Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 357672

Summary: Serialization error in Mongo nosql session store
Product: [RT] Jetty Reporter: John Simone <jsimone>
Component: serverAssignee: Jesse McConnell <jesse.mcconnell>
Status: CLOSED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: jesse.mcconnell, jetty-inbox, jsimone
Version: unspecified   
Target Milestone: 7.5.x   
Hardware: Macintosh   
OS: Mac OS X - Carbon (unsup.)   
Whiteboard:
Attachments:
Description Flags
Patch to Fix the issue
none
Servlet that illustrates the error condition none

Description John Simone CLA 2011-09-14 14:56:19 EDT
Build Identifier: 7.5.1.v20110908

The MongoSessionManager throws an error when it tries to deserialize a POJO. It looks to be an issue with the way the object is serialized to a byte array on storage into Mongo. Attaching a patch to fix the issue.


2011-09-14 11:26:28.698:WARN:oejnm.MongoSessionManager:
java.io.StreamCorruptedException: invalid stream header: 79737200
	at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:782)
	at java.io.ObjectInputStream.<init>(ObjectInputStream.java:279)
	at org.eclipse.jetty.nosql.mongodb.MongoSessionManager.decodeValue(MongoSessionManager.java:447)
	at org.eclipse.jetty.nosql.mongodb.MongoSessionManager.loadSession(MongoSessionManager.java:318)
	at org.eclipse.jetty.nosql.NoSqlSessionManager.getSession(NoSqlSessionManager.java:68)
	at org.eclipse.jetty.server.session.AbstractSessionManager.getHttpSession(AbstractSessionManager.java:254)
	at org.eclipse.jetty.server.session.SessionHandler.checkRequestedSessionId(SessionHandler.java:269)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:152)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:874)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
	at org.eclipse.jetty.server.Server.handle(Server.java:349)
	at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)
	at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:904)
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:565)
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:217)
	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:46)
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:545)
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:43)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)
	at java.lang.Thread.run(Thread.java:680)


Reproducible: Always

Steps to Reproduce:
1. Put the attached TestServlet.java into a project and deploy it to a container using Mongo backed sessions. Default options are fine.
2. Hit the servlet a few times and note the count going up in the logs.
3. Restart your server to clear the in memory sessions.
4. Hit the servlet from the same browser as before. You should get an error when CountHolder is deserialized and the count will start over since the relevant session data could not be retrieved
Comment 1 John Simone CLA 2011-09-14 14:58:06 EDT
Created attachment 203360 [details]
Patch to Fix the issue

This patch removes the call to reset the byte stream that underlies the object output stream. It seems that this call was wiping out the header information for the serialization.
Comment 2 John Simone CLA 2011-09-14 14:59:44 EDT
Created attachment 203361 [details]
Servlet that illustrates the error condition
Comment 3 Jesse McConnell CLA 2011-09-15 08:49:37 EDT
John,

removed the line you found and will have that committed shortly, I'll leave this issue open though and assign to me so I can build out a proper test case for this case
Comment 4 Jesse McConnell CLA 2011-09-20 13:36:43 EDT
closing since mongo tests require a server we should work out another way to test it