tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <>
Subject RE: serialized objects invalidating session
Date Tue, 10 Aug 2004 18:16:58 GMT


>My first question
>is is there a configuration parameter I need to set to allow Tomcat to
>serialize the sessions in 5.0.27? 

Tomcat serializes sessions by default, as required by the Servlet
Specification.  This specific behavior is controlled by the Manager
element in your server.xml (this is not the same as the Manager webapp),
whose docs are at

>... or what may be happening is that
>per Jacob's response, there is some other object in the session that
>does not implement the Serializable interface, so therefore, the whole
>thing is trashed. FYI, my object is simply implementing the
>interface. I am doing nothing else like implementing readObject,
>writeObject, etc..

You don't need to implement the custom serialization methods: declaring
that you implement Serializable is sufficient.  You can test to see if
your class is serializable by trying to serialize it outside of Tomcat,
it's pretty trivial to do with a ByteArrayOutputStream.  Or
commons-lang's SerializationUtils.

Try setting the distributable flag of your Context to true.  Let us know
if the behavior changes then.

The relevant code is at
specifically the writeObject method.  Non-Serializable attributes are

Yoav Shapira

This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message