[jira] [Commented] (ISIS-1010) "Session already open" error if attempting to login in a second browser tab

[ASF subversion and git services (JIRA)]

    [ 
https://issues.apache.org/jira/browse/ISIS-1010?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14275953#comment-14275953
 ] 

ASF subversion and git services commented on ISIS-1010:
-------------------------------------------------------

Commit 571bde0a805c9d15e7617edb173b6c696e10195a in isis's branch 
refs/heads/master from [~mgrigorov]
[ https://git-wip-us.apache.org/repos/asf?p=isis.git;h=571bde0 ]

ISIS-1010 Skip sign in page if there is a user session and go directly to the 
home page instead


> "Session already open" error if attempting to login in a second browser tab
> ---------------------------------------------------------------------------
>
>                 Key: ISIS-1010
>                 URL: https://issues.apache.org/jira/browse/ISIS-1010
>             Project: Isis
>          Issue Type: Bug
>          Components: Viewer: Wicket
>    Affects Versions: viewer-wicket-1.7.0
>            Reporter: Martin Grigorov
>            Assignee: Martin Grigorov
>            Priority: Minor
>             Fix For: viewer-wicket-1.8.0
>
>
> Steps:
> 1) login in an application
> 2) open a new browser tab and navigate to /wicket/signin
> 3) try to login with valid credentials
> Leads to exception like:
> Caused by: java.lang.IllegalStateException: Session already open and context 
> not configured for autoclose
>       at 
> org.apache.isis.core.runtime.system.context.IsisContext.applySessionClosePolicy(IsisContext.java:180)
>       at 
> org.apache.isis.core.runtime.system.context.IsisContextThreadLocal.openSessionInstance(IsisContextThreadLocal.java:148)
>       at 
> org.apache.isis.core.runtime.system.context.IsisContext.openSession(IsisContext.java:273)
>       at 
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:206)
>       at 
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:135)
>       at 
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:74)
>       at 
> org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
>       at 
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
>       at 
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
>       at 
> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
>       ... 56 more
> I believe a proper behavior would be: if there is a logged in user then 
> redirect to the home page automatically without even showing the sign in page



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)