Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.12.0, 1.13.0, 1.14.0
Description
When preferDeserializedForm is set to true (default value), session object should not contain serialized byte in the cache. However, the following exception shows that product leaks the serialized bytes.
Jun 02, 2020 3:31:58 PM org.apache.catalina.session.StandardSession setAttribute
SEVERE: Session attribute event listener threw exception
java.lang.ClassCastException: [B cannot be cast to java.lang.String
at org.apache.geode.modules.session.AccessAttributeValueListener.attributeReplaced(AccessAttributeValueListener.java:34)
at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1482)
at org.apache.geode.modules.session.catalina.DeltaSession.setAttribute(DeltaSession.java:262)
at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1385)
at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:137)
at org.apache.geode.modules.session.catalina.DeltaSessionFacade.setAttribute(DeltaSessionFacade.java:49)
at org.apache.geode.modules.session.CommandServlet.doGet(CommandServlet.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.geode.modules.session.catalina.CommitSessionValve.invoke(CommitSessionValve.java:47)
at org.apache.geode.modules.session.catalina.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:45)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:609)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:810)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Please note if preferDeserializedForm is set to false, this issue could still exist, unless HttpSessionBindingEvent.getValue() is not being accessed by the application. Otherwise, user should set preferDeserializedForm to true to avoid this issue.
Attachments
Issue Links
- causes
-
-
- Closed
-
- links to