[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16802172#comment-16802172
]
ASF subversion and git services commented on WW-4873:
-
Commit 5b0ec3400dc0777e6dfaeaded1e497ace710e5ff in struts's branch
refs/heads/struts-2-5-x from JCgH4164838Gh792C124B5
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=5b0ec34 ]
Fix issue introduced with earlier WW-4873 fix:
- Fixes error 500 processing failures for double-submit results with
TokenSessionStoreInterceptor processing
- Fix to InvocationSessionStore, new unit test confirming fix in
InvocationSessionStoreTest
- Minor whitespace fix to TokenSessionStoreInterceptor
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
>Priority: Major
> Fix For: 2.5.16
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16293742#comment-16293742
]
Hudson commented on WW-4873:
SUCCESS: Integrated in Jenkins build Struts-master-JDK7 #74 (See
[https://builds.apache.org/job/Struts-master-JDK7/74/])
WW-4873 Makes ActionInvocation not serializable (yasserzamani: rev
4738d1d80228f86da880ed207294349566a260a2)
* (edit)
plugins/dwr/src/main/java/org/apache/struts2/validators/DWRValidator.java
* (edit) core/src/main/java/com/opensymphony/xwork2/ActionInvocation.java
* (edit)
plugins/sitemesh/src/main/java/org/apache/struts2/sitemesh/OldDecorator2NewStrutsDecorator.java
* (edit)
plugins/rest/src/main/java/org/apache/struts2/rest/RestActionInvocation.java
* (edit) core/src/main/java/org/apache/struts2/util/InvocationSessionStore.java
* (edit)
core/src/test/java/com/opensymphony/xwork2/spring/interceptor/TestActionInvocation.java
* (edit)
plugins/json/src/test/java/org/apache/struts2/json/JSONInterceptorTest.java
* (edit) core/src/main/java/com/opensymphony/xwork2/DefaultActionInvocation.java
* (edit)
core/src/main/java/com/opensymphony/xwork2/mock/MockActionInvocation.java
* (edit)
core/src/test/java/com/opensymphony/xwork2/DefaultActionInvocationTest.java
WW-4873 Makes InvocationSessionStore$InvocationContext transient (yasserzamani:
rev 2941416a1832393a25a9bb823f5763fc7851da23)
* (edit) core/src/main/java/org/apache/struts2/util/InvocationSessionStore.java
* (edit)
core/src/test/java/org/apache/struts2/util/InvocationSessionStoreTest.java
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.5.15
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16293733#comment-16293733
]
ASF subversion and git services commented on WW-4873:
-
Commit 8b608e334aecdce558e9d98531e3ffa8c5538905 in struts's branch
refs/heads/master from [~lukaszlenart]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=8b608e3 ]
Merge pull request #192 from yasserzamani/WW-4873_2
WW-4873 Makes ActionInvocation not serializable and
InvocationSessionStore$InvocationContext transient
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.5.15
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16293732#comment-16293732
]
ASF subversion and git services commented on WW-4873:
-
Commit 2941416a1832393a25a9bb823f5763fc7851da23 in struts's branch
refs/heads/master from [~yasser.zamani]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=2941416 ]
WW-4873 Makes InvocationSessionStore$InvocationContext transient
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.5.15
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16293734#comment-16293734
]
ASF subversion and git services commented on WW-4873:
-
Commit 8b608e334aecdce558e9d98531e3ffa8c5538905 in struts's branch
refs/heads/master from [~lukaszlenart]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=8b608e3 ]
Merge pull request #192 from yasserzamani/WW-4873_2
WW-4873 Makes ActionInvocation not serializable and
InvocationSessionStore$InvocationContext transient
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.5.15
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16293731#comment-16293731
]
ASF subversion and git services commented on WW-4873:
-
Commit 4738d1d80228f86da880ed207294349566a260a2 in struts's branch
refs/heads/master from [~yasser.zamani]
[ https://gitbox.apache.org/repos/asf?p=struts.git;h=4738d1d ]
WW-4873 Makes ActionInvocation not serializable
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.5.15
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16290497#comment-16290497
]
ASF GitHub Bot commented on WW-4873:
yasserzamani opened a new pull request #192: WW-4873 Makes ActionInvocation not
serializable and InvocationSessionStore$InvocationContext transient
URL: https://github.com/apache/struts/pull/192
⚠️ For simpler review, please review each commit separately.
❓ Why `serialize` and `deserialize` methods of `ActionInvocation` deleted?
`ActionInvocation` is a large complex object which contains request, response,
container, value stack and action context. It's hard to maintain it
serializable e.g. user may want to store a private not serializable object in
action. And It's not a good practice ([CWE-579: J2EE Bad Practices:
Non-serializable Object Stored in
Session](https://cwe.mitre.org/data/definitions/579.html)).
ℹ️ I know I also deleted `that.container = actionContext.getContainer();`
(replacing restored invocation container with current container) with
`ActionInvocation.deserialize` method. I saw it's not needed and even it's
better for restored default invocation to work with itself stored container to
keep consistency. Anyway currently it's really not needed because only
`TokenSessionStoreInterceptor` uses it and it only passes the invocation to
result and result is not aware about `DefaultActionInvocation` (only knows
`ActionInvocation`):
```java
if ((result != null) && (savedInvocation.getProxy().getExecuteResult())) {
result.execute(savedInvocation);
}
```
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.5.15
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16279104#comment-16279104
]
Yasser Zamani commented on WW-4873:
---
[~ekane], I reviewed {{ExecuteAndWaitInterceptor}} and seems has this bug when
session goes to being serialized in middle of an background process.
Could you please file a new issue here then we will have it in monitor and you
can track the resolution there.
Thank you very much for your report.
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.6
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16279077#comment-16279077
]
Erica Kane commented on WW-4873:
We are having a very similar issue with the ExecuteAndWait interceptor, which
may be related. It gives us
java.io.NotSerializableException:
com.opensymphony.xwork2.inject.ContainerImpl$ConstructorInjector
I have extensive details posted at [Stack
Overflow|https://stackoverflow.com/questions/47660913/struts2-notserializableexception-occurs-with-executeandwaitinterceptor].
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.6
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16270252#comment-16270252
]
ASF GitHub Bot commented on WW-4873:
yasserzamani opened a new pull request #188: WW-4873 Removes request and
response from DefaultActionInvocation whe…
URL: https://github.com/apache/struts/pull/188
…n serializes
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
>Assignee: Yasser Zamani
> Fix For: 2.5.x
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16247720#comment-16247720
]
Yasser Zamani commented on WW-4873:
---
{quote}
I assume it needs to stay in there for as long as it takes for the interceptor
to run across every potential request using the same session.
{quote}
No, not at all! I found all usages of {{InvocationSessionStore}} and is only
used in {{TokenSessionStoreInterceptor}} and it's {{loadInvocation()}} method
is only used in {{handleInvalidToken()}} method. So,
{{ActionContext.getContext().getSession().get("org.apache.struts2.util.InvocationSessionStore.invocationMap")}}
is only used when user posted token is not valid (e.g. someone else tries a
CSRF attack) and Struts returns previous result. When you delete it, Struts
simply returns {{invalid.token}}.
So the conclusion is, the difference only occurs when user posts a not valid
token (usually does not occur except on security attacks or duplicated posts)
and the difference is Struts returns {{invalid.token}} instead of previous
executed result. It seems no any very bad thing occurs.
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.x
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16247556#comment-16247556
]
Michael Hum commented on WW-4873:
-
[~yasser.zamani] Can definitely try that but I'm not 100% sure how that works
with websphere or if we control when it tries to serialize the session. Will
have to look into that.
I can try and play with it though. When would be a safe time to try and remove
it do you think? I assume it needs to stay in there for as long as it takes for
the interceptor to run across every potential request using the same session.
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.x
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16247128#comment-16247128
]
Yasser Zamani commented on WW-4873:
---
[~MichaelHum], As a workaround until the resolution, I think you can
{{ActionContext.getContext().getSession().remove("org.apache.struts2.util.InvocationSessionStore.invocationMap")}}
before your serialization :)
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.x
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16245916#comment-16245916
]
Yasser Zamani commented on WW-4873:
---
Hello [~MichaelHum],
You were right. {{StrutsRequestWrapper}} extends {{HttpServletRequestWrapper}}
from provided servlet api, and, that is not intended and expected to being
serializable at all in servlet api. This is Strut's failure that stores an
instance of it in session and disables user to have a sticky sessions.
Please give us some time to see what we can do with it to fix it :)
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.14
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16245734#comment-16245734
]
Michael Hum commented on WW-4873:
-
Hi [~yasser.zamani], it seems that websphere doesn't store the stack trace when
this occurs. I can reproduce the issue in my local development environment that
uses tomcat though. We enable an interceptor in our development environments to
catch serialization issues (in the stack trace it is
TestSerializationInterceptor) that attempts to serialize each attribute in the
HttpSession:
{code:java}
2017-11-09T09:21:54,215 - Failed to serialize session after invoking
AddSurveyAction.
Exception(s):
Root object = [org.apache.struts2.util.InvocationSessionStore.invocationMap,
java.util.HashMap]
java.io.NotSerializableException:
org.apache.struts2.dispatcher.StrutsRequestWrapper
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1184)
at
java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1548)
at
java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1509)
at
java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:348)
at java.util.HashMap.internalWriteEntries(HashMap.java:1777)
at java.util.HashMap.writeObject(HashMap.java:1354)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java:1028)
at
java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1496)
at
java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
at
java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1548)
at
java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1509)
at
java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
at
java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1548)
at
java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1509)
at
java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:348)
at java.util.HashMap.internalWriteEntries(HashMap.java:1777)
at java.util.HashMap.writeObject(HashMap.java:1354)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java:1028)
at
java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1496)
at
java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:348)
at
ca.statcan.icos.web.session.TestSerialization.verify(TestSerialization.java:73)
at
ca.statcan.icos.struts2.interceptor.TestSerializationInterceptor.test(TestSerializationInterceptor.java:80)
at
ca.statcan.icos.struts2.interceptor.TestSerializationInterceptor.lambda$intercept$0(TestSerializationInterceptor.java:52)
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:267)
at
com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:260)
at
org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:52)
at
com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:247)
at
org.apache.struts2.json.JSONInterceptor.intercept(JSONInterceptor.java:185)
at
com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:247)
at
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16243499#comment-16243499
]
Yasser Zamani commented on WW-4873:
---
[~MichaelHum], do you have the complete stack trace especially it's {{caused
by}}s?
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.14
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16214883#comment-16214883
]
Lukasz Lenart commented on WW-4873:
---
Hm... but {{ServletRequest}} supposed to be serialisable, maybe it's just a
case of turning {{StrutsRequestWrapper}} into a serializable bean
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.14
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16212606#comment-16212606
]
Michael Hum commented on WW-4873:
-
It looks like there are quite a number of entries in the ActionContext that
aren't serializable. The serialize/deserialize logic of the invocation seems to
only be handling the container.
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.14
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (WW-4873) NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
[
https://issues.apache.org/jira/browse/WW-4873?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16211252#comment-16211252
]
Aleksandr Mashchenko commented on WW-4873:
--
{{HttpServletRequest}} in {{ActionContext}}? Can you show where?
> NotSerializableException - org.apache.struts2.dispatcher.StrutsRequestWrapper
> -
>
> Key: WW-4873
> URL: https://issues.apache.org/jira/browse/WW-4873
> Project: Struts 2
> Issue Type: Bug
>Affects Versions: 2.5.13
>Reporter: Michael Hum
> Fix For: 2.5.14
>
>
> We are attempting to test session replication on our websphere servers but
> run into the given error when websphere tries to serialize the session.
> {code}
> [10/18/17 10:33:38:094 EDT] 0335 WASSessionE MTMBuffWrapper getBytes
> write object exception. e= java.io.NotSerializableException:
> org.apache.struts2.dispatcher.StrutsRequestWrapper
> {code}
> It appears the ActionInvocation stores the ActionContext which stores the
> offending property: com.opensymphony.xwork2.dispatcher.HttpServletRequest -->
> StrutsRequestWrapper
> After a little digging we narrowed it down to our use of the
> TokenSessionStoreInterceptor which stores the value in the session and uses
> it to redirect the failed request to the original one. Is this
> intended/expected? Or is there no requirement that the contents in the
> session be serializable - in which case we would have to look to our own
> solution.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
