Martin Grigorov created ISIS-1010:
-------------------------------------
Summary: "Session already open" error if attempting to login in a
second browser tab
Key: ISIS-1010
URL: https://issues.apache.org/jira/browse/ISIS-1010
Project: Isis
Issue Type: Bug
Components: Viewer: Wicket
Affects Versions: viewer-wicket-1.7.0
Reporter: Martin Grigorov
Assignee: Martin Grigorov
Priority: Minor
Steps:
1) login in an application
2) open a new browser tab and navigate to /wicket/signin
3) try to login with valid credentials
Leads to exception like:
Caused by: java.lang.IllegalStateException: Session already open and context
not configured for autoclose
at
org.apache.isis.core.runtime.system.context.IsisContext.applySessionClosePolicy(IsisContext.java:180)
at
org.apache.isis.core.runtime.system.context.IsisContextThreadLocal.openSessionInstance(IsisContextThreadLocal.java:148)
at
org.apache.isis.core.runtime.system.context.IsisContext.openSession(IsisContext.java:273)
at
org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:206)
at
org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:135)
at
org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:74)
at
org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
at
org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at
org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at
org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
... 56 more
I believe a proper behavior would be: if there is a logged in user then
redirect to the home page automatically without even showing the sign in page
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
