【发布时间】:2015-07-03 13:11:45
【问题描述】:
我正在使用 Spring Security 3.1 构建一个 JSF2 Web 应用程序,用于安全性。 每次重新启动 tomcat 时,我都会收到 Spring Security 的 ProviderManager 抛出的 NotSerializableException,但 webapp 运行良好。恐怕在部署到生产环境时可能会导致一些问题。 有谁知道如何使 ProviderManager 可序列化 这是一个例外:
SEVERE: IOException while loading persisted sessions: java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: org.springframework.security.authentication.ProviderManager
java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: org.springframework.security.authentication.ProviderManager
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1355)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1993)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1918)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1801)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1351)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:371)
at org.apache.catalina.session.StandardSession.readObject(StandardSession.java:1619)
at org.apache.catalina.session.StandardSession.readObjectData(StandardSession.java:1084)
at org.apache.catalina.session.StandardManager.doLoad(StandardManager.java:282)
at org.apache.catalina.session.StandardManager.load(StandardManager.java:202)
at org.apache.catalina.session.StandardManager.startInternal(StandardManager.java:489)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5537)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.StandardContext.reload(StandardContext.java:4033)
at org.apache.catalina.loader.WebappLoader.backgroundProcess(WebappLoader.java:425)
at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1345)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1546)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1556)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1556)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1524)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.io.NotSerializableException: org.springframework.security.authentication.ProviderManager
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1184)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1548)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1509)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:348)
at org.apache.catalina.session.StandardSession.writeObject(StandardSession.java:1695)
at org.apache.catalina.session.StandardSession.writeObjectData(StandardSession.java:1101)
at org.apache.catalina.session.StandardManager.doUnload(StandardManager.java:430)
at org.apache.catalina.session.StandardManager.unload(StandardManager.java:351)
at org.apache.catalina.session.StandardManager.stopInternal(StandardManager.java:516)
at org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:232)
at org.apache.catalina.core.StandardContext.stopInternal(StandardContext.java:5719)
at org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:232)
at org.apache.catalina.core.StandardContext.reload(StandardContext.java:4026)
... 7 more
【问题讨论】:
-
为什么要在会话中保存服务 bean?这是一个设计问题,应该通过不保存对它的引用来解决,不要试图将序列化破解到语义上不可序列化的东西上。
-
我没有在会话中保存它,但可能是 JSF
@SessionScoped正在尝试保存它。您知道如何防止这种情况发生吗? -
这是一个新应用程序吗?
-
如果是新申请,我该怎么办?
-
如果它是一个新应用程序,我会说“不要使用 JSF,因为它充满了这种问题”。不确定如何解决此问题。
标签: java jsf tomcat spring-security