Re: Session Validation not work.

Sun, 28 Aug 2011 20:01:56 -0700 

I found a problem (missing configuration or mutual dependency).

Fixed configuration is

  ...<!-- omit -->
  <bean id="sessionManager"
      class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
    <property name="sessionDAO">
      <bean
class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/>
    </property>
    <property name="sessionValidationScheduler"
ref="sessionValidationScheduler"/>
    <property name="globalSessionTimeout" value="300000"/>
    <property name="sessionListeners">
      <list>
        <ref local="p2pSessionListener"/>
      </list>
    </property>
  </bean>

  <bean id="sessionValidationScheduler"

class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
*    <property name="sessionManager" ref="sessionManager"/>*
    <property name="interval" value="60000"/>
  </bean>
  .... <!-- omit -->


But shiro has some strange things.
I write another thread that things.

Thanks.


On Fri, Aug 26, 2011 at 5:24 PM, Jason Shim <[email protected]> wrote:

> (sorry my poor english)
> I configure : Shiro(*DefaultWebSessionManager,
> ExecutorServiceSessionValidationScheduler) + Spring Integration + Servlet
> *
>
> But doesn't execute
>   sessionManager.validateSessions(); or SessionListener.onExpiration(..);
>
> In Log4J debug mode, logs are ...
>   *....*
> *  .... some client connect*
>   2011-08-26 16:52:00 DEBUG ExecutorServiceSessionValidationScheduler.?(?)
> | Executing session validation...
>   *.... no more log*
>
> And see call hierarchy in the source...
> ExecutorServiceSessionValidationScheduler.run() line 99 : print "Executing
> session validation..."
> AbstractValidatingSessionManager.validateSessions() line 265 : print
> "Validating all active sessions..."
> but doesn't print "Validating all active sessions..."
>
> Also from SessionListener point of view, i write code
>  log.debug($methodname) in each method
>
> 2011-08-26 16:47:01 DEBUG P2PSessionListenerAdapter.?(?) | onStart
> *... no more log (not print onExpiration)*
> *... but same client reconnect at some time later( >= **
>
> globalSessionTimeout)
> ** *
> 2011-08-26 18:09:52 DEBUG P2PSessionListenerAdapter.?(?) | onExpiration
>
> Did i some configuration missing or wrong?
> below my spring+shiro configuration(no ssl). Please help me. thanks.
>
>   <!-- =========================================================
>        Shiro Core Components - Not Spring Specific
>        ========================================================= -->
>   <bean id="securityManager"
> class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
>     <property name="cacheManager" ref="cacheManager"/>
>     <property name="sessionMode" value="native"/>
>     <property name="sessionManager" ref="sessionManager"/>
>     <property name="realm" ref="jdbcRealm"/>
>   </bean>
>
>   <bean id="sessionManager"
>       class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
>     <property name="sessionDAO">
>       <bean
> class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"/>
>     </property>
>     <property name="sessionValidationScheduler">
>       <bean
> class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
>         <property name="interval" value="300000"/>
>       </bean>
>     </property>
>     <property name="globalSessionTimeout" value="180000"/>
>     <property name="sessionListeners">
>       <list>
>         <ref local="p2pSessionListener"/>
>       </list>
>     </property>
>
>     <property name="sessionValidationSchedulerEnabled" value="true"/>
>     <property name="deleteInvalidSessions" value="true"/>
>
>   </bean>
>
>   <bean id="p2pSessionListener"
>       class="com.acme.session.P2PSessionListenerAdapter"/>
>
>   <bean id="cacheManager"
> class="org.apache.shiro.cache.ehcache.EhCacheManager">
>   </bean>
>
>   <bean id="jdbcRealm" class="org.apache.shiro.realm.jdbc.JdbcRealm">
>     <property name="name" value="jdbcRealm"/>
>     <property name="dataSource" ref="dataSource"/>
>     <!-- Omit -->
>   </bean>
>
>
>   <!-- =========================================================
>        Shiro Spring-specific integration
>        ========================================================= -->
>
>   <bean id="lifecycleBeanPostProcessor"
>       class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
>
>   <bean
> class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
>       depends-on="lifecycleBeanPostProcessor"/>
>   <bean
> class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
>     <property name="securityManager" ref="securityManager"/>
>   </bean>
>
>   <bean id="shiroFilter"
> class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
>     <property name="securityManager" ref="securityManager"/>
>     <property name="unauthorizedUrl" value="/unauthorized.html"/>
>     <property name="filterChainDefinitions">
>       <value>
>         <!-- Omit -->
>       </value>
>     </property>
>   </bean>
>
>

Reply via email to