Hi Lenny, I just saw the linked code - note that the ThreadContext is a Shiro internal class and its usage semantics may change at any time. In Shiro 1.2, the ideal way to acquire the SecurityManager is to look up the Shiro WebEnvironment from the ServletContext (assuming you've configured Shiro via a servlet context listener as is now recommended):
WebEnvironment env = WebUtils.getWebEnvironment(servletContext); SecurityManager securityManager = env.getSecurityManager(); I don't know if this makes sense in the context of your project's (or Tapestry's) inner workings, and this might just reflect the fact that the code doesn't yet assume Shiro 1.2 practices, but I thought I'd point it out in case it would be helpful. Cheers, Les On Tue, Jan 31, 2012 at 6:30 PM, Lenny Primak <[email protected]> wrote: > Take a look at this: > http://code.google.com/p/flowlogix/source/browse/tapestry-services/src/main/java/com/flowlogix/security/WebSecurityFilter.java > > > On Jan 31, 2012, at 8:47 PM, Mike K <[email protected]> wrote: > >> Thanks Les, >> Is there a way to get a subject for a different user - what I am doing is >> invalidating a session of a user that is not the current user. Is there a >> way to rebuild the subject from the session? >> >> -- >> View this message in context: >> http://shiro-user.582556.n2.nabble.com/Invalidating-sessions-tp7241745p7241892.html >> Sent from the Shiro User mailing list archive at Nabble.com.
