Thanks for the patch from a few days ago for WebRememberMeManager. I used
SVN to get the updated version of the code and then I used maven to re-build
the code after which I removed the old .jar file and added the resulting new
.jar file. This fixed the error I was having at the time, but I just came
across a new, very similar error. It could be a problem with the Shiro code
or simply the result of my incorrect use of the code.
I executed the following code to see if I needed to get the current user
again after logging out:
Subject currentUser;
currentUser = SecurityUtils.getSubject(); // < --No exception
currentUser = SecurityUtils.getSubject(); // < --No exception
currentUser.logout(); // < --No exception
currentUser = SecurityUtils.getSubject(); // < --EXCEPTION
Resulting in the application throwing a NullPointerException from
WebRememberMeManager, below is the stack trace:
32046 [btpool0-1] WARN org.apache.shiro.mgt.DefaultSecurityManager -
Delegate RememberMeManager instance of type
[org.apache.shiro.web.WebRememberMeManager] threw an exception during
getRememberedPrincipals().
java.lang.NullPointerException
at
org.apache.shiro.web.attr.CookieAttribute.getCookie(CookieAttribute.java:262)
at
org.apache.shiro.web.attr.CookieAttribute.removeValue(CookieAttribute.java:357)
at
org.apache.shiro.web.WebRememberMeManager.forgetIdentity(WebRememberMeManager.java:320)
at
org.apache.shiro.web.WebRememberMeManager.forgetIdentity(WebRememberMeManager.java:316)
at
org.apache.shiro.mgt.AbstractRememberMeManager.onRememberedPrincipalFailure(AbstractRememberMeManager.java:547)
at
org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:488)
at
org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:598)
at
org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:486)
at
org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:363)
at
org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:751)
at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:57)
at burp_erp_t1.TestShiroServlet.login(TestShiroServlet.java:43)
at burp_erp_t1.TestShiroServlet.doPost(TestShiroServlet.java:24)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:713)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:373)
at
org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:306)
at
org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:81)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at
com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:51)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at
com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at
com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:121)
at
org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:712)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at
com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
at
com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:352)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
at org.mortbay.jetty.Server.handle(Server.java:313)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:844)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:644)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)
at
org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442)
--
View this message in context:
http://n2.nabble.com/Another-problem-with-WebRememberMeManager-tp4605727p4605727.html
Sent from the Shiro User mailing list archive at Nabble.com.
