Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 328274 - SessionAuthentication serialization error
Summary: SessionAuthentication serialization error
Status: CLOSED DUPLICATE of bug 328273
Alias: None
Product: Jetty
Classification: RT
Component: server (show other bugs)
Version: 7.2.0.RC0   Edit
Hardware: PC Linux
: P3 normal (vote)
Target Milestone: 7.1.x   Edit
Assignee: Greg Wilkins CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-10-20 13:42 EDT by Jesse McConnell CLA
Modified: 2010-10-20 13:45 EDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jesse McConnell CLA 2010-10-20 13:42:39 EDT 
(Reported on mailing list)

    I have used the jetty server 7.1.3 as the app server for a while. First the JAAS (Java Authentication and Authorization service) is used and it worked with no error. 
     Secondly, we tried to use the Session Clustering with Database, a feature offered by the jetty server also. It's for the case in which there are multiple server instances running in a load balancing environment. The DB is used as a persistent storage for the session's attributes so the attributes can be shared by the server instances.

     However, when the JAAS and Session Clustering with DB are in effect at the same time, a NonSerializableException  was thrown as follows,

     2010-10-06 15:51:08.549:WARN::Problem persisting changed session data id=fredsft3xjud8yc59jaiszql57lo
java.io.NotSerializableException: org.eclipse.jetty.server.session.JDBCSessionManager
      at java.io.ObjectOutputStream.writeObject0(Unknown Source)
      at java.io.ObjectOutputStream.defaultWriteFields(Unknown Source)
      at java.io.ObjectOutputStream.writeSerialData(Unknown Source)
      at java.io.ObjectOutputStream.writeOrdinaryObject(Unknown Source)
      at java.io.ObjectOutputStream.writeObject0(Unknown Source)
      at java.io.ObjectOutputStream.defaultWriteFields(Unknown Source)
      at java.io.ObjectOutputStream.writeSerialData(Unknown Source)
      at java.io.ObjectOutputStream.writeOrdinaryObject(Unknown Source)
      at java.io.ObjectOutputStream.writeObject0(Unknown Source)
      at java.io.ObjectOutputStream.writeObject(Unknown Source)
      at java.util.concurrent.ConcurrentHashMap.writeObject(Unknown Source)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
      at java.lang.reflect.Method.invoke(Unknown Source)
      at java.io.ObjectStreamClass.invokeWriteObject(Unknown Source)
      at java.io.ObjectOutputStream.writeSerialData(Unknown Source)
      at java.io.ObjectOutputStream.writeOrdinaryObject(Unknown Source)
      at java.io.ObjectOutputStream.writeObject0(Unknown Source)
      at java.io.ObjectOutputStream.writeObject(Unknown Source)
      at org.eclipse.jetty.server.session.JDBCSessionManager.updateSession(JDBCSessionManager.java:949)
      at org.eclipse.jetty.server.session.JDBCSessionManager$Session.complete(JDBCSessionManager.java:341)
      at org.eclipse.jetty.server.session.AbstractSessionManager.complete(AbstractSessionManager.java:144)
      at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:199)
      at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:860)
      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
      at org.eclipse.jetty.server.handler.HandlerList.handle(HandlerList.java:47)
      at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)
      at org.eclipse.jetty.server.Server.handle(Server.java:335)
      at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:588)
      at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:1029)
      at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:549)
      at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
      at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:418)
      at org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:489)
      at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
      at java.lang.Thread.run(Unknown Source)

   Debugging into the code, it was found that the problem was caused in the following steps:

   1). In the process of the JAAS, the code sets a class: SessionAuthentication as a session attribute. SessionAuthentication is implemented as a serializable object but its member, DefaultUserIdentity is not. So the SessionAuthentication is not a serializable object at all;
   2). In Session Clustering with DB process, the JDBCSessionManager tried to save all the sessions' attributes-all of them must be serializable-to the database. However, one of the attribute, SessionAuthentication, is not a serialiable object, so the above exception is thrown and the process is interrupted.

   Kindly hope you can help me for this.
Comment 1 Jesse McConnell CLA 2010-10-20 13:45:53 EDT 

*** This bug has been marked as a duplicate of bug 328273 ***