[
https://issues.apache.org/jira/browse/JSEC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Les Hazlewood resolved JSEC-33.
-------------------------------
Resolution: Cannot Reproduce
What is your configuration?
The above stack trace cannot occur if the sessionMode = "jsecurity", as should
be the case if not using http sessions (as you indicate).
The ServletContainerSessionManager implementation (indicated in your stack
trace) is only instantiated if the DefaultWebSecurityManager's sessionMode is
not overridden to be "jsecurity". That means that http sessions are being used.
After running two tests verifying configuration (last two methods here:
http://svn.apache.org/viewvc/incubator/jsecurity/trunk/test/org/jsecurity/web/servlet/JSecurityFilterTest.java?view=markup&pathrev=729768),
I'm resolving this issue unless you are still having problems.
If you re-open the issue, please attach your config.
Thanks,
Les
> Infinite Loop -- DefaultWebSecurityManager, JSecurityHttpServletRequest,
> Non-Http Sessions
> ------------------------------------------------------------------------------------------
>
> Key: JSEC-33
> URL: https://issues.apache.org/jira/browse/JSEC-33
> Project: JSecurity
> Issue Type: Bug
> Affects Versions: 0.9
> Reporter: Andrew Zeneski
> Assignee: Les Hazlewood
> Fix For: 1.0
>
>
> Infinite loop when using DefaultWebSecurityManager and non-http sessions.
> createSubject():204, DefaultWebSecurityManager calls
> createSubject():208, DefaultWebSecurityManager calls
> getSession():71, ServletContainerSessionManager calls
> getSession():149, JSecurityHttpServletRequest calls
> getSubject():90, JSecurityHttpServletRequest calls
> getSubject():53, SecurityUtils calls
> getSubject():426, DefaultSecurityManager calls,
> getSubject():419, DefaultSecurityManager calls,
> createSubject():204, DefaultWebSecurityManager
> Then loops again...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
