Hi Brian,
Thanks for your reply. I am sorry for late reply, because I was in vacation.
Below happens .
1.) Log user 'A' into Firefox
2.) Log user 'A' into Chrome
3.) Let Firefox sit idle for 65 seconds (session expires)
4.) Chrome is not idle, I am continuous working on it.
5.) Perform some server side action / I just refresh client side. Offcourse
client page call server REST webservice.
6.) Though I am continuously working on Chrome, it lost principal value.
7.) NOTE : Session is there. only principals() became null.
8.) When principal became NULL, I am forced to back to login page. Then I
cant make any action on UI page except the lgoin. Simply As expected, then
65 seconds later the Chrome session out.
Reason : When I lost my principal value, It push me back to login page.
Becasue I have custom filter class and I override the method like :
My all .XHTML page are get filterred by this method.
public class TestAuthenticationFilter extends AuthenticatingFilter {
......................
............
protected boolean isAccessAllowed(ServletRequest request, ServletResponse
response, Object mappedValue) {
if (isLoginRequest(request, response)) {
return true;
} else {
return SecurityUtils.getSubject().getPrincipals() != null
&& super.isAccessAllowed(request, response, mappedValue);
}
}
......................
}
public class SingleSignOnSessionId implements Serializable {
..................
.....................
}
public class TestAuthorizingRealm extends AuthorizingRealm {
...............
.................................
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) {
userTO = GetUserDataFromserver(). Using REST webservice calling.
Collection<Serializable> principals = Arrays.asList(userTO, new
SingleSignOnSessionId(userTO.getSessionId()));
PrincipalCollection principalCollection = new
SimplePrincipalCollection(principals, getName());
return new SimpleAuthenticationInfo(principalCollection,
token.getCredentials());
}
}
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Shiro-lost-subject-principal-value-tp7580449p7580465.html
Sent from the Shiro User mailing list archive at Nabble.com.
