.", se);
+ }
this.securityManager.logout(this);
} finally {
this.session = null;
Modified:
shiro/trunk/web/src/main/java/org/apache/shiro/web/filter/authc/LogoutFilter.java
URL:
http://svn.apache.org/viewvc/shiro/trunk/web/src/main/java/org/apache/shiro/web/filter/authc/LogoutFilter.java?rev=1227013&r1=1227012&r2=1227013&view=diff
==============================================================================
---
shiro/trunk/web/src/main/java/org/apache/shiro/web/filter/authc/LogoutFilter.java
(original)
+++
shiro/trunk/web/src/main/java/org/apache/shiro/web/filter/authc/LogoutFilter.java
Wed Jan 4 01:17:54 2012
@@ -1,9 +1,12 @@
package org.apache.shiro.web.filter.authc;
import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.session.SessionException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.servlet.AdviceFilter;
import org.apache.shiro.web.util.WebUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
@@ -16,6 +19,8 @@ import javax.servlet.ServletResponse;
* @since 1.2
*/
public class LogoutFilter extends AdviceFilter {
+
+ private static final Logger log =
LoggerFactory.getLogger(LogoutFilter.class);
/**
* The default redirect URL to where the user will be redirected after
logout. The value is {@code "/"}, Shiro's
@@ -43,7 +48,12 @@ public class LogoutFilter extends Advice
protected boolean preHandle(ServletRequest request, ServletResponse
response) throws Exception {
Subject subject = getSubject(request, response);
String redirectUrl = getRedirectUrl(request, response, subject);
- subject.logout();
+ //try/catch added for SHIRO-298:
+ try {
+ subject.logout();
+ } catch (SessionException ise) {
+ log.debug("Encountered session exception during logout. This can
generally safely be ignored.", ise);
+ }
issueRedirect(request, response, redirectUrl);
return false;
}
