I am working on a ZK 7.0.2 project on glassfish 4.0 using Shiro for authentication. The user is logged in using the following code:
Subject currentUser = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
token.setRememberMe(false);
currentUser.login(token);
Executions.sendRedirect(HOME_URL);
Logout is accomplished using:
Subject subject = SecurityUtils.getSubject();
subject.logout();
Executions.getCurrent().sendRedirect("/login.zul");
When logging in, I hit a couple of nullpointer exceptions, but after a few tries it logs in. The stacktrace is shown below:
java.lang.NullPointerException
at org.glassfish.grizzly.http.server.Request.getRemoteAddr(Request.java:1169)
at org.apache.catalina.connector.Request.getRemoteAddr(Request.java:1696)
at org.apache.catalina.connector.Request.getRemoteHost(Request.java:1709)
at org.apache.catalina.connector.RequestFacade.getRemoteHost(RequestFacade.java:575)
at javax.servlet.ServletRequestWrapper.getRemoteHost(ServletRequestWrapper.java:284)
at org.apache.shiro.web.subject.support.DefaultWebSubjectContext.resolveHost(DefaultWebSubjectContext.java:55)
at org.apache.shiro.web.mgt.DefaultWebSubjectFactory.createSubject(DefaultWebSubjectFactory.java:58)
at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344)
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at com.csmp.zk.auth.Login.onClick$submit(Login.java:52)
When logging out, I get similar behavior. The stacktrace encountered when logging out is shown below.
Delegate RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception during onSuccessfulLogin. RememberMe services will not be performed for account [admin].
java.lang.IllegalStateException: Internal org.glassfish.grizzly.http.server.Response has not been set
at org.glassfish.grizzly.http.server.Response.checkResponse(Response.java:1840) ~[nucleus-grizzly-all.jar:na]
at org.glassfish.grizzly.http.server.Response.isCommitted(Response.java:708) ~[nucleus-grizzly-all.jar:na]
at org.apache.catalina.connector.Response.isCommitted(Response.java:807) ~[web-core.jar:na]
at org.apache.catalina.connector.Response.isAppCommitted(Response.java:448) ~[web-core.jar:na]
at org.apache.catalina.connector.ResponseFacade.isCommitted(ResponseFacade.java:363) ~[web-core.jar:na]
at org.apache.catalina.connector.ResponseFacade.addHeader(ResponseFacade.java:576) ~[web-core.jar:na]
at org.apache.shiro.web.servlet.SimpleCookie.addCookieHeader(SimpleCookie.java:223) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.web.servlet.SimpleCookie.removeFrom(SimpleCookie.java:355) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.web.mgt.CookieRememberMeManager.forgetIdentity(CookieRememberMeManager.java:288) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.web.mgt.CookieRememberMeManager.forgetIdentity(CookieRememberMeManager.java:260) ~[shiro-web-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.AbstractRememberMeManager.onSuccessfulLogin(AbstractRememberMeManager.java:293) ~[shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.DefaultSecurityManager.rememberMeSuccessfulLogin(DefaultSecurityManager.java:206) [shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.DefaultSecurityManager.onSuccessfulLogin(DefaultSecurityManager.java:291) [shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:285) [shiro-core-1.2.3.jar:1.2.3]
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [shiro-core-1.2.3.jar:1.2.3]
at com.csmp.zk.auth.Login.onClick$submit(Login.java:52) [Login.class:na]
I've tried various hacks but with no success. Any help will be much appreciated. Thanks.
It turns out this error was caused by adding
<disable-event-thread>false</disable-event-thread>
to the zk.xml file.