You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "Martin Tzvetanov Grigorov (Jira)" <ji...@apache.org> on 2022/08/10 07:15:00 UTC

[jira] [Resolved] (WICKET-6996) NotSerializableException near KeyInSessionSunJceCryptFactory

     [ https://issues.apache.org/jira/browse/WICKET-6996?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Tzvetanov Grigorov resolved WICKET-6996.
-----------------------------------------------
    Fix Version/s: 10.0.0
                   9.12.0
       Resolution: Fixed

Thanks for the report, [~ekonijnenburg] !

> NotSerializableException near KeyInSessionSunJceCryptFactory
> ------------------------------------------------------------
>
>                 Key: WICKET-6996
>                 URL: https://issues.apache.org/jira/browse/WICKET-6996
>             Project: Wicket
>          Issue Type: Bug
>          Components: wicket-core
>    Affects Versions: 9.11.0
>            Reporter: Erik van Konijnenburg
>            Assignee: Martin Tzvetanov Grigorov
>            Priority: Major
>             Fix For: 10.0.0, 9.12.0
>
>         Attachments: cryptofactorybug.zip, log.txt
>
>
> With the CryptoMapper, serializing the session results in a NotSerializableException:
> {code:java}
>  [main] ERROR org.apache.wicket.serialize.java.JavaSerializer - Error serializing object class org.apache.wicket.protocol.http.WebSession [object=org.apache.wicket.protocol.http.WebSession@f667fe]
> org.apache.wicket.core.util.objects.checker.CheckingObjectOutputStream$ObjectCheckException: The object type is not Serializable!
> A problem occurred while checking object with type: org.apache.wicket.core.util.crypt.KeyInSessionSunJceCryptFactory
> Field hierarchy is:
>    [class=org.apache.wicket.protocol.http.WebSession]
>     private org.apache.wicket.MetaDataEntry[] org.apache.wicket.Session.metaData [class=[Lorg.apache.wicket.MetaDataEntry;]
>       private org.apache.wicket.MetaDataEntry[] org.apache.wicket.Session.metaData[0] [class=org.apache.wicket.MetaDataEntry]
>         final org.apache.wicket.MetaDataKey org.apache.wicket.MetaDataEntry.key [class=org.apache.wicket.MetaDataKey]
>           final org.apache.wicket.core.util.crypt.AbstractKeyInSessionCryptFactory org.apache.wicket.core.util.crypt.AbstractKeyInSessionCryptFactory$1.this$0{code}
> In the attached quickstart project this happens when logging the size of the session; a more direct way to trigger the issue is like so
> {code:java}
>  	@Test
> 	public void testSerialization() throws IOException {
> 	    tester.startPage(HomePage.class);
> 	    ObjectOutputStream objectStream = new ObjectOutputStream(new ByteArrayOutputStream());
> 	    objectStream.writeObject(tester.getSession());
> 	}{code}
> The workaround is to make a serializable subclass of KeyInSessionSunJceCryptFactory.
> Tested with wicket-9.11.0,  oracle jdk-11.0.16, ubuntu 20.04
> Untested: I suspect this problem was introduced when factoring out AbstractKeyInSessionCryptFactory, the following field lost the 'static' modifier at that point:
> {code:java}
> 	/** metadata-key used to store crypto-key in session metadata */
> 	private final MetaDataKey<T> KEY = new MetaDataKey<T>()
> 	{
> 		private static final long serialVersionUID = 1L;
> 	}; {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)