You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "Martin Tzvetanov Grigorov (Jira)" <ji...@apache.org> on 2022/08/10 07:13:00 UTC
[jira] [Assigned] (WICKET-6996) NotSerializableException near KeyInSessionSunJceCryptFactory
[ https://issues.apache.org/jira/browse/WICKET-6996?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Tzvetanov Grigorov reassigned WICKET-6996:
-------------------------------------------------
Assignee: Martin Tzvetanov Grigorov
> NotSerializableException near KeyInSessionSunJceCryptFactory
> ------------------------------------------------------------
>
> Key: WICKET-6996
> URL: https://issues.apache.org/jira/browse/WICKET-6996
> Project: Wicket
> Issue Type: Bug
> Components: wicket-core
> Affects Versions: 9.11.0
> Reporter: Erik van Konijnenburg
> Assignee: Martin Tzvetanov Grigorov
> Priority: Major
> Attachments: cryptofactorybug.zip, log.txt
>
>
> With the CryptoMapper, serializing the session results in a NotSerializableException:
> {code:java}
> [main] ERROR org.apache.wicket.serialize.java.JavaSerializer - Error serializing object class org.apache.wicket.protocol.http.WebSession [object=org.apache.wicket.protocol.http.WebSession@f667fe]
> org.apache.wicket.core.util.objects.checker.CheckingObjectOutputStream$ObjectCheckException: The object type is not Serializable!
> A problem occurred while checking object with type: org.apache.wicket.core.util.crypt.KeyInSessionSunJceCryptFactory
> Field hierarchy is:
> [class=org.apache.wicket.protocol.http.WebSession]
> private org.apache.wicket.MetaDataEntry[] org.apache.wicket.Session.metaData [class=[Lorg.apache.wicket.MetaDataEntry;]
> private org.apache.wicket.MetaDataEntry[] org.apache.wicket.Session.metaData[0] [class=org.apache.wicket.MetaDataEntry]
> final org.apache.wicket.MetaDataKey org.apache.wicket.MetaDataEntry.key [class=org.apache.wicket.MetaDataKey]
> final org.apache.wicket.core.util.crypt.AbstractKeyInSessionCryptFactory org.apache.wicket.core.util.crypt.AbstractKeyInSessionCryptFactory$1.this$0{code}
> In the attached quickstart project this happens when logging the size of the session; a more direct way to trigger the issue is like so
> {code:java}
> @Test
> public void testSerialization() throws IOException {
> tester.startPage(HomePage.class);
> ObjectOutputStream objectStream = new ObjectOutputStream(new ByteArrayOutputStream());
> objectStream.writeObject(tester.getSession());
> }{code}
> The workaround is to make a serializable subclass of KeyInSessionSunJceCryptFactory.
> Tested with wicket-9.11.0, oracle jdk-11.0.16, ubuntu 20.04
> Untested: I suspect this problem was introduced when factoring out AbstractKeyInSessionCryptFactory, the following field lost the 'static' modifier at that point:
> {code:java}
> /** metadata-key used to store crypto-key in session metadata */
> private final MetaDataKey<T> KEY = new MetaDataKey<T>()
> {
> private static final long serialVersionUID = 1L;
> }; {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)