[
https://issues.apache.org/jira/browse/SHIRO-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Attila Magyar updated SHIRO-841:
--------------------------------
Description:
We see this NPE intermittently from KNOX when a topology is being redeployed
and a request is still being processed in Shiro's AuthenticatingFilter.
In DelegatingSubject.java:
{code:java}
log.trace("Starting session for host {}", getHost());
SessionContext sessionContext = createSessionContext();
// At this point the topology deploy already triggered a
securityManager.destroy() so sessionManager is null
Session session = this.securityManager.start(sessionContext);
this.session = decorate(session); {code}
This is not a critical problem since the request will fail no matter what, but
NPE suggests a programming error instead of a normal operation.
I suggest putting a null check in securityManager.start() and throw an
IllegalStateException("Session already destroyed") or something similar.
See https://issues.apache.org/jira/browse/KNOX-2297 for more context.
was:
We see this NPE intermittently from KNOX when a topology is being redeployed
and a request is still being processed in Shiro's AuthenticatingFilter.
In DelegatingSubject.java:
{code:java}
log.trace("Starting session for host {}", getHost());
SessionContext sessionContext = createSessionContext();
// At this point the topology deploy already triggered a
securityManager.destroy() so sessionManager is null
Session session = this.securityManager.start(sessionContext);
this.session = decorate(session); {code}
This is not a critical problem since the request will fail no matter what, but
NPE suggests a programming error instead of a normal operation.
I suggest putting a null check in securityManager.start() and throw an
IllegalStateException("Session already destroyed") or something similar.
> NullPointerException from SessionsSecurityManager.start()
> ---------------------------------------------------------
>
> Key: SHIRO-841
> URL: https://issues.apache.org/jira/browse/SHIRO-841
> Project: Shiro
> Issue Type: Task
> Reporter: Attila Magyar
> Priority: Major
>
> We see this NPE intermittently from KNOX when a topology is being redeployed
> and a request is still being processed in Shiro's AuthenticatingFilter.
> In DelegatingSubject.java:
> {code:java}
> log.trace("Starting session for host {}", getHost());
> SessionContext sessionContext = createSessionContext();
> // At this point the topology deploy already triggered a
> securityManager.destroy() so sessionManager is null
> Session session = this.securityManager.start(sessionContext);
> this.session = decorate(session); {code}
> This is not a critical problem since the request will fail no matter what,
> but NPE suggests a programming error instead of a normal operation.
> I suggest putting a null check in securityManager.start() and throw an
> IllegalStateException("Session already destroyed") or something similar.
>
> See https://issues.apache.org/jira/browse/KNOX-2297 for more context.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
