There is a bug in the core SessionHandler that has revealed that a session won't be written out as the response exits. See PR #12303.
This has revealed a problem in the core OpenId authentication - I'm not sure if this is just a problem with the test setup or a problem in the implementation, but once #12303 is fixed so the session will be saved on the way out of the response, the OpenId tests start to fail with java.io.NotSerializableException when the session is serialized. So there must be a session attribute that is non-serializable.
Jetty version(s) jetty-12.0.x
Jetty Environment core
There is a bug in the core
SessionHandler
that has revealed that a session won't be written out as the response exits. See PR #12303. This has revealed a problem in the coreOpenId
authentication - I'm not sure if this is just a problem with the test setup or a problem in the implementation, but once #12303 is fixed so the session will be saved on the way out of the response, theOpenId
tests start to fail withjava.io.NotSerializableException
when the session is serialized. So there must be a session attribute that is non-serializable.See:
https://jenkins.webtide.net/blue/organizations/jenkins/jetty.project/detail/PR-12303/3/pipeline