Hi,
I am implementing endpoint in Google App Engine and testing it in local
dev server using Android Studio. My user login successfully, but when
subject.isAuthenticated() return true in only 1 or 2 requests after the
successful login. Then it returns false forever until user relogin, then
same problem happens again. I don't think it is session timeout because it
lasts less than 2 minutes. I did lots of research and I couldn't find the
problem. How to fix this?
Following is the code for the endpoint:
/** An endpoint class we are exposing */
@Api(name = "Endpoint", version = "v1", namespace =
@ApiNamespace(ownerDomain = "Content.example.com", ownerName =
"Content.example.com", packagePath=""))
public class Endpoint {
@ApiMethod(name = "removeContent")
public Response removeContent(@Named("id") Long id) throws
UnauthorizedException, NotFoundException {
LOG.info("Calling removeContent method");
Response response = new Response();
Subject subject = SecurityUtils.getSubject();
if (subject.isAuthenticated()) {
...
}
}
}
Following are the configurations:
appengine-web.xml:
<?xml version="1.0" encoding="utf-8"?>
<appengine-web-app xmlns="http://appengine.google.com/ns/1.0";>
<application>virtual-guru-123123213</application>
<version>1</version>
<threadsafe>true</threadsafe>
<sessions-enabled>true</sessions-enabled>
<system-properties>
<property name="java.util.logging.config.file"
value="WEB-INF/logging.properties"/>
<property name="gcm.api.key" value="sdfkjsldkfjlsjflksdj"/>
</system-properties>
<async-session-persistence enabled="true" queue-name="default"/>
</appengine-web-app>
===================================================
shiro.ini:
[main]
shiro.loginUrl = /login
gaeRealm = com.example.user.DatastoreRealm
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
iniRealm.credentialsMatcher = $passwordMatcher
securityManager.realms = $gaeRealm
[roles]
admin = *
user = browse:*
[urls]
/login = authc
===========================================
web.xml:
<?xml version="1.0" encoding="utf-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"; version="2.5">
<servlet>
<servlet-name>SystemServiceServlet</servlet-name>
<servlet-class>com.google.api.server.spi.SystemServiceServlet</servlet-class>
<init-param>
<param-name>services</param-name>
<param-value>com.example.content.Endpoint</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>SystemServiceServlet</servlet-name>
<url-pattern>/_ah/spi/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
</web-app>
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Shiro-subject-authentication-cannot-last-more-than-2-requests-in-Google-App-Engine-Endpoint-tp7580170.html
Sent from the Shiro User mailing list archive at Nabble.com.
