moraskiod / socialauth

Automatically exported from code.google.com/p/socialauth
0 stars 0 forks source link

Non-serializable attribute S_SASFHelper #313

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?

1. Deploy app using socialauth filter
2. App must have distributable / persisted sessions.
3. Invoke socialauth so the filter kicks in and DefaultSASFHelper tries to add 
itself to the session

What is the expected output? What do you see instead?

Non-serializable failure when DefaultSASFHelper tries to add itself to the 
session:

SEVERE: Servlet.service() for servlet default threw exception
java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute 
S_SASFHelper
    at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1351)
    at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1312)
    at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:130)
    at de.deltatree.social.web.filter.impl.DefaultSASFHelper.setSessionKey(DefaultSASFHelper.java:44)
    at de.deltatree.social.web.filter.impl.DefaultSASFHelper.<init>(DefaultSASFHelper.java:40)
    at de.deltatree.social.web.filter.impl.SocialAuthSecurityFilter.doFilter(SocialAuthSecurityFilter.java:48)
    at de.deltatree.social.web.filter.impl.SocialAuthSecurityFilter.doFilter(SocialAuthSecurityFilter.java:39)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

What version of the product are you using? On what operating system?

socialauth-filter 2.4
tomcat-6 

Please provide any additional information below.

On distributable/persistent sessions in tomcat: 
https://tomcat.apache.org/tomcat-6.0-doc/config/manager.html#Special_Features

Original issue reported on code.google.com by foonug...@gmail.com on 19 Nov 2013 at 2:09

GoogleCodeExporter commented 8 years ago
You can use socialauth without session and create socialauth manager object and 
serialize it.

Original comment by tarun.na...@3pillarglobal.com on 27 Jan 2014 at 12:52

GoogleCodeExporter commented 8 years ago

Original comment by tarun.na...@3pillarglobal.com on 29 Jan 2014 at 1:22

GoogleCodeExporter commented 8 years ago
Unfortunately the socialauth-filter (see SocialAuthSecurityFilter and 
especially DefaultSASFHelper) makes heavy use of the session to handle the 
socialauth-filter flow ... 

But anyway I just took another look at this and realized if the 
DefaultSASFHelper is made serializable then this solves the issue. The 
container will happily add it to the session and the socialauth-filter flow 
works fine.

I've created a pull request for the fix: 
https://github.com/3pillarlabs/socialauth/pull/7

Original comment by foonug...@gmail.com on 5 Feb 2014 at 10:17