I'm not sure, I've only looked at this quickly, but it looks like your serialize and deserialize methods do different things. (again, just a quick look, but do you have test for writing data in, then pulling it back out by Id?
On Tue, Apr 4, 2017 at 2:27 PM, itsvisher <[email protected]> wrote: > Gosh!!! You were so right. It is problem of my SessionDAO implementation. > Where did I do wrong?? > > Here is my implementation of SessionDAO: > > package com.company.core.usermanagement; > > import java.io.ByteArrayInputStream; > import java.io.ObjectInputStream; > import java.io.Serializable; > import java.util.Collection; > > import org.apache.log4j.Logger; > import org.apache.shiro.codec.Base64; > import org.apache.shiro.session.Session; > import org.apache.shiro.session.UnknownSessionException; > import org.apache.shiro.session.mgt.SimpleSession; > import org.apache.shiro.session.mgt.eis.AbstractSessionDAO; > import org.json.JSONArray; > import org.json.JSONException; > import org.json.JSONObject; > > import com.mongodb.BasicDBObject; > import com.mongodb.DBCursor; > import com.mongodb.util.JSON; > > public class MongoSessionDAO extends AbstractSessionDAO { > private static final Logger logger = > Logger.getLogger(MongoSessionDAO.class); > MongoProvider mp = new MongoProvider(); > String localdbName = "testdb"; > Session session; > > @Override > public void update(Session session) throws UnknownSessionException > { > logger.debug("Update session"); > } > > @Override > public void delete(Session session) { > logger.debug("Deleting session: " + session.getId()); > session.stop(); > } > > @Override > public Collection<Session> getActiveSessions() { > return null; > } > > @Override > protected Serializable doCreate(Session session) { > logger.info("Inside doCreate "); > Serializable timeUuid = generateSessionId(session); > assignSessionId(session, timeUuid); > save(session.getId()); > logger.info("doCreate session Id: " + session.getId()); > return session.getId(); > } > > private void save(Serializable sessionId) { > logger.info("Saving session..."); > int id = 0; > mp.init(); > MongoRealm mongoRealmuser = new > MongoRealm(mp.getCollection(localdbName, > "usersessions")); > MongoRealm mongoRealcounter = new > MongoRealm(mp.getCollection(localdbName, > "counters")); > id = ((Double) > mongoRealcounter.getNextSequence("usersessions")).intValue(); > logger.info("sId-----> " + sessionId); > mp.insertDBObject(localdbName, mongoRealmuser. > createUserSessions(id, > sessionId), "usersessions"); > } > > @Override > protected Session doReadSession(Serializable sessionId) { > logger.info("doReadSession - Looking for session id: " + > sessionId.toString()); > mp.init(); > > BasicDBObject allQuery = new BasicDBObject(); > allQuery.put("session", sessionId); > DBCursor cursor = mp.getCollection(localdbName, > "usersessions").find(allQuery); > if (!cursor.hasNext()) { > logger.debug("Session does not exists"); > return null; > } > > String jOut = JSON.serialize(cursor); > final SimpleSession session = new SimpleSession(); > session.setId(sessionId); > try { > JSONArray jArray = new JSONArray(jOut); > JSONObject jb = (JSONObject) jArray.get(0); > logger.info("Found session: " + > jb.get("session")); > } catch (JSONException e) { > e.printStackTrace(); > logger.error("No Session is present :: " + > e.toString()); > } > > return session; > } > > @SuppressWarnings("unused") > private static Session deserialize(String sessionStr) { > try { > logger.info("SessionStr >>>> " + > Base64.decodeToString(sessionStr)); > > // new ByteArrayInputStream(Base64. > decode(sessionStr)); > ByteArrayInputStream bis = new > ByteArrayInputStream(sessionStr.getBytes()); > ObjectInputStream ois = new ObjectInputStream(bis); > return (Session) ois.readObject(); > } catch (Exception e) { > throw new RuntimeException("deserialize session > error", e); > } > } > }//end of class > > > > -- > View this message in context: http://shiro-user.582556.n2. > nabble.com/Login-successful-but-authenticated-call-to-any- > other-api-results-in-302-response-tp7581569p7581572.html > Sent from the Shiro User mailing list archive at Nabble.com. >
