Attila Magyar created SHIRO-841:
-----------------------------------
Summary: NullPointerException from SessionsSecurityManager.start()
Key: SHIRO-841
URL: https://issues.apache.org/jira/browse/SHIRO-841
Project: Shiro
Issue Type: Task
Reporter: Attila Magyar
We see this NPE intermittently from KNOX when a topology is being redeployed
and a request is still being processed in Shiro's AuthenticatingFilter.
In DelegatingSubject.java:
{code:java}
log.trace("Starting session for host {}", getHost());
SessionContext sessionContext = createSessionContext();
// At this point the topology deploy already triggered a
securityManager.destroy() so sessionManager is null
Session session = this.securityManager.start(sessionContext);
this.session = decorate(session); {code}
This is not a critical problem since the request will fail no matter what, but
NPE suggests a programming error instead of a normal operation.
I suggest putting a null check in securityManager.start() and throw an
IllegalStateException("Session already destroyed") or something similar.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
