Thank you very much Chris The classes my app uses should be serialize anyway so I just go that route. But thanks for that code snippet too
Rick Noel Systems Programmer | Westwood One rn...@westwoodone.com -----Original Message----- From: Christopher Schultz <ch...@christopherschultz.net> Sent: Friday, March 22, 2024 2:36 PM To: Tomcat Users List <users@tomcat.apache.org>; Rick Noel <rn...@westwoodone.com.INVALID> Subject: Re: [EXT]Re: Tomcat session replication issue - java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute : Rick, On 3/22/24 13:33, Rick Noel wrote: > I do not want to replicate customer because that class does not > implement serializable > > I was looking for someway that the Manager would NOT try to replicate > it This is an allow-list which is much more secure than a deny-list. It's a regular expression, so you can feel free to get super-creative with the expression if you want to effectively create a deny-list with one item. Honestly, this is probably some technical dept worth paying off at this point. Another option would be to store the object in a wrapper in the session that *is* serializable but it doesn't actually try to serialize the object it wraps. I did one of these ages ago for similar reasons: I didn't want to go change all those classes to be Serializable. Here it is: public class TransientObjectWrapper<T> implements Serializable { private static final long serialVersionUID = -4694896879363833304L; private transient final T _o; public TransientObjectWrapper(T o) { _o = o; } public T getWrappedObject() { return _o; } } Using this plus a craftily-written Filter, HttpServletRequestWrapper, and HttpSession implementation would allow you to do this kind of thing without any failures. Or you could just configure Tomcat's already flexible allow-list for session attribute names. -chris > -----Original Message----- > From: Mark Thomas <ma...@apache.org> > Sent: Friday, March 22, 2024 1:27 PM > To: users@tomcat.apache.org > Subject: Re: [EXT]Re: Tomcat session replication issue - > java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute : > > On 22/03/2024 15:43, Rick Noel wrote: >> Mark, >> >> So if my customer object is failing to get set in the session >> replication, I could add this to the config snippet? >> >> sessionAttributeNameFilter="customer" > > You set that to the attributes you DO want to replicate, not the ones you > don't. > > Mark > >> >> so like this?........... >> >> >> <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" >> channelSendOptions="6"> >> >> <Manager >> className="org.apache.catalina.ha.session.DeltaManager" >> expireSessionsOnShutdown="false" >> >> notifyListenersOnReplication="true" >> maxActiveSessions="8192" >> >> sessionAttributeNameFilter="customer" >> /> >> >> <Channel >> className="org.apache.catalina.tribes.group.GroupChannel"> >> <Membership >> className="org.apache.catalina.tribes.membership.McastService" >> address="228.0.0.4" >> port="45564" >> frequency="500" >> dropTime="3000"/> >> <Receiver >> className="org.apache.catalina.tribes.transport.nio.NioReceiver" >> address="auto" >> port="5000" >> selectorTimeout="100" >> maxThreads="6"/> >> >> <Sender >> className="org.apache.catalina.tribes.transport.ReplicationTransmitter"> >> <Transport >> className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/> >> </Sender> >> <Interceptor >> className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/> >> <Interceptor >> className="org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor"/> >> <Interceptor >> className="org.apache.catalina.tribes.group.interceptors.ThroughputInterceptor"/> >> </Channel> >> >> <Valve >> className="org.apache.catalina.ha.tcp.ReplicationValve" >> >> filter=".*\.gif|.*\.js|.*\.jpeg|.*\.jpg|.*\.png|.*\.htm|.*\.html|.*\. >> c >> ss|.*\.txt"/> >> >> >> <ClusterListener >> className="org.apache.catalina.ha.session.ClusterSessionListener"/> >> </Cluster> >> >> >> >> >> >> Rick Noel >> Systems Programmer | Westwood One >> rn...@westwoodone.com >> >> -----Original Message----- >> From: Mark Thomas <ma...@apache.org> >> Sent: Friday, March 22, 2024 11:32 AM >> To: users@tomcat.apache.org >> Subject: [EXT]Re: Tomcat session replication issue - >> java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute >> : >> >> On 22/03/2024 15:15, Rick Noel wrote: >>> Is there a way to configure DeltaManager or the Cluster element so it does >>> not cause my application to throw this error..... >>> >>> 22-Mar-2024 10:56:34.382 SEVERE [http-nio-8586-exec-5] >>> org.apache.catalina.core.StandardWrapperValve.invoke >>> Servlet.service() for servlet [jsp] in context with path [##0001] >>> threw exception [An exception occurred processing >>> [/services/include/properties.jsp] at line [196] >>> >>> 193: >>> 194: session.setAttribute( "format", stationFormat ); >>> 195: session.setAttribute( "employee_id", employeeId ); >>> 196: session.setAttribute( "customer", customer ); >>> 197: session.setAttribute( "customer_id", customerId ); >>> 198: session.setAttribute( "nonidentifier_call_letters", >>> nonIdentifierCallLetters ); >>> 199: session.setAttribute( "call_letters", callLetters ); >>> >>> >>> Stacktrace:] with root cause >>> java.lang.IllegalArgumentException: setAttribute: >>> Non-serializable attribute [customer] >>> >>> >>> I know why the error, it is because the customer object was never written >>> to be serialiazable. >>> The old application I am working on has a lot of such non serialized >>> objects and I do not want to search out change them all to implement >>> serialiazable >>> >>> I am hoping there is a way to configure Tomcat to just not try and >>> replication sessions all object which are not serialiazable >> >> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftom >> c%2F&data=05%7C02%7CRNoel%40westwoodone.com%7C08648b0871b749a1fc5e08d >> c4a9f08d9%7Ce5d6709fbecf4b058cee37f5a62617c4%7C0%7C0%7C63846729413855 >> 4189%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJB >> TiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=r7kgKohVqPJ65lcikOm2DNr >> FYTc%2B2ptG93aAiSW3zaw%3D&reserved=0 >> at.apache.org%2Ftomcat-10.1-doc%2Fconfig%2Fmanager.html&data=05%7C02% >> 7 >> CRNoel%40westwoodone.com%7C1b723f1052ef4e59bf0808dc4a959af2%7Ce5d6709 >> f >> becf4b058cee37f5a62617c4%7C0%7C0%7C638467253633727340%7CUnknown%7CTWF >> p >> bGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6M >> n >> 0%3D%7C0%7C%7C%7C&sdata=o5SvJv%2FM4QtRYM%2BEk18%2For7R81deb1g%2BW7N7X >> S >> rMwuM%3D&reserved=0 >> >> Search for sessionAttributeNameFilter >> >> Mark >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> >> CAUTION: This email originated from outside of the organization. Do not >> click links or open attachments unless you know the sender and you are sure >> the content is safe. Please report the message using the Report Message >> feature in your email client if you believe the email is suspicious. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org