Non-serializable attribute S_SASFHelper

Question

Non-serializable attribute S_SASFHelper

Closed this issue 9 years ago · 3 comments

GoogleCodeExporter commented 9 years ago

What steps will reproduce the problem?

1. Deploy app using socialauth filter
2. App must have distributable / persisted sessions.
3. Invoke socialauth so the filter kicks in and DefaultSASFHelper tries to add 
itself to the session


What is the expected output? What do you see instead?

Non-serializable failure when DefaultSASFHelper tries to add itself to the 
session:

SEVERE: Servlet.service() for servlet default threw exception
java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute 
S_SASFHelper
    at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1351)
    at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1312)
    at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:130)
    at de.deltatree.social.web.filter.impl.DefaultSASFHelper.setSessionKey(DefaultSASFHelper.java:44)
    at de.deltatree.social.web.filter.impl.DefaultSASFHelper.<init>(DefaultSASFHelper.java:40)
    at de.deltatree.social.web.filter.impl.SocialAuthSecurityFilter.doFilter(SocialAuthSecurityFilter.java:48)
    at de.deltatree.social.web.filter.impl.SocialAuthSecurityFilter.doFilter(SocialAuthSecurityFilter.java:39)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)


What version of the product are you using? On what operating system?

socialauth-filter 2.4
tomcat-6 


Please provide any additional information below.

On distributable/persistent sessions in tomcat: 
https://tomcat.apache.org/tomcat-6.0-doc/config/manager.html#Special_Features

Original issue reported on code.google.com by foonug...@gmail.com on 19 Nov 2013 at 2:09

Answer 1 · 2016-03-30T12:10:15.000Z

You can use socialauth without session and create socialauth manager object and 
serialize it.

Original comment by tarun.na...@3pillarglobal.com on 27 Jan 2014 at 12:52

Answer 2 · 2016-03-30T12:10:15.000Z

Original comment by tarun.na...@3pillarglobal.com on 29 Jan 2014 at 1:22

Changed state: Done

Answer 3 · 2016-03-30T12:10:15.000Z

Unfortunately the socialauth-filter (see SocialAuthSecurityFilter and 
especially DefaultSASFHelper) makes heavy use of the session to handle the 
socialauth-filter flow ... 

But anyway I just took another look at this and realized if the 
DefaultSASFHelper is made serializable then this solves the issue. The 
container will happily add it to the session and the socialauth-filter flow 
works fine.

I've created a pull request for the fix: 
https://github.com/3pillarlabs/socialauth/pull/7

Original comment by foonug...@gmail.com on 5 Feb 2014 at 10:17