[KARAF-4218] JAAS boot classes are not marked serializable - ASF JIRA

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 4.0.3
Fix Version/s: 4.0.4
Component/s: karaf
Labels:
None

Description

The principal classes in the jaas/boot module (org.apache.karaf.jaas.boot.principal package) are not marked serializable. I am trying to setup clustering for a hawtio-based console, and the app stores javax.security.Subject in session data, which is not serializable because org.apache.karaf.jaas.boot.principal.UserPrincipal/etc are not marked serializable.

Setting up a configuration for this is easy. Simply create a WAB project that has WEB-INF/jetty-web.xml as follows. The session manager in this case simply causes the sessions to serialize to disk. Most clustering solutions rely on serializable session data.

<?xml version="1.0"  encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
  <Set name="sessionHandler">
    <New class="org.eclipse.jetty.server.session.SessionHandler">
      <Arg>
        <New class="org.eclipse.jetty.server.session.HashSessionManager">
          <Set name="storeDirectory">${karaf.data}/sessions</Set>
          <Set name="savePeriod">10</Set>
        </New>
      </Arg>
    </New>
  </Set>
</Configure>

Attachments

Activity

People

Assignee:

Jean-Baptiste Onofré

Reporter:

Kurt Westerfeld

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

16/Dec/15 13:06

Updated:

15/Sep/18 05:45

Resolved:

17/Dec/15 06:47