You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Kalle Korhonen (JIRA)" <ji...@apache.org> on 2010/07/05 16:49:50 UTC

[jira] Assigned: (SHIRO-182) SimpleSession cannot be deserialized

     [ https://issues.apache.org/jira/browse/SHIRO-182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kalle Korhonen reassigned SHIRO-182:
------------------------------------

    Assignee: Kalle Korhonen

> SimpleSession cannot be deserialized
> ------------------------------------
>
>                 Key: SHIRO-182
>                 URL: https://issues.apache.org/jira/browse/SHIRO-182
>             Project: Shiro
>          Issue Type: Bug
>          Components: Caching , Session Management
>    Affects Versions: 1.1.0, Incubation
>         Environment: Linux 2.6.34 x86_64
> java version "1.5.0_12"
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_12-b04)
> Java HotSpot(TM) 64-Bit Server VM (build 1.5.0_12-b04, mixed mode)
>            Reporter: Favio D. DeMarco
>            Assignee: Kalle Korhonen
>
> org.apache.shiro.session.mgt.SimpleSession fails deserialization with the following error:
> 	at java.io.ObjectInputStream$BlockDataInputStream.readByte(ObjectInputStream.java:2666)
> 	at java.io.ObjectInputStream$BlockDataInputStream.readUTFChar(ObjectInputStream.java:3058)
> 	at java.io.ObjectInputStream$BlockDataInputStream.readUTFBody(ObjectInputStream.java:2955)
> 	at java.io.ObjectInputStream$BlockDataInputStream.readUTF(ObjectInputStream.java:2764)
> 	at java.io.ObjectInputStream.readUTF(ObjectInputStream.java:1032)
> 	at org.apache.shiro.session.mgt.SimpleSession.readObject(SimpleSession.java:481)
> There is a problem with the way the 'expired' flag is managed. In writeObject the 'expired' flag is written if it's set:
> if (expired) {
>     out.writeBoolean(expired);
> }
> But, in getAlteredFieldsBitMask, the bit in the bit mask is only set when the 'exprired' flag is not set:
> bitMask = !expired ? bitMask | EXPIRED_BIT_MASK : bitMask;
> A short test:
> SimpleSession session = new SimpleSession("localhost");
> //  This doesn't work either
> // session.setExpired(true);
> ByteArrayOutputStream serialized = new ByteArrayOutputStream();
> ObjectOutputStream serializer = new ObjectOutputStream(serialized);
> serializer.writeObject(session);
> serializer.close();
> new ObjectInputStream(new ByteArrayInputStream(serialized.toByteArray())).readObject();

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.