shiro与Druid冲突导致"Session already invalidated"异常及其解决办法

最新推荐文章于 2022-10-13 14:12:51 发布
原创 最新推荐文章于 2022-10-13 14:12:51 发布 · 置顶 · 4.7k 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#session #异常 #shiro

本文探讨了在使用Shiro框架进行用户注销时遇到的一种特殊情况,即在Controller中调用subject.logout()时出现的session已失效错误,并给出了具体的解决方案。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

在controller中调用subject.logout()注销登录时会抛出如下异常:

java.lang.IllegalStateException: getAttribute: Session already invalidated
at org.apache.catalina.session.StandardSession.getAttribute(StandardSession.java:1189)
at org.apache.catalina.session.StandardSessionFacade.getAttribute(StandardSessionFacade.java:120)
at org.apache.shiro.web.session.HttpServletSession.getAttribute(HttpServletSession.java:146)
at org.apache.shiro.session.ProxiedSession.getAttribute(ProxiedSession.java:121)
at org.apache.shiro.subject.support.DelegatingSubject.getRunAsPrincipalsStack(DelegatingSubject.java:469)
at org.apache.shiro.subject.support.DelegatingSubject.getPrincipals(DelegatingSubject.java:153)
at org.apache.shiro.subject.support.DelegatingSubject.getPrincipal(DelegatingSubject.java:149)
at org.apache.shiro.web.servlet.ShiroHttpServletRequest.getSubjectPrincipal(ShiroHttpServletRequest.java:95)
at org.apache.shiro.web.servlet.ShiroHttpServletRequest.getUserPrincipal(ShiroHttpServletRequest.java:111)
at org.springframework.web.servlet.FrameworkServlet.getUsernameForRequest(FrameworkServlet.java:1087)
at org.springframework.web.servlet.FrameworkServlet.publishRequestHandledEvent(FrameworkServlet.java:1073)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1001)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:868)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at dd.client.web.filter.SecurityFilter.doFilter(SecurityFilter.java:72)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:503)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)

原因是shiro与Druid发生冲突,shiro清空session之后 Drui还需用到该session,解决办法是在Druid对应的配置文件中删掉以下内容:

<init-param>
<param-name>principalSessionName</param-name>
<param-value>USER_INFO</param-value>
</init-param>

