shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Yara (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SHIRO-323) DelegatingSubject class cannot be serialized.
Date Wed, 28 Dec 2011 17:30:30 GMT

    [ https://issues.apache.org/jira/browse/SHIRO-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13176713#comment-13176713
] 

Michael Yara commented on SHIRO-323:
------------------------------------

Les,

I never actually got this part working since this piece got placed on the back burner of our
current project. 

Here are some details on what we currently have and what we are trying to accomplish:
- Our system is a client server system utilizing JMS for communication.
- User authentication is preformed via the JMS Broker utilizing a custom authentication plugin
so when the clients authenticate they are actually authenticating with the broker.
- The Broker plugin intercepts the authentication request and passes it off to a custom class
that utilizes Shiro to perform the final authentication and reports the authentication status
to the broker plugin.
- The server side holds a model of the currently logged in users utilizing the created Shiro
objects.
- We have developed a proprietary one way persistence framework to persist models between
the server and the client. This framework utilizes serialization with Java reflection over
JMS.
- Our goal is to persist the user model to the client in order for the client to determine
it's permissions/authorization client side for specific actions without having to send messages
back to the server for authorization of these actions.

I believe i was planning on creating another client side instance of the SecurityManager.
I am not using the Subject.Builder to make the subjects. i am using the org.apache.shiro.subject.support.DelegatingSubject.DelegatingSubject(SecurityManager
securityManager) constructor.

I am very new to Shiro so I may be taking the completely wrong path and I understand that
this is a very unique implementation and not exactly a standard. Any advice on this would
be helpful.







                
> DelegatingSubject class cannot be serialized.
> ---------------------------------------------
>
>                 Key: SHIRO-323
>                 URL: https://issues.apache.org/jira/browse/SHIRO-323
>             Project: Shiro
>          Issue Type: Bug
>          Components: Subject
>    Affects Versions: 1.1.0
>         Environment: Linux
>            Reporter: Michael Yara
>              Labels: serialization
>
> I am attempting to send a instance of DelegatingSubject over a JMS topic via serialization,
however when I send the object through JMS I get this Exception
> java.lang.RuntimeException: org.apache.shiro.subject.support.DelegatingSubject$StoppingAwareProxiedSession
> 	at org.apache.activemq.command.ActiveMQObjectMessage.storeContent(ActiveMQObjectMessage.java:111)
~[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.command.ActiveMQObjectMessage.setObject(ActiveMQObjectMessage.java:162)
~[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at com.xmlnamespace.panel.server.core.communication.event.EventManager.doSendMessage(EventManager.java:233)
~[com.xmlnamespace.panel.server.core/:na]
> 	at com.xmlnamespace.panel.server.core.communication.event.EventManager.sendMessage(EventManager.java:208)
~[com.xmlnamespace.panel.server.core/:na]
> 	at com.xmlnamespace.panel.server.core.communication.mtl.ModelDispatcher.add(ModelDispatcher.java:122)
~[com.xmlnamespace.panel.server.core/:na]
> 	at com.xmlnamespace.panel.server.core.communication.mtl.ModelDispatcher.collectionChange(ModelDispatcher.java:181)
~[com.xmlnamespace.panel.server.core/:na]
> 	at com.xmlnamespace.panel.core.shared.communication.mtl.api.CollectionChangeSupport.doFireCollectionChange(CollectionChangeSupport.java:182)
~[shared-objects.jar:na]
> 	at com.xmlnamespace.panel.core.shared.communication.mtl.api.CollectionChangeSupport.fireCollectionChange(CollectionChangeSupport.java:47)
~[shared-objects.jar:na]
> 	at com.xmlnamespace.panel.core.shared.user.model.internal.UserModelImpl.addUserLogin(UserModelImpl.java:96)
~[shared-objects.jar:na]
> 	at com.xmlnamespace.panel.server.core.login.LoginManager.authenticateConnection(LoginManager.java:1013)
~[com.xmlnamespace.panel.server.core/:na]
> 	at com.xmlnamespace.panel.server.core.communication.broker.BrokerAuthenticationFilter.addConnection(BrokerAuthenticationFilter.java:69)
~[com.xmlnamespace.panel.server.core/:na]
> 	at org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:705)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:83)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:139) [activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:316)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:180)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:113)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:227)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)
[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.transport.tcp.SslTransport.doConsume(SslTransport.java:91) [activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:217) [activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:199) [activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	at java.lang.Thread.run(Thread.java:662) [na:1.6.0_26]
> Caused by: java.io.NotSerializableException: org.apache.shiro.subject.support.DelegatingSubject$StoppingAwareProxiedSession
> 	at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1164) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1518) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1483) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1400) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1158) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1518) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1483) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1400) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1158) ~[na:1.6.0_26]
> 	at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:330) ~[na:1.6.0_26]
> 	at org.apache.activemq.command.ActiveMQObjectMessage.storeContent(ActiveMQObjectMessage.java:105)
~[activemq-all-5.6-SNAPSHOT.jar:5.6-SNAPSHOT]
> 	... 24 common frames omitted
> I assume that DelegatingSubject is meant to be serialized since it does implement serializable.
I noticed that the class inner class StoppingAwareProxiedSession is the culprit. Would the
issue be resolved by simply making the Session interface, ProxiedSession class, and StoppingAwareProxiedSession
serializable? 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message