8 Replies Latest reply on Jan 23, 2014 7:12 AM by Gert Kropiunik

    SavedRequest causes NotSerializableException in clustered mode

    Gert Kropiunik Newbie

      Hi,

       

      I am using wildfly CR1 in standalone-full-ha mode where the web sessions will be distributed across the cluster nodes. I am also using FORM based authentication in my application. One thing I have noticed is that when users that are not authenticated send a POST request to the server they get redirected to the login page as expected but during this operation I see exceptions in the loggfiles like this:

       

      2014-01-21 15:11:22,960 ERROR [org.infinispan.interceptors.InvocationContextInterceptor] (default task-2) ISPN000136: Execution error: org.infinispan.commons.CacheException: java.lang.RuntimeException: Failure to marshal argument(s)

              at org.infinispan.commons.util.Util.rewrapAsCacheException(Util.java:581)

              .......

              .......

      Caused by: org.infinispan.commons.marshall.NotSerializableException: io.undertow.servlet.util.SavedRequest

      Caused by: an exception which occurred:

              in object java.util.HashMap@9bc848a8

              in object org.jboss.as.clustering.marshalling.SimpleMarshalledValue@9bc848a8

              in object org.infinispan.commands.write.PutKeyValueCommand@899e95ca

              in object org.infinispan.commands.tx.PrepareCommand@e338a19d

       

      After a bit of debugging I found the reason for that. The ServletFormAuthenticationMechanism.storeInitialLocation() method that is called when the FORM based authentication mechanism kicks in tries to store the current request by calling SavedRequest.trySaveRequest(exchange). In this method the current request is stored inside the current session. GET requests wont trigger the session.setAttribute(SESSION_KEY, request) but POST requests do because exchange.isRequestComplete() is true for GET but not for POST requests. Because the SavedRequest is not Serializable infinispan cannot marshall the session any more to distribute is across all the cluster nodes.

       

      I see two  solutions for this issue:

      1) Try to make the SavedRequest class Serializable.

      2) Store the SavedRequets in the LocalSessionContext in org.wildfly.clustering.web.undertow.session.SessionAdapter.setAttribute() just like it is done for the AUTHENTICATED_SESSION_ATTRIBUTE_NAME to prevent the SavedRequest from being distributed to other cluster nodes.

       

      I am curious what you think about this issue. For now I would like to set the UndertowOptions.MAX_BUFFERED_REQUEST_SIZE to 0 to disable this feature but I could not find a way to do that because the wildfly standalone config does not expose a way to set this property in the xml.

       

      Cheers, Gert