Vaadin & Apache Shiro - Session Expired

Asked Dec 17 '14 at 09:03

Active Aug 13 '15 at 12:20

Viewed 830 times

User logs in ok, logs out ok, but if he immediately makes another attempt to log in (input login/pass + enter) he receives popup

Session Expired
Take note of any unsaved data, and click here or press ESC key to continue.

Subject currentUser = SecurityUtils.getSubject();
currentUser.login(new UsernamePasswordToken(event.getLogin(), event.getPassword()));

Log out operation also:

Subject currentUser = SecurityUtils.getSubject();
currentUser.logout();

After the log out user is redirected to login page and when he enters credentials again he gets the warning about expired session. Why new session is not started? How to start it? Or maybe this approach isn't correct at all?

P.S. I also tried

VaadinSession.getCurrent().close();

but result was the same.

asked Dec 17 '14 at 09:03

tmporaries

1,523
8
25
39

This issue is probably about your approach with Vaadin and its UI/Session, not about Shiro. Please provide the methods that are around you Shiro code. – michaelbahr Jun 30 '15 at 14:11
Are you using Push? an Apache Proxy maybe? – Supamiu Sep 11 '15 at 12:06
Did you follow this section: https://vaadin.com/vaadin-documentation-portlet/framework/application/application-lifecycle.html#application.lifecycle.session-closing ? – JDC Jan 28 '16 at 06:45

Vaadin & Apache Shiro - Session Expired

0 Answers0