NotSerializableException when using clustered authentication cache
faxe13 Feb 2, 2018 7:52 AMHello,
after migrating from wildfly 10 to wildfly 11 I have troubles using a distributed authentication cache. As long as I configure the security-domain to use cache-type="default" - which is a local cache - everything works as expected but when I use the cache-type="infinispan" I encounter serialization issues. Here is the config of the security domain:
<security-domain name="myDomain" cache-type="infinispan">
<authentication>
<login-module code="my.login.module.MyLoginModule" flag="required" module="my.login.module">
<module-option name="principalClass" value="my.login.module.MyPrincipal"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
and the config of the authentication cache in infinispan:
<cache-container name="security" default-cache="auth-cache">
<transport lock-timeout="60000"/>
<distributed-cache name="auth-cache" mode="ASYNC" l1-lifespan="0" owners="2">
<locking isolation="REPEATABLE_READ"/>
<transaction mode="BATCH"/>
<eviction strategy="LRU" max-entries="10000"/>
<expiration lifespan="28800000" max-idle="28800000"/>
<file-store/>
</distributed-cache>
</cache-container>
From the exception it looks like that the DomainInfo object will be put into the cache although is has a member which is not serializable: protected ClassLoader contextClassLoader. Is there anything I can do in my configuration to prevent this from happening besides not using a clustered cache at all. As I said the same config works fine in wildfly 10.
2018-02-02 10:11:07,735 ERROR [org.infinispan.remoting.rpc.RpcManagerImpl] (default task-6) ISPN000073: Unexpected error while replicating: org.infinispan.commons.marshall.NotSerializableException: org.jboss.as.security.plugins.ModuleClassLoaderLocator$CombinedClassLoader
Caused by: an exception which occurred:
in field org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo.contextClassLoader
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.infinispan.commands.write.PutKeyValueCommand@511ccdce
in object org.infinispan.commands.tx.PrepareCommand@47015b38
2018-02-02 10:11:07,735 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-6) ISPN000136: Error executing command PrepareCommand, writing keys [name=0ceelJ3b7FaluV4u/Rc9ow==]: org.infinispan.commons.marshall.NotSerializableException: org.jboss.as.security.plugins.ModuleClassLoaderLocator$CombinedClassLoader
Caused by: an exception which occurred:
in field org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo.contextClassLoader
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.infinispan.commands.write.PutKeyValueCommand@511ccdce
in object org.infinispan.commands.tx.PrepareCommand@47015b38
2018-02-02 10:11:07,735 ERROR [org.infinispan.transaction.impl.TransactionCoordinator] (default task-6) ISPN000097: Error while processing a prepare in a single-phase transaction: org.infinispan.commons.marshall.NotSerializableException: org.jboss.as.security.plugins.ModuleClassLoaderLocator$CombinedClassLoader
Caused by: an exception which occurred:
in field org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo.contextClassLoader
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.infinispan.commands.write.PutKeyValueCommand@511ccdce
in object org.infinispan.commands.tx.PrepareCommand@47015b38
2018-02-02 10:11:07,737 WARN [org.infinispan.transaction.tm.DummyTransaction] (default task-6) ISPN000112: exception while committing: javax.transaction.xa.XAException
at org.infinispan//org.infinispan.transaction.impl.TransactionCoordinator.handleCommitFailure(TransactionCoordinator.java:213)
at org.infinispan//org.infinispan.transaction.impl.TransactionCoordinator.commit(TransactionCoordinator.java:159)
at org.infinispan//org.infinispan.transaction.xa.TransactionXaAdapter.commit(TransactionXaAdapter.java:114)
at org.infinispan//org.infinispan.transaction.tm.DummyTransaction.finishResource(DummyTransaction.java:401)
at org.infinispan//org.infinispan.transaction.tm.DummyTransaction.commitResources(DummyTransaction.java:448)
at org.infinispan//org.infinispan.transaction.tm.DummyTransaction.runCommit(DummyTransaction.java:321)
at org.infinispan//org.infinispan.transaction.tm.DummyTransaction.commit(DummyTransaction.java:108)
at org.infinispan//org.infinispan.transaction.tm.DummyBaseTransactionManager.commit(DummyBaseTransactionManager.java:73)
at org.infinispan//org.infinispan.cache.impl.CacheImpl.tryCommit(CacheImpl.java:1735)
at org.infinispan//org.infinispan.cache.impl.CacheImpl.executeCommandAndCommitIfNeeded(CacheImpl.java:1692)
at org.infinispan//org.infinispan.cache.impl.CacheImpl.putInternal(CacheImpl.java:1134)
at org.infinispan//org.infinispan.cache.impl.CacheImpl.put(CacheImpl.java:1124)
at org.infinispan//org.infinispan.cache.impl.CacheImpl.put(CacheImpl.java:1755)
at org.infinispan//org.infinispan.cache.impl.CacheImpl.put(CacheImpl.java:251)
at org.infinispan//org.infinispan.cache.impl.AbstractDelegatingCache.put(AbstractDelegatingCache.java:292)
at org.picketbox//org.jboss.security.authentication.JBossCachedAuthenticationManager.updateCache(JBossCachedAuthenticationManager.java:490)
at org.picketbox//org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:363)
at org.picketbox//org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323)
at org.picketbox//org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146)
at org.jboss.as.security//org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:414)
at org.jboss.as.security//org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:375)
at org.jboss.as.security//org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:353)
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.JaasCallbackHandler.verify(JaasCallbackHandler.java:204)
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.JaasCallbackHandler.access$200(JaasCallbackHandler.java:80)
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.JaasCallbackHandler$SecurityRealmImpl$RealmIdentityImpl.verifyEvidence(JaasCallbackHandler.java:355)
at org.wildfly.security.elytron-private//org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1977)
at org.wildfly.security.elytron-private//org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:759)
at org.wildfly.security.elytron-private//org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:992)
at org.wildfly.security.elytron-private//org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:902)
at org.wildfly.security.elytron-private//org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:839)
at org.wildfly.security.elytron-private//org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.lambda$createSaslServer$0(TrustManagerSaslServerFactory.java:96)
at org.wildfly.security.elytron-private//org.wildfly.security.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:117)
at org.wildfly.security.elytron-private//org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)
at org.wildfly.security.elytron-private//org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)
at org.wildfly.security.elytron-private//org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:57)
at org.jboss.xnio//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)
at org.jboss.xnio//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)
at org.jboss.remoting//org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486)
at org.jboss.remoting//org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:926)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.base/java.lang.Thread.run(Thread.java:844)
Caused by: org.infinispan.commons.marshall.NotSerializableException: org.jboss.as.security.plugins.ModuleClassLoaderLocator$CombinedClassLoader
Caused by: an exception which occurred:
in field org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo.contextClassLoader
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@1a15d95d
in object org.infinispan.commands.write.PutKeyValueCommand@511ccdce
in object org.infinispan.commands.tx.PrepareCommand@47015b38
Any help is highly appreciated
Cheers, Gert