Use context classloader when deserializing proxies.
---------------------------------------------------
Key: WICKET-3549
URL: https://issues.apache.org/jira/browse/WICKET-3549
Project: Wicket
Issue Type: Bug
Reporter: Maarten Billemont
LazyInitProxyFactory's ProxyReplacement's readResolve loads the target class
using Class.forName()
This is dodgy because it uses the *caller*'s classloader, which is the
classloader that loaded the ProxyReplacement class. This is not necessarily
the context Classloader.
Specifically, in our case, wicket is in JBoss' server/default/lib, we inject an
EJB proxy into a wicket page using a ComponentInitializationListener, but when
the component is serialized and later deserialized, the EJB client interface
class cannot be found anymore by this forName() call, while the interface can
be found just fine using the context Classloader.
Wicket classes are loaded by the org.jboss.classloader.spi.base.BaseClassLoader
which doesn't know our EJB client interfaces. The context classloader is that
of our WAR which does know them.
As a result, deserialization of our EJB-injected wicket pages is broken.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