csdn李文龙
关注
drozer报错解决
杉木人
07-30 3767
1、安装好drozer的PC端和手机端后 2、CMD下输入 drozer console connect 3、可能出现下列问题  问题一(找不到Java路径): Could not find java. Please ensure that it is installed and on your PATH. If this error persists, specify the p...
session already invalidate
weixin_34191845的博客
03-17 892
2019独角兽企业重金招聘Python工程师标准>>> ...
Session already invalidated
不见长安见晨雾
01-23 1万+
错误代码java.lang.IllegalStateException: getAttribute: Session already invalidated at org.apache.catalina.session.StandardSession.getAttribute(StandardSession.java:1176) 问题原因: 因为执行了request.getSession()
Session has already been invalidated
灬王小乖灬的博客
08-03 6344
今天在登录后台系统时发现登不上,报错了【Session has already been invalidated】,一脸懵,参考https://blog.csdn.net/u012867699/article/details/77942712 博友的文章,发现是自己做了件蠢事,特此记录。 问题定位: public static void set2Session(String name, O...
Shiro session already invalidated问题
燃烧JAVA
07-24 4258
最后遇到通过shiro取登录用户信息,报session already invalidated异常的问题,调用代码如下: final Subject subject = SecurityUtils.getSubject(); if (subject != null &amp;&amp; subject.isAuthenticated()) { final Session session = ...
基于java的SSM+Shiro+Druid实现的企业资产后台管理系统代码
04-20
SSM+Shiro+Druid实现的企业资产后台管理系统代码分享 项目描述 随着企业的发展,很多中小企业的规模越来越大,需要管理资产也越来越多,比如显示器,主机,打印机,传真机,复印机,电话,装订机,空调,饮水机,...
Spirng Boot+Shiro+Druid+Mybatis Plus+Mysql搭建基础框架实现登录用户认证
07-31
Spirng Boot+Shiro+Druid+Mybatis Plus+Mysql搭建基础框架实现登录用户认证 可直接下载运行
springboot +shiro+redis实现session共享(方案二)1
08-08
本文档旨在介绍如何使用 Spring Boot、Shiro 和 Redis 实现分布式 session 共享,以解决 Web 应用程序的登录 session 统一问题。 2. 相关依赖 在实现 session 共享之前,需要在项目中引入相关依赖项,包括: * ...
Spring配置shiro时自定义Realm中属性无法使用注解注入的解决办法
08-26
在Spring集成Shiro进行安全控制时,我们常常需要自定义Realm来实现权限验证授权功能。然而,在实际操作中,可能会遇到一个问题:当我们在自定义的Realm类中使用注解(@Autowired)尝试注入Spring管理的Bean时,这些...
SpringBoot整合Shiro示例实现动态权限加载更新+Session共享+单点登录
06-19
SpringBoot整合Shiro示例实现动态权限加载更新+Session共享+单点登录 SpringBoot整合Shiro示例实现动态权限加载更新+Session共享+单点登录 SpringBoot整合Shiro示例实现动态权限加载更新+Session共享+单点登录 ...
java.lang.IllegalStateException: getAttribute: Session already invalidated 会话失效 异常解决
学英语的程序员
10-13 4667
java.lang.IllegalStateException: getAttribute: Session already invalidated 会话失效 异常解决
session already invalidated
qq 117791303
03-12 597
我这边发现的是数据库user表被锁了,但是很明显代码应该也有缺陷,没很明显的提示哦。
java.lang.IllegalStateException: getAttribute: Session already invalidated
weixin_44826970的博客
08-12 1068
org.apache.shiro.session.InvalidSessionException: java.lang.IllegalStateException: getAttribute: Session already invalidated1.报错信息2.解决思路3.报错原因4.解决方案 1.报错信息 严重: Servlet.service() for servlet [springmvc] in context with path [/om-waqs] threw exception [org.a
Session already invalidated报错解决
文武傲群雄,彳亍定江山
02-15 6451
原因: 获取session对象进行session.方法时,session已经失效 解决: 提前判断session是否失效或者 session != null
处理异常getAttribute: Session already invalidated
顾传龙
11-17 2万+
转自:http://www.java3z.com/cwbwebhome/article/article8/83499.html?id=4560
cas logout 报session already invalidated(struts2报错)
heyeweiwan的专栏
08-21 1403
原因是由于:cas注销的时候通知client端注销session返回service或logout页面是异步的。导致返回页面执行了。但是client端的session未注销。。导致执行到struts的时候 session注销了。 解决办法:改成同步 1:AbstractWebApplicationService---》return this.httpClient.sendM
异常 java.lang.IllegalStateException: getAttribute: Session already invalidated的理解
热门推荐
wang12的专栏
09-16 6万+
最近项目日志中总是抛出异常                                   java.lang.IllegalStateException: getAttribute: Session already invalidated 经调查发现,问题出在HttpS
shiro程序遇到java.lang.IllegalStateException: setAttribute: Session already invalidated错误
weixin_45359574的博客
08-18 1988
今天自己做一个项目时,想用thymeleaf模板动态显示登陆的用户名。所以在登陆的方法中用Session存储用户名,但遇到了java.lang.IllegalStateException: setAttribute: Session already invalidated 这个错误。先来分析一下。 这是我原来的代码。 @PostMapping("/login") public String login(String username, String password, HttpSession ses
Java集成ShiroDruid监控的SpringBoot+Mybatis实践
Java SpringBoot、Mybatis、DruidShiro是目前Java开发中常用的几个框架和工具。在本示例中,我们将整合这些技术,搭建一个基础的演示项目,该项目使用SpringBoot作为基础框架,Mybatis作为数据持久层框架,Druid...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值