Hi Andy, I'll have to give this a look sometime later tonight or tomorrow when I have time - I'm kinda slammed today. But don't worry - we'll get it working!
Best, Les On Tue, Sep 1, 2009 at 11:58 AM, Andy Tripp<[email protected]> wrote: > I made some progress on this issue. > > > > I added tracing to AuthorizingRealm.setAuthorizationCache(). I see that it’s > first being correctly called to set the cache to my “custom” > VonageDistributedSessionCache that I specified in my ShiroFilter. But then, > I see that it’s being called a second time, and getting *reset* to some > instance of SoftHashMapCache. > > > > The stack trace of that 2nd call is below. So the issue is “where in that > stack trace is some code having the audacity to do something that results in > a call to AuthorizingRealm.setAuthorizationCache(), which replaces the > user-specified cache with the default of a SoftHashMapCache? > > > > My (uneducated) guess is that the culprit is the createSecurityManager() > call in IniConfiguration.processIni(). Why would we want to create a > security manager when in the middle of processing configuration data? > > > > In any case, I think the use case is simple: trying to specify your own > CacheManager doesn’t work. Here’s my ShiroFilter: > > # pull in vonage centralized authentication: > > realmA = com.vonage.auth.VonageAuthenticationRealm > > securityManager = > org.apache.shiro.web.DefaultWebSecurityManager > > sessionManager = > org.apache.shiro.web.session.DefaultWebSessionManager > > securityManager.sessionManager = $sessionManager > > securityManager.sessionMode = native > > #cacheManager = org.apache.shiro.cache.DefaultCacheManager > > > > cacheManager = > com.vonage.auth.VonageDistributedSessionCacheManager > > securityManager.cacheManager = $cacheManager > > > > sessionDAO = > org.apache.shiro.session.mgt.eis.MemorySessionDAO > > #sessionDAO.cacheManager = $cacheManager > > securityManager.sessionDAO = $sessionDAO > > securityManager.realm = $realmA > > > > And here’s the stack trace I talked about: > > > > > > java.lang.Exception: Stack trace > > at java.lang.Thread.dumpStack(Thread.java:1206) > > at > org.apache.shiro.realm.AuthorizingRealm.setAuthorizationCache(AuthorizingRealm.java:109) > > at > org.apache.shiro.realm.AuthorizingRealm.initAuthorizationCache(AuthorizingRealm.java:199) > > at > org.apache.shiro.realm.AuthorizingRealm.afterCacheManagerSet(AuthorizingRealm.java:166) > > at > org.apache.shiro.realm.CachingRealm.setCacheManager(CachingRealm.java:73) > > at > org.apache.shiro.mgt.RealmSecurityManager.applyCacheManagerToRealms(RealmSecurityManager.java:116) > > at > org.apache.shiro.mgt.RealmSecurityManager.afterRealmsSet(RealmSecurityManager.java:86) > > at > org.apache.shiro.mgt.AuthenticatingSecurityManager.afterRealmsSet(AuthenticatingSecurityManager.java:178) > > at > org.apache.shiro.mgt.AuthorizingSecurityManager.afterRealmsSet(AuthorizingSecurityManager.java:129) > > at > org.apache.shiro.mgt.RealmSecurityManager.setRealms(RealmSecurityManager.java:82) > > at > org.apache.shiro.config.IniConfiguration.createSecurityManagerForSection(IniConfiguration.java:242) > > at > org.apache.shiro.config.IniConfiguration.createSecurityManager(IniConfiguration.java:188) > > at > org.apache.shiro.config.IniConfiguration.processIni(IniConfiguration.java:172) > > at > org.apache.shiro.config.IniConfiguration.process(IniConfiguration.java:161) > > at > org.apache.shiro.config.IniConfiguration.load(IniConfiguration.java:127) > > at > org.apache.shiro.config.TextConfiguration.loadTextConfig(TextConfiguration.java:70) > > at > org.apache.shiro.config.TextConfiguration.init(TextConfiguration.java:86) > > at > org.apache.shiro.config.IniConfiguration.init(IniConfiguration.java:114) > > at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:47) > > at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:41) > > at > org.apache.shiro.web.servlet.ShiroFilter.configure(ShiroFilter.java:322) > > at > org.apache.shiro.web.servlet.ShiroFilter.onFilterConfigSet(ShiroFilter.java:269) > > at > org.apache.shiro.web.servlet.OncePerRequestFilter.init(OncePerRequestFilter.java:140) > > at > org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221) > > at > org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302) > > at > org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78) > > at > org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635) > > at > org.apache.catalina.core.StandardContext.start(StandardContext.java:4222) > > at > org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760) > > at > org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) > > at > org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) > > at > org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:927) > > at > org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:890) > > at > org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492) > > at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1150) > > at > org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) > > at > org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120) > > at > org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) > > at org.apache.catalina.core.StandardHost.start(StandardHost.java:736) > > at > org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) > > at > org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) > > at > org.apache.catalina.core.StandardService.start(StandardService.java:448) > > at > org.apache.catalina.core.StandardServer.start(StandardServer.java:700) > > at org.apache.catalina.startup.Catalina.start(Catalina.java:552) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > > at java.lang.reflect.Method.invoke(Method.java:597) > > at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) > > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) > > > > Andy > > > > > > ________________________________ > > From: Andy Tripp [mailto:[email protected]] > Sent: Monday, August 31, 2009 10:25 AM > To: [email protected] > Subject: RE: need help plugging in my own session cache > > > > I need to get this working, and I’m happy to track it down myself, but I > need some starting direction. > > > > If I want to use my own cache for storing session data, I know I should > write my own CacheManager and a class that implements Cache. But which class > do I tell to use my own cache? Is it SessionDAO, securityManager, or my own > Realm (in my case a subclass of JDBCRealm)? All three have a cacheManager > property. > > > > Thanks, > > Andy > > > > ________________________________ > > From: Andy Tripp [mailto:[email protected]] > Sent: Friday, August 28, 2009 2:56 PM > To: [email protected] > Subject: need help plugging in my own session cache > > > > Hi again, > > > > I’m having trouble with specifying my own Cache. > > I’ve specified my own CacheManager and Cache classes in my ShiroFilter: > > > > realmA = com.vonage.auth.VonageAuthenticationRealm > > securityManager = > org.apache.shiro.web.DefaultWebSecurityManager > > sessionManager = > org.apache.shiro.web.session.DefaultWebSessionManager > > securityManager.sessionManager = $sessionManager > > securityManager.sessionMode = native > > #cacheManager = org.apache.shiro.cache.DefaultCacheManager > > cacheManager = > com.vonage.auth.VonageDistributedSessionCacheManager > > sessionDAO = > org.apache.shiro.session.mgt.eis.MemorySessionDAO > > sessionDAO.cacheManager = $cacheManager > > securityManager.sessionDAO = $sessionDAO > > securityManager.cacheManager = $cacheManager > > securityManager.realm = $realmA > > realmA.cacheManager = $cacheManager > > > > My VonageDistributedSessionCacheManager class simply returns an instance of > my VonageDistributedSessionCache class, which implements the Cache > interface. > > > > The problem is that the various methods in my VonageDistributedSessionCache > class (get(), put(), etc) are never being called. By adding tracing, I can > confirm that my VonageDistributedSessionCache constructor is being called > from AuthorizationRealm.initAuthorizationCache(). But when I login to my > servlet, my get() and put() methods are never called. On my first login > attempt to get to my servlet, I have no session and so I’m challenged for > username/password. Then on a second attempt, it lets me through. So > somewhere Shiro is caching my sessionid, but I don’t know where. All I know > is that it’s not using the Cache that I told it to :) In fact, I told it 3 > times ($cacheManager is mentioned 3 times above)! > > > > So where is it in Shiro that checks the session cache? I see that > AuthorizingRealm.initAuthorizationCache() does create an instance of my > VonageDistributedSessionCache class, and calls setAuthorizationCache() to > store it. But I don’t see any calls to the corresponding > getAuthorizationCache() to actually use it. > > > > I’m not sure if this helps or not, but below is a stack trace from my > servlet. Somewhere along this chain of calls, somebody should have called > AuthorizingRealm.getAuthorizationCache() but didn’t. > > > > Thanks, > > Andy > > ---------------------------------------------------------------------------------------------- > > at java.lang.Thread.dumpStack(Thread.java:1206) > > at > com.vonage.authenticatorTest.TestServlet1.doGet(TestServlet1.java:15) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:627) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) > > at > org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:58) > > at > org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:107) > > at > org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) > > at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:190) > > at > org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:63) > > at > org.apache.shiro.web.servlet.ShiroFilter.executeChain(ShiroFilter.java:648) > > at > org.apache.shiro.web.servlet.ShiroFilter.doFilterInternal(ShiroFilter.java:588) > > at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:190) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172) > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174) > > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:875) > > at > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665) > > at > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528) > > at > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81) > > at > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689) > > at java.lang.Thread.run(Thread.java:619) > >
