[jira] [Updated] (SHIRO-489) can not get session on sina app engine

[Benjamin Marwell (Jira)]

     [ 
https://issues.apache.org/jira/browse/SHIRO-489?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benjamin Marwell updated SHIRO-489:
-----------------------------------
    Component/s:     (was: Web Site)

> can not get session on sina app engine
> --------------------------------------
>
>                 Key: SHIRO-489
>                 URL: https://issues.apache.org/jira/browse/SHIRO-489
>             Project: Shiro
>          Issue Type: Bug
>          Components: Web
>    Affects Versions: 1.2.3
>         Environment: sina app engine
>            Reporter: 吴开强
>            Priority: Major
>
> org.apache.shiro.web.servlet.AbstractShiroFilter
> ...
>  protected void doFilterInternal(ServletRequest servletRequest, 
> ServletResponse servletResponse, final FilterChain chain)
>             throws ServletException, IOException {
> ...
>             final ServletRequest request = 
> prepareServletRequest(servletRequest, servletResponse, chain);
>             final ServletResponse response = prepareServletResponse(request, 
> servletResponse, chain);
>             final Subject subject = createSubject(request, response);
>             //noinspection unchecked
>             subject.execute(new Callable() {
>                 public Object call() throws Exception {
>                     updateSessionLastAccessTime(request, response);
>                     executeChain(request, response, chain);
> ...
>     }
>  executeChain(request, response, chain) would not use request instance,this 
> is a ShiroHttpServletRequest instance and override getSession() method,and 
> then any other place(servlet container or other filter) use this request will 
> something unexpected will happen.for example:session.getId() is null in 
> jsp,and login status can not be holded,I think this method should like this:
> protected void doFilterInternal(final ServletRequest servletRequest,final 
> ServletResponse servletResponse, final FilterChain chain)
>             throws ServletException, IOException {
>         Throwable t = null;
>         try {
>             final ServletRequest request = 
> prepareServletRequest(servletRequest, servletResponse, chain);
>             final ServletResponse response = prepareServletResponse(request, 
> servletResponse, chain);
>             final Subject subject = createSubject(request, response);
>             //noinspection unchecked
>             subject.execute(new Callable() {
>                 public Object call() throws Exception {
>                     updateSessionLastAccessTime(request, response);
>                     executeChain(servletRequest, servletResponse, chain);
> ...
>     }



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@shiro.apache.org
For additional commands, e-mail: issues-h...@shiro.apache.org