Hi Al, It doesn't look like any of us have gotten to this yet. It is slated for 1.1, so I'm sure someone will pick it up before the 1.1 release. Of course, patches are always appreciated if anyone has any!
Cheers, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com On Thu, Sep 30, 2010 at 4:15 AM, aloleary <[email protected]> wrote: > > Hello Les et. al. > > Just wondering if there is plans to address SHIRO-60 ? > > Or if any recent changes offer a better/cleaner workaround > > Thanks > -A > > > Les Hazlewood-2 wrote: >> >> Hi Al, >> >> It appears that https://issues.apache.org/jira/browse/SHIRO-60 (the >> old JSEC-46) has not been resolved effectively. I've re-opened it >> until it has been fixed to satisfaction - please subscribe as a >> watcher to see updates. >> >> As for your 2nd question, I don't think there is an easy way to do >> this other than catching the InvalidSessionException and then using >> the Subject.Builder to create a new Subject data with the same >> identity data and then bind that subject to the thread. This is kind >> of nasty stuff though and it would probably be better to wait until >> the issue has been resolved. Since we'd have to resolve this before >> we're code complete for 1.0, we essentially have to finish it this >> week (next 2 or 3 days). >> >> I have a question that I need to ask people about how this >> functionality should work - I'll do that on a new thread so it is not >> buried in this one. >> >> Les >> >> On Wed, May 5, 2010 at 1:44 AM, aloleary <[email protected]> wrote: >>> >>> Hello, >>> I seem to have the same problem described in the following thread: >>> http://shiro-user.582556.n2.nabble.com/Session-Expiration-td2186574.html#a2186574 >>> Session Expiration >>> >>> However I looked at the test case supplied but I'm not sure I follow as >>> no >>> code checks the subject after session expiration time - is it that the >>> fix >>> should cause the session expiration never to happen ? >>> >>> Right now in my application i can see using a SessionListenerAdapter that >>> onExpiration is being fired... >>> >>> I can trap this and need to recreate the session >>> >>> 1) Should this be happening given that >>> https://issues.apache.org/jira/browse/JSEC-46 should not cause this >>> 2) What is the simplest way for me to create a new session for the user >>> as >>> my code currentUser.getSession() is causing invalid session exception >>> right >>> now >>> >>> Thanks in advance >>> -A-
