You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@myfaces.apache.org by Bill Lucy <wt...@gmail.com> on 2018/01/25 16:59:26 UTC

InvalidClassException for implementation class during deserialization

Hi all; during system testing, we encountered an serialization issue with
an implementation object:

Stack Dump = java.io.InvalidClassException:
org.apache.myfaces.flow.cdi.FlowScopeBeanHolder; local class incompatible:
stream classdesc serialVersionUID = 6651888197021431040, local class
serialVersionUID = 1930504301402424825

In this scenario, two systems generated two different serialVersionUID for
the FlowScopeBeanHolder.  This type of scenario is avoided by defining a
serialVersionUID field on the class, which the FlowScopeBeanHolder doesn't
have.  It looks like we've only done that inconsistently throughout the
implementation.  At a quick glance I see over 100 Serializable classes that
don't have the UID (via "grep -rl Serializable | xargs grep -L
serialVersionUID").

We should add a serialVersionUID to the Serializable classes that don't
define it in oam.cdi.*, oam.application.*, oam.flow.*, oam.context.*, and
probably javax.faces.component.*.  However, I'm not sure if the UID is
really necessary in the oam.config.* classes that don't define it.

Regards,
Bill Lucy