Hi Andy, There is definitely a bug in the configuration stuff - I'm looking in to it to find out what may be wrong. I'll keep you posted.
- Les On Tue, Sep 1, 2009 at 2:39 PM, Les Hazlewood<[email protected]> wrote: > Hi Andy, > > I'll have to give this a look sometime later tonight or tomorrow when > I have time - I'm kinda slammed today. But don't worry - we'll get it > working! > > Best, > > Les > > On Tue, Sep 1, 2009 at 11:58 AM, Andy Tripp<[email protected]> wrote: >> I made some progress on this issue. >> >> >> >> I added tracing to AuthorizingRealm.setAuthorizationCache(). I see that it’s >> first being correctly called to set the cache to my “custom” >> VonageDistributedSessionCache that I specified in my ShiroFilter. But then, >> I see that it’s being called a second time, and getting *reset* to some >> instance of SoftHashMapCache. >> >> >> >> The stack trace of that 2nd call is below. So the issue is “where in that >> stack trace is some code having the audacity to do something that results in >> a call to AuthorizingRealm.setAuthorizationCache(), which replaces the >> user-specified cache with the default of a SoftHashMapCache? >> >> >> >> My (uneducated) guess is that the culprit is the createSecurityManager() >> call in IniConfiguration.processIni(). Why would we want to create a >> security manager when in the middle of processing configuration data? >> >> >> >> In any case, I think the use case is simple: trying to specify your own >> CacheManager doesn’t work. Here’s my ShiroFilter: >> >> # pull in vonage centralized authentication: >> >> realmA = com.vonage.auth.VonageAuthenticationRealm >> >> securityManager = >> org.apache.shiro.web.DefaultWebSecurityManager >> >> sessionManager = >> org.apache.shiro.web.session.DefaultWebSessionManager >> >> securityManager.sessionManager = $sessionManager >> >> securityManager.sessionMode = native >> >> #cacheManager = org.apache.shiro.cache.DefaultCacheManager >> >> >> >> cacheManager = >> com.vonage.auth.VonageDistributedSessionCacheManager >> >> securityManager.cacheManager = $cacheManager >> >> >> >> sessionDAO = >> org.apache.shiro.session.mgt.eis.MemorySessionDAO >> >> #sessionDAO.cacheManager = $cacheManager >> >> securityManager.sessionDAO = $sessionDAO >> >> securityManager.realm = $realmA >> >> >> >> And here’s the stack trace I talked about: >> >> >> >> >> >> java.lang.Exception: Stack trace >> >> at java.lang.Thread.dumpStack(Thread.java:1206) >> >> at >> org.apache.shiro.realm.AuthorizingRealm.setAuthorizationCache(AuthorizingRealm.java:109) >> >> at >> org.apache.shiro.realm.AuthorizingRealm.initAuthorizationCache(AuthorizingRealm.java:199) >> >> at >> org.apache.shiro.realm.AuthorizingRealm.afterCacheManagerSet(AuthorizingRealm.java:166) >> >> at >> org.apache.shiro.realm.CachingRealm.setCacheManager(CachingRealm.java:73) >> >> at >> org.apache.shiro.mgt.RealmSecurityManager.applyCacheManagerToRealms(RealmSecurityManager.java:116) >> >> at >> org.apache.shiro.mgt.RealmSecurityManager.afterRealmsSet(RealmSecurityManager.java:86) >> >> at >> org.apache.shiro.mgt.AuthenticatingSecurityManager.afterRealmsSet(AuthenticatingSecurityManager.java:178) >> >> at >> org.apache.shiro.mgt.AuthorizingSecurityManager.afterRealmsSet(AuthorizingSecurityManager.java:129) >> >> at >> org.apache.shiro.mgt.RealmSecurityManager.setRealms(RealmSecurityManager.java:82) >> >> at >> org.apache.shiro.config.IniConfiguration.createSecurityManagerForSection(IniConfiguration.java:242) >> >> at >> org.apache.shiro.config.IniConfiguration.createSecurityManager(IniConfiguration.java:188) >> >> at >> org.apache.shiro.config.IniConfiguration.processIni(IniConfiguration.java:172) >> >> at >> org.apache.shiro.config.IniConfiguration.process(IniConfiguration.java:161) >> >> at >> org.apache.shiro.config.IniConfiguration.load(IniConfiguration.java:127) >> >> at >> org.apache.shiro.config.TextConfiguration.loadTextConfig(TextConfiguration.java:70) >> >> at >> org.apache.shiro.config.TextConfiguration.init(TextConfiguration.java:86) >> >> at >> org.apache.shiro.config.IniConfiguration.init(IniConfiguration.java:114) >> >> at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:47) >> >> at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:41) >> >> at >> org.apache.shiro.web.servlet.ShiroFilter.configure(ShiroFilter.java:322) >> >> at >> org.apache.shiro.web.servlet.ShiroFilter.onFilterConfigSet(ShiroFilter.java:269) >> >> at >> org.apache.shiro.web.servlet.OncePerRequestFilter.init(OncePerRequestFilter.java:140) >> >> at >> org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221) >> >> at >> org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302) >> >> at >> org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78) >> >> at >> org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635) >> >> at >> org.apache.catalina.core.StandardContext.start(StandardContext.java:4222) >> >> at >> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760) >> >> at >> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) >> >> at >> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) >> >> at >> org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:927) >> >> at >> org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:890) >> >> at >> org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492) >> >> at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1150) >> >> at >> org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) >> >> at >> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120) >> >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) >> >> at org.apache.catalina.core.StandardHost.start(StandardHost.java:736) >> >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) >> >> at >> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) >> >> at >> org.apache.catalina.core.StandardService.start(StandardService.java:448) >> >> at >> org.apache.catalina.core.StandardServer.start(StandardServer.java:700) >> >> at org.apache.catalina.startup.Catalina.start(Catalina.java:552) >> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> >> at java.lang.reflect.Method.invoke(Method.java:597) >> >> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) >> >> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) >> >> >> >> Andy >> >> >> >> >> >> ________________________________ >> >> From: Andy Tripp [mailto:[email protected]] >> Sent: Monday, August 31, 2009 10:25 AM >> To: [email protected] >> Subject: RE: need help plugging in my own session cache >> >> >> >> I need to get this working, and I’m happy to track it down myself, but I >> need some starting direction. >> >> >> >> If I want to use my own cache for storing session data, I know I should >> write my own CacheManager and a class that implements Cache. But which class >> do I tell to use my own cache? Is it SessionDAO, securityManager, or my own >> Realm (in my case a subclass of JDBCRealm)? All three have a cacheManager >> property. >> >> >> >> Thanks, >> >> Andy >> >> >> >> ________________________________ >> >> From: Andy Tripp [mailto:[email protected]] >> Sent: Friday, August 28, 2009 2:56 PM >> To: [email protected] >> Subject: need help plugging in my own session cache >> >> >> >> Hi again, >> >> >> >> I’m having trouble with specifying my own Cache. >> >> I’ve specified my own CacheManager and Cache classes in my ShiroFilter: >> >> >> >> realmA = com.vonage.auth.VonageAuthenticationRealm >> >> securityManager = >> org.apache.shiro.web.DefaultWebSecurityManager >> >> sessionManager = >> org.apache.shiro.web.session.DefaultWebSessionManager >> >> securityManager.sessionManager = $sessionManager >> >> securityManager.sessionMode = native >> >> #cacheManager = org.apache.shiro.cache.DefaultCacheManager >> >> cacheManager = >> com.vonage.auth.VonageDistributedSessionCacheManager >> >> sessionDAO = >> org.apache.shiro.session.mgt.eis.MemorySessionDAO >> >> sessionDAO.cacheManager = $cacheManager >> >> securityManager.sessionDAO = $sessionDAO >> >> securityManager.cacheManager = $cacheManager >> >> securityManager.realm = $realmA >> >> realmA.cacheManager = $cacheManager >> >> >> >> My VonageDistributedSessionCacheManager class simply returns an instance of >> my VonageDistributedSessionCache class, which implements the Cache >> interface. >> >> >> >> The problem is that the various methods in my VonageDistributedSessionCache >> class (get(), put(), etc) are never being called. By adding tracing, I can >> confirm that my VonageDistributedSessionCache constructor is being called >> from AuthorizationRealm.initAuthorizationCache(). But when I login to my >> servlet, my get() and put() methods are never called. On my first login >> attempt to get to my servlet, I have no session and so I’m challenged for >> username/password. Then on a second attempt, it lets me through. So >> somewhere Shiro is caching my sessionid, but I don’t know where. All I know >> is that it’s not using the Cache that I told it to :) In fact, I told it 3 >> times ($cacheManager is mentioned 3 times above)! >> >> >> >> So where is it in Shiro that checks the session cache? I see that >> AuthorizingRealm.initAuthorizationCache() does create an instance of my >> VonageDistributedSessionCache class, and calls setAuthorizationCache() to >> store it. But I don’t see any calls to the corresponding >> getAuthorizationCache() to actually use it. >> >> >> >> I’m not sure if this helps or not, but below is a stack trace from my >> servlet. Somewhere along this chain of calls, somebody should have called >> AuthorizingRealm.getAuthorizationCache() but didn’t. >> >> >> >> Thanks, >> >> Andy >> >> ---------------------------------------------------------------------------------------------- >> >> at java.lang.Thread.dumpStack(Thread.java:1206) >> >> at >> com.vonage.authenticatorTest.TestServlet1.doGet(TestServlet1.java:15) >> >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:627) >> >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:729) >> >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) >> >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >> >> at >> org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:58) >> >> at >> org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:107) >> >> at >> org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) >> >> at >> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:190) >> >> at >> org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:63) >> >> at >> org.apache.shiro.web.servlet.ShiroFilter.executeChain(ShiroFilter.java:648) >> >> at >> org.apache.shiro.web.servlet.ShiroFilter.doFilterInternal(ShiroFilter.java:588) >> >> at >> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:190) >> >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) >> >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >> >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) >> >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172) >> >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) >> >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) >> >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) >> >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174) >> >> at >> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:875) >> >> at >> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665) >> >> at >> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528) >> >> at >> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81) >> >> at >> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689) >> >> at java.lang.Thread.run(Thread.java:619) >> >> >
