-
1. Re: Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
marcelkolsteren Sep 28, 2010 6:18 PM (in response to jonananas)Thanks for pointing this out. I agree, the classes you mentioned must be serializable.
The reason I had for not making the session-bound objects Serializable, was that it would only be needed in clustered environments, or when sessions need to be preserved during application server restarts. What is the reason that the sessions are swapped to disk in your case (I'm just curious)?
Making SeamSamlPrincipal Serializable is not straightforward, because it contains instances of NameIDType, AttributeType and AssertionType, all of which are JAXB-generated classes. I hope that JAXB can be configured to create Serializable variants of those classes. How did you fix that problem in your own overriding versions?
Regarding the ExternalAuthenticator, I was first a bit surprised that your app was trying to serialize an instance of that class. But now I realize that you may be using client-side state saving. Is that the case?
I created a JIRA issue for this bug:
-
2. Re: Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
jonananas Sep 29, 2010 4:47 AM (in response to marcelkolsteren)The reason we swap sessions to disk is to preserve memory, we have a lot of low-cpu high-memory long running sessions, where users ask for data and then take some time reading through it before performing the next search. We use org.apache.catalina.session.PersistentManager to swap sessions to disk.
I made ExternalAuthenticator serializable successfully, but SamlPrincipal and Request are still a problem for me.
The way we've made JAXB-generated classes serializable in the past is putting a bindings.jxb in the same directory as the xsd or wsdl:
{code:xml}
<?xml version="1.0" encoding="UTF-8"?> <jaxb:bindings version="1.0" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc" jaxb:extensionBindingPrefixes="xjc" schemaLocation="model.xsd" node="/xsd:schema"> <jaxb:globalBindings choiceContentProperty="true" generateIsSetMethod="true"> <xjc:simple/> <xjc:serializable uid="4"/> </jaxb:globalBindings> </jaxb:bindings>
{code}
From our pom:
{code:xml}
<plugin> <groupId>org.jvnet.jaxb2.maven2</groupId> <artifactId>maven-jaxb2-plugin</artifactId> <version>0.7.1</version> <executions> <execution> <goals> <goal>generate</goal> </goals> </execution> </executions> <configuration> <schemaDirectory>${basedir}/xsd</schemaDirectory> <includeSchemas> <includeSchema>model.xsd</includeSchema> </includeSchemas> <strict>true</strict> <verbose>true</verbose> <extension>true</extension> </configuration> </plugin>
{code}
-
3. Re: Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
marcelkolsteren Sep 29, 2010 3:30 PM (in response to jonananas)Jonas, thanks for the hints. They'll be useful at the time we're fixing the problem.
-
4. Re: Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
mdesignz Mar 19, 2011 8:56 AM (in response to marcelkolsteren)Hello, I'm attempting to run a Seam application in a cluster, and I'm running into org.picketlink.identity.seam.federation.ExternalAuthenticator not being Serializable. Is there a version that addresses this? We're currently using 1.0.3.CR2
Thanks.
-
5. Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
anil.saldhana Mar 31, 2011 10:38 AM (in response to mdesignz)Robert, the next build of PL2 will contain the changes for you.
-
6. Re: Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
jonananas Apr 6, 2011 1:09 PM (in response to anil.saldhana)I thought I'd follow up in this thread regarding PL2.
I've been trying to get PL2 running on a Seam 2.1.2-application running on jboss 4.3.0.
In this process I've had to make the following classes serializable:
picketlink-seam:
M picketlink-seam\src\main\java\org\picketlink\identity\seam\federation\configuration\SamlIdentityProvider.java
M picketlink-seam\src\main\java\org\picketlink\identity\seam\federation\configuration\SamlEndpoint.java
M picketlink-seam\src\main\java\org\picketlink\identity\seam\federation\configuration\SamlService.java
M picketlink-seam\src\main\java\org\picketlink\identity\seam\federation\RequestContext.javapicketlink-trunk:
M picketlink-fed-model\src\main\java\org\picketlink\identity\federation\newmodel\saml\v2\assertion\SubjectType.java
(STSubType needs to be serializable)
M picketlink-fed-model\src\main\java\org\picketlink\identity\federation\newmodel\saml\v2\assertion\SubjectConfirmationDataType.java
M picketlink-fed-model\src\main\java\org\picketlink\identity\federation\newmodel\saml\v2\assertion\AudienceRestrictionType.java
M picketlink-fed-model\src\main\java\org\picketlink\identity\federation\newmodel\saml\v2\assertion\AuthnContextClassRefType.java
M picketlink-fed-model\src\main\java\org\picketlink\identity\federation\newmodel\saml\v2\assertion\EncryptedElementType.java
M picketlink-fed-model\src\main\java\org\picketlink\identity\federation\newmodel\saml\v2\assertion\AuthnContextType.javaCould you please consider making these serializable in the next PL2 release?
They were all straightforward work...
Thanks
-
7. Re: Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
anil.saldhana Apr 6, 2011 1:38 PM (in response to jonananas)I made the changes and there is a new build today: http://community.jboss.org/message/584988
Try and tell us..
-
8. Re: Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
jonananas Apr 8, 2011 10:34 AM (in response to anil.saldhana)I think you missed updating the picketlink-seam files? At least the files at http://anonsvn.jboss.org/repos/picketlink/picketlink-seam/trunk/ are still not serializable.
The picketlink-trunk at http://anonsvn.jboss.org/repos/picketlink/federation/trunk/ looks good though!
-- Jonas
-
9. Problems with SamlPrincipal, requests and ExternalAuthenticator not being Serializable
anil.saldhana Apr 10, 2011 10:40 AM (in response to jonananas)The changes are in the build I attached. I forgot to check in the changes to the seam workspace. I have done it now.