uPortal stores some non-serializable objects in HttpSessions

Description

Issue was recently created and resolved regarding turning off Tomcat session serialization/rehydration by default because uPortal stores some non-serializable objects in HttpSessions. I feel uPortal should not store some non-serializable objects in HttpSessions. I believe this restricts our ability to use session replication in clustered environments.

I do not know what objects are currently non-serializable.

Environment

None

Activity

Show:
Eric Dalquist
December 12, 2008, 11:40 PM

No non-serializable objects should be stored in the uPortal session

Eric Dalquist
February 10, 2009, 8:29 PM

Feb 10, 2009 1:28:44 PM org.apache.catalina.session.StandardManager start
SEVERE: Exception loading sessions from persistent storage
java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: org.apache.pluto.internal.impl.PortletSessionImpl
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1333)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351)
at java.util.concurrent.ConcurrentHashMap.readObject(ConcurrentHashMap.java:1275)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:974)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1849)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1753)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1329)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351)
at org.apache.catalina.session.StandardSession.readObject(StandardSession.java:1439)
at org.apache.catalina.session.StandardSession.readObjectData(StandardSession.java:942)
at org.apache.catalina.session.StandardManager.doLoad(StandardManager.java:394)
at org.apache.catalina.session.StandardManager.load(StandardManager.java:321)
at org.apache.catalina.session.StandardManager.start(StandardManager.java:637)
at org.apache.catalina.core.ContainerBase.setManager(ContainerBase.java:438)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4271)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:924)
at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:887)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:492)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1147)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at org.apache.catalina.core.StandardService.start(StandardService.java:516)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: java.io.NotSerializableException: org.apache.pluto.internal.impl.PortletSessionImpl
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1156)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:326)
at java.util.concurrent.ConcurrentHashMap.writeObject(ConcurrentHashMap.java:1247)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java:945)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1461)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1392)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1150)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:326)
at org.apache.catalina.session.StandardSession.writeObject(StandardSession.java:1515)
at org.apache.catalina.session.StandardSession.writeObjectData(StandardSession.java:959)
at org.apache.catalina.session.StandardManager.doUnload(StandardManager.java:517)
at org.apache.catalina.session.StandardManager.unload(StandardManager.java:463)
at org.apache.catalina.session.StandardManager.stop(StandardManager.java:667)
at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4512)
at org.apache.catalina.core.ContainerBase.removeChild(ContainerBase.java:924)
at org.apache.catalina.startup.HostConfig.undeployApps(HostConfig.java:1189)
at org.apache.catalina.startup.HostConfig.stop(HostConfig.java:1160)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:313)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1086)
at org.apache.catalina.core.ContainerBase.stop(ContainerBase.java:1098)
at org.apache.catalina.core.StandardEngine.stop(StandardEngine.java:448)
at org.apache.catalina.core.StandardService.stop(StandardService.java:584)
at org.apache.catalina.core.StandardServer.stop(StandardServer.java:744)
at org.apache.catalina.startup.Catalina.stop(Catalina.java:628)
at org.apache.catalina.startup.Catalina.start(Catalina.java:603)
... 6 more

Eric Dalquist
February 11, 2009, 11:03 PM

Updated all non-serializable objects to be serializable and correctly mark transient fields.

Fixed

Assignee

Eric Dalquist

Reporter

Jim Helwig

Labels

None

Estimated End Date

None

Fix versions

Affects versions

Priority

Minor