[jira] [Work logged] (TOMEE-4222) @LoginToContinue JSR-375 (JavaEE Security API) causes IllegalArgumentException

Thu, 08 Jun 2023 08:17:11 -0700 


     [ 
https://issues.apache.org/jira/browse/TOMEE-4222?focusedWorklogId=864499&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-864499
 ]

ASF GitHub Bot logged work on TOMEE-4222:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 08/Jun/23 15:16
            Start Date: 08/Jun/23 15:16
    Worklog Time Spent: 10m 
      Work Description: exabrial opened a new pull request, #1052:
URL: https://github.com/apache/tomee/pull/1052

   (no comment)




Issue Time Tracking
-------------------

            Worklog Id:     (was: 864499)
    Remaining Estimate: 0h
            Time Spent: 10m

> @LoginToContinue JSR-375 (JavaEE Security API) causes IllegalArgumentException
> ------------------------------------------------------------------------------
>
>                 Key: TOMEE-4222
>                 URL: https://issues.apache.org/jira/browse/TOMEE-4222
>             Project: TomEE
>          Issue Type: Bug
>          Components: TomEE Core Server
>    Affects Versions: 8.0.14, 8.0.15
>            Reporter: Jonathan S. Fisher
>            Assignee: Jonathan S. Fisher
>            Priority: Minor
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Given the following configuration:
> {code:java}
> @CustomFormAuthenticationMechanismDefinition(
> loginToContinue = @LoginToContinue(loginPage = "/login", useForwardToLogin = 
> true))
> @FacesConfig
> @ApplicationScoped
> public class ApplicationConfig {
> }{code}
> An exception will be thrown:
> {code:java}
> java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute 
> [org.apache.tomee.security.request.original]
> org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1430)
> org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1386)
> org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:136)
> org.apache.tomee.security.http.LoginToContinueMechanism.saveRequest(LoginToContinueMechanism.java:90)
> org.apache.tomee.security.cdi.LoginToContinueInterceptor.processContainerInitiatedAuthentication(LoginToContinueInterceptor.java:132)
> org.apache.tomee.security.cdi.LoginToContinueInterceptor.validateRequest(LoginToContinueInterceptor.java:78)
> org.apache.tomee.security.cdi.LoginToContinueInterceptor.intercept(LoginToContinueInterceptor.java:63){code}
> This is beacuse {{SavedAuthentication}} and {{SavedRequest}} does not 
> implement {{Serializable}}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to