1
인증을 위해 Shiro를 사용하여 glassfish 4.0에서 ZK 7.0.2 프로젝트를 진행하고 있습니다. 사용자는 다음 코드를 사용하여 기록됩니다Shiro와 로그 아웃 할 때 IllegalStateException이 발생했습니다.
Subject currentUser = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
token.setRememberMe(false);
currentUser.login(token);
Executions.sendRedirect(HOME_URL);
로그 아웃을 사용하여 수행됩니다 : 로그인 할 때
Subject subject = SecurityUtils.getSubject();
subject.logout();
Executions.getCurrent().sendRedirect("/login.zul");
, 나는 nullpointer 예외의 몇 가지를 공격하지만, 몇 번의 시도 후에는에 기록합니다. stacktrace는 아래와 같습니다.
java.lang.NullPointerException
at org.glassfish.grizzly.http.server.Request.getRemoteAddr(Request.java:1169)
at org.apache.catalina.connector.Request.getRemoteAddr(Request.java:1696)
at org.apache.catalina.connector.Request.getRemoteHost(Request.java:1709)
at org.apache.catalina.connector.RequestFacade.getRemoteHost(RequestFacade.java:575)
at javax.servlet.ServletRequestWrapper.getRemoteHost(ServletRequestWrapper.java:284)
at org.apache.shiro.web.subject.support.DefaultWebSubjectContext.resolveHost(DefaultWebSubjectContext.java:55)
at org.apache.shiro.web.mgt.DefaultWebSubjectFactory.createSubject(DefaultWebSubjectFactory.java:58)
at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at com.csmp.zk.auth.Login.onClick$submit(Login.java:52)
로그 아웃 할 때 비슷한 동작을합니다. 로그 아웃 할 때 발생하는 스택 추적은 아래와 같습니다.
Delegate RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception during onSuccessfulLogin. RememberMe services will not be performed for account [admin].
java.lang.IllegalStateException: Internal org.glassfish.grizzly.http.server.Response has not been set
at org.glassfish.grizzly.http.server.Response.checkResponse(Response.java:1840) ~[nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.http.server.Response.isCommitted(Response.java:708) ~[nucleus-grizzly-all.jar:na]
at org.apache.catalina.connector.Response.isCommitted(Response.java:807) ~[web-core.jar:na]
at org.apache.catalina.connector.Response.isAppCommitted(Response.java:448) ~[web-core.jar:na]
at org.apache.catalina.connector.ResponseFacade.isCommitted(ResponseFacade.java:363) ~[web-core.jar:na]
at org.apache.catalina.connector.ResponseFacade.addHeader(ResponseFacade.java:576) ~[web-core.jar:na]
at org.apache.shiro.web.servlet.SimpleCookie.addCookieHeader(SimpleCookie.java:223) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.web.servlet.SimpleCookie.removeFrom(SimpleCookie.java:355) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.web.mgt.CookieRememberMeManager.forgetIdentity(CookieRememberMeManager.java:288) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.web.mgt.CookieRememberMeManager.forgetIdentity(CookieRememberMeManager.java:260) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.AbstractRememberMeManager.onSuccessfulLogin(AbstractRememberMeManager.java:293) ~[shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.DefaultSecurityManager.rememberMeSuccessfulLogin(DefaultSecurityManager.java:206) [shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.DefaultSecurityManager.onSuccessfulLogin(DefaultSecurityManager.java:291) [shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:285) [shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [shiro-core-1.2.3.jar:1.2.3]
at com.csmp.zk.auth.Login.onClick$submit(Login.java:52) [Login.class:na]
다양한 해킹을 시도했지만 성공하지 못했습니다. 어떤 도움을 많이 주시면 감사하겠습니다. 감사.