Details

    • Global Rank:
      273

      Description

      See SUPPORT-676 for full details.

      2011-04-14 10:26:10 ERROR [p-15263993-3462] - org.mortbay.log - /content/repositories/exo-snapshots/org/exoplatform/ks/exo.ks.component.common/maven-metadata.xml
      org.apache.shiro.session.UnknownSessionException: There is no session with id [df49f6c6-8602-4a5a-898e-adb3fe356f7d]
      at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
      at org.apache.shiro.session.mgt.eis.CachingSessionDAO.readSession(CachingSessionDAO.java:261)
      at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
      at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
      at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118)
      at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:105)
      at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:109)
      at org.apache.shiro.session.mgt.AbstractNativeSessionManager.removeAttribute(AbstractNativeSessionManager.java:220)
      at org.apache.shiro.session.mgt.DelegatingSession.removeAttribute(DelegatingSession.java:159)
      at org.apache.shiro.session.ProxiedSession.removeAttribute(ProxiedSession.java:135)
      at org.apache.shiro.subject.support.DelegatingSubject.clearRunAsIdentities(DelegatingSubject.java:424)
      at org.apache.shiro.subject.support.DelegatingSubject.logout(DelegatingSubject.java:322)
      at org.sonatype.nexus.security.filter.authc.NexusHttpAuthenticationFilter.afterCompletion(NexusHttpAuthenticationFilter.java:489)
      at org.apache.shiro.web.servlet.AdviceFilter.cleanup(AdviceFilter.java:172)
      at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:148)
      at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:81)
      at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
      at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:359)
      at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:275)
      at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
      at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
      at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:344)
      at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:272)
      at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:81)
      at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1148)
      at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:387)
      at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
      at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
      at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
      at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:417)
      at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
      at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
      at org.mortbay.jetty.Server.handle(Server.java:326)
      at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
      at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:879)
      at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:747)
      at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
      at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
      at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
      at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:520)
      

        Issue Links

          Activity

          Hide
          eXo SWF Team added a comment -

          I updated my config to have the User-Agent starting with Apache-Maven

          Show
          eXo SWF Team added a comment - I updated my config to have the User-Agent starting with Apache-Maven
          Hide
          Rich Seddon added a comment -

          Oh.... of course! Good catch. I bet that's the problem.

          Show
          Rich Seddon added a comment - Oh.... of course! Good catch. I bet that's the problem.
          Hide
          Brian Demers added a comment -

          Still happening in some cases,
          The running plan is do disable sessions for the anonymous user.

          Show
          Brian Demers added a comment - Still happening in some cases, The running plan is do disable sessions for the anonymous user.
          Hide
          Brian Demers added a comment -

          Anonymous login will NEVER get a session. If there is a unknown session, it will be removed, and the anonymous user will be logged in again.

          NOTE: I could not find a way to test this case manually. (I did create UT's that reproduced it)

          Show
          Brian Demers added a comment - Anonymous login will NEVER get a session. If there is a unknown session, it will be removed, and the anonymous user will be logged in again. NOTE: I could not find a way to test this case manually. (I did create UT's that reproduced it)
          Hide
          Peter Lynch added a comment -

          Tested manually via ui, enabling, disabling security. Also mucked with session timeouts and monitored the session cleanup validator for cleaning up sessions.

          Verified that no session cookies were sent to client when anonymous user used.

          Show
          Peter Lynch added a comment - Tested manually via ui, enabling, disabling security. Also mucked with session timeouts and monitored the session cleanup validator for cleaning up sessions. Verified that no session cookies were sent to client when anonymous user used.

            People

            • Assignee:
              Peter Lynch
              Reporter:
              Rich Seddon
              Last Updated By:
              Rich Seddon
            • Votes:
              2 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Date of First Response: