[jira] Resolved: (SHIRO-182) SimpleSession cannot be deserialized

Tue, 06 Jul 2010 21:28:52 -0700 

     [ 
https://issues.apache.org/jira/browse/SHIRO-182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kalle Korhonen resolved SHIRO-182.
----------------------------------

    Fix Version/s: 1.1.0
                       (was: 1.0.1)
       Resolution: Fixed

Leave a comment if you need it fixed for 1.0.1

> SimpleSession cannot be deserialized
> ------------------------------------
>
>                 Key: SHIRO-182
>                 URL: https://issues.apache.org/jira/browse/SHIRO-182
>             Project: Shiro
>          Issue Type: Bug
>          Components: Caching , Session Management
>    Affects Versions: 1.0.0
>         Environment: Linux 2.6.34 x86_64
> java version "1.5.0_12"
> Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_12-b04)
> Java HotSpot(TM) 64-Bit Server VM (build 1.5.0_12-b04, mixed mode)
>            Reporter: Favio D. DeMarco
>            Assignee: Kalle Korhonen
>             Fix For: 1.1.0
>
>
> org.apache.shiro.session.mgt.SimpleSession fails deserialization with the 
> following error:
>       at 
> java.io.ObjectInputStream$BlockDataInputStream.readByte(ObjectInputStream.java:2666)
>       at 
> java.io.ObjectInputStream$BlockDataInputStream.readUTFChar(ObjectInputStream.java:3058)
>       at 
> java.io.ObjectInputStream$BlockDataInputStream.readUTFBody(ObjectInputStream.java:2955)
>       at 
> java.io.ObjectInputStream$BlockDataInputStream.readUTF(ObjectInputStream.java:2764)
>       at java.io.ObjectInputStream.readUTF(ObjectInputStream.java:1032)
>       at 
> org.apache.shiro.session.mgt.SimpleSession.readObject(SimpleSession.java:481)
> There is a problem with the way the 'expired' flag is managed. In writeObject 
> the 'expired' flag is written if it's set:
> if (expired) {
>     out.writeBoolean(expired);
> }
> But, in getAlteredFieldsBitMask, the bit in the bit mask is only set when the 
> 'exprired' flag is not set:
> bitMask = !expired ? bitMask | EXPIRED_BIT_MASK : bitMask;
> A short test:
> SimpleSession session = new SimpleSession("localhost");
> //  This doesn't work either
> // session.setExpired(true);
> ByteArrayOutputStream serialized = new ByteArrayOutputStream();
> ObjectOutputStream serializer = new ObjectOutputStream(serialized);
> serializer.writeObject(session);
> serializer.close();
> new ObjectInputStream(new 
> ByteArrayInputStream(serialized.toByteArray())).readObject();

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to