Hi Al, It appears that https://issues.apache.org/jira/browse/SHIRO-60 (the old JSEC-46) has not been resolved effectively. I've re-opened it until it has been fixed to satisfaction - please subscribe as a watcher to see updates.
As for your 2nd question, I don't think there is an easy way to do this other than catching the InvalidSessionException and then using the Subject.Builder to create a new Subject data with the same identity data and then bind that subject to the thread. This is kind of nasty stuff though and it would probably be better to wait until the issue has been resolved. Since we'd have to resolve this before we're code complete for 1.0, we essentially have to finish it this week (next 2 or 3 days). I have a question that I need to ask people about how this functionality should work - I'll do that on a new thread so it is not buried in this one. Les On Wed, May 5, 2010 at 1:44 AM, aloleary <[email protected]> wrote: > > Hello, > I seem to have the same problem described in the following thread: > http://shiro-user.582556.n2.nabble.com/Session-Expiration-td2186574.html#a2186574 > Session Expiration > > However I looked at the test case supplied but I'm not sure I follow as no > code checks the subject after session expiration time - is it that the fix > should cause the session expiration never to happen ? > > Right now in my application i can see using a SessionListenerAdapter that > onExpiration is being fired... > > I can trap this and need to recreate the session > > 1) Should this be happening given that > https://issues.apache.org/jira/browse/JSEC-46 should not cause this > 2) What is the simplest way for me to create a new session for the user as > my code currentUser.getSession() is causing invalid session exception right > now > > Thanks in advance > -A- > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Standalone-Session-Timeout-tp5007851p5007851.html > Sent from the Shiro User mailing list archive at Nabble.com. >
