Hi David, Can you try with 1.5.2 and 1.5.3?
regards, François [email protected] Le 17/12/2020 à 11:48, David Stutzman a écrit : > I am using Shiro in a Java EE application using the shiro-web > dependency. I > noticed a strange behavior and tracked it down to a Shiro upgrade that > started in version 1.6.0 and persists in 1.7.0. I initially updated > directly > from 1.5.1 to 1.7.0 but I went back and tested everything in between. > > I have a logout servlet that does the following: > protected void doGet(HttpServletRequest request, HttpServletResponse > response) > throws ServletException, IOException { > SecurityUtils.getSubject().logout(); > request.getSession().invalidate(); > > response.sendRedirect(request.getServletContext().getContextPath()); > } > > The client is then routed back to the index page. There is an image that > does not load on that page and our JSF button does not function properly. > The image request is a GET and results in an HTTP 400 and if I click our > button it does a POST that also yields a 400 Bad Request. > > If I just refresh the page, everything seems to be fine and the rest > of the > application continues to work properly. > > I have looked through the issues closed in 1.6.0 and don't see anything > obvious. > (https://issues.apache.org/jira/browse/SHIRO-788?jql=project%20%3D%20SHIRO%20AND%20fixVersion%20%3D%201.6.0) > > > Any ideas? >
