javaglassfishejbshiropayara

How to fix "org.apache.shiro.UnavailableSecurityManagerException" error with "SecurityUtils.getSubject()"

  1. I try to read data from web-server, which situated at some URL.

  2. In our company I use e-Commerce API, which works with the data from web-server.

  3. To retrieve the data at first I need to make pool of the data from web-server.

  4. To make the pool of data I need to configure connection.

  5. One part from step "I need to configure connection" is function getSession(), which uses the Shiro api(org.apache.shiro.SecurityUtils) so every time when I try to make connection with web-server and use the data from the web-server I become an Exception "Exception in thread "main" org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration."

Before writing this question I tried to look at logs and read about classes and problem, which describe there.

This all runs on Windows 10, Java 8, Payara Server(Glassfish), with EJBAPI and some e-Commerce API.

Import that I use

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;

at

ContentConfiguration conf = new ContentConfiguration(
                getSessionId(), 
                Constant.ENTITYMODELL, 
                Constant.EMPTY, 
                context);

protected static Session getSession()
{
    Subject subject = SecurityUtils.getSubject();
    if(subject.isAuthenticated())
        return subject.getSession();
    else
        return null;
}

Error Message

Exception in thread "main" org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
    at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
    at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627)
    at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
    at de.kolb.demo.data.ServiceLocator.getSessionId(ServiceLocator.java:15)
    at de.kolb.demo.logic.CommonTest.getCommonData(CommonTest.java:32)
    at de.kolb.demo.presentation.ContentDirector.main(ContentDirector.java:34)
Solution

  • I want to get answer which represent situation in my company, but a lot of principes, which i will to describe connect with common proplem in Shiro hub.

    1.My problem connect with getSessionId() enter image description here

    2.getSessionId() it's a function from company API. In this function i call org.apache.shiro.SecurityUtils.getSubject() enter link description here

    1. At this moment I thought about exception Message No SecurityManager accessible to the calling code.... Than I look at Shiro documentation here enter link description here. There i found, that every time when i use Aplication, which use authentication and autorisation i need to configure "SecurityManager" with "Realm" object.

      4.It is a small instruction and detailed instruction present at shiro site enter link description here