tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Nappin" <C.Nap...@ABM-UK.COM>
Subject enforcing serialization of session attributes
Date Wed, 03 May 2006 10:44:51 GMT


  We're using Tomcat 5.5.9 on our development PCs because it closely
replicates our chosen production environment (JBoss 4.0.2). What we
would like to do is configure Tomcat to enforce that all session
variables must be Serializable, so any development errors are caught
early and not during integration testing.


To achieve this I have added "<distributable/>" to our application's
web.xml, and added a "Manager" with distributable set to true in the
Tomcat server.xml (complete file included below).


However, when testing an object that implements Serializable, but has
non-transient instance variables that don't (e.g. org.w3c.dom.Document)
Tomcat accepts setting it in the session - no stack traces in the
console, nothing written to the log files.


Also, if I shutdown the server mid-sequence, the "SESSIONS.ser" file is
updated but is only ever 81 bytes, so I'm not sure it's working


Are we doing something wrong, or is this a known issue either resolved
in more recent builds or planned to be resolved?




<!-- Server Configuration File -->

<Server port="8005" shutdown="SHUTDOWN">


  <Service name="Catalina">


    <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150"

     maxSpareThreads="75" enableLookups="false"

     acceptCount="100" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" />


    <Engine name="Catalina" defaultHost="localhost">


            <Host name="localhost" appBase="webapps" unpackWARs="false"

             xmlValidation="true" xmlNamespaceAware="false">


                     <Context cookies="true" docBase="pegasus.war"

                      unpackWAR="false" useNaming="false">

                         <Manager distributable="true"/>



className="org.apache.catalina.valves.AccessLogValve" directory="logs"  

                   prefix="access_log." suffix=".txt" pattern="common"








Chris Nappin

Technical Architect
ABM United Kingdom Limited
Telephone: +44 (0) 115 977 6999
Facsimile: +44 (0) 115 977 6850
ABM for Intelligent Solutions



This e-mail is confidential to its intended recipient. It may also be privileged. Neither
the confidentiality nor any privilege attaching to this e-mail is waived lost or destroyed
by reason that it has been mistakenly transmitted to a person or entity other than its intended
recipient. If you are not the intended recipient please notify us immediately by telephone
or fax at the numbers provided above or e-mail by Reply To Author and return the printed e-mail
to us by post at our expense. We believe, but do not warrant, that this e-mail and any attachments
are virus-free, but you should check. We may monitor traffic data of both business and personal
e-mails. We are not liable for any opinions expressed by the sender where this is a non-business
e-mail. If you do not receive all the message, or if you have difficulty with the transmission,
please telephone us immediately.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message