0 Replies Latest reply on Jul 27, 2009 7:22 PM by Matteo Ridolfi

    Jboss Cache + Spring Security

    Matteo Ridolfi Newbie

      Hello,
      I'm currently stuck on this problem.

      We have a two 4.2.3.GA servers cluster setup, configured with:

      - Apache2 + mod_jk with sticky session
      - JDK 1.6.0_07
      - JbossCache 1.4.1.SP13 configured as a TreeCache
      - Spring Security Framework 2.5.5


      The two nodes see each other, and the cluster is synced. When a session is created I can see the replication on the other node, through the JMX console.

      The problem occurs when one of the nodes go down and the application tries to recover the session. The application throws the following exception:

      21:56:10,078 ERROR [JBossCacheService] loadSession(): id: UjsgmlsqnWDTJh6aOmxz exception occurred during deserialization
      java.lang.ArrayStoreException: org.springframework.security.GrantedAuthorityImpl
      at java.io.ObjectInputStream.readArray(ObjectInputStr eam.java:1667)
      at java.io.ObjectInputStream.readObject0(ObjectInputS tream.java:1323)
      at java.io.ObjectInputStream.defaultReadFields(Object InputStream.java:1947)
      at java.io.ObjectInputStream.readSerialData(ObjectInp utStream.java:1871)
      at java.io.ObjectInputStream.readOrdinaryObject(Objec tInputStream.java:1753)
      at java.io.ObjectInputStream.readObject0(ObjectInputS tream.java:1329)
      at java.io.ObjectInputStream.defaultReadFields(Object InputStream.java:1947)
      at java.io.ObjectInputStream.readSerialData(ObjectInp utStream.java:1871)
      at java.io.ObjectInputStream.readOrdinaryObject(Objec tInputStream.java:1753)
      at java.io.ObjectInputStream.readObject0(ObjectInputS tream.java:1329)
      at java.io.ObjectInputStream.readObject(ObjectInputSt ream.java:351)
      at java.util.concurrent.ConcurrentHashMap.readObject( ConcurrentHashMap.java:1275)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Nativ e Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Native MethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at java.io.ObjectStreamClass.invokeReadObject(ObjectS treamClass.java:974)
      at java.io.ObjectInputStream.readSerialData(ObjectInp utStream.java:1849)
      at java.io.ObjectInputStream.readOrdinaryObject(Objec tInputStream.java:1753)
      at java.io.ObjectInputStream.readObject0(ObjectInputS tream.java:1329)
      at java.io.ObjectInputStream.readObject(ObjectInputSt ream.java:351)
      at org.jboss.web.tomcat.service.session.SessionBasedC lusteredSession.readExternal(SessionBasedClustered Session.java:154)
      at org.jboss.web.tomcat.service.session.JBossCacheSer vice.loadSession(JBossCacheService.java:284)
      at org.jboss.web.tomcat.service.session.JBossCacheMan ager.loadSession(JBossCacheManager.java:1041)
      at org.jboss.web.tomcat.service.session.JBossCacheMan ager.findSession(JBossCacheManager.java:813)
      at org.apache.catalina.connector.Request.doGetSession (Request.java:2283)
      at org.apache.catalina.connector.Request.getSession(R equest.java:2075)
      at org.jboss.web.tomcat.service.session.JvmRouteValve .checkJvmRoute(JvmRouteValve.java:91)
      at org.jboss.web.tomcat.service.session.JvmRouteValve .invoke(JvmRouteValve.java:81)
      at org.jboss.web.tomcat.security.JaccContextValve.inv oke(JaccContextValve.java:84)
      at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:127)
      at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:102)
      at org.jboss.web.tomcat.service.sso.ClusteredSingleSi gnOn.invoke(ClusteredSingleSignOn.java:638)
      at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:262)
      at org.apache.coyote.ajp.AjpAprProcessor.process(AjpA prProcessor.java:419)
      at org.apache.coyote.ajp.AjpAprProtocol$AjpConnection Handler.process(AjpAprProtocol.java:378)
      at org.apache.tomcat.util.net.AprEndpoint$SocketWithO ptionsProcessor.run(AprEndpoint.java:1928)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run Task(ThreadPoolExecutor.java:886)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:908)
      at java.lang.Thread.run(Thread.java:619)




      I'm not sure it's a spring security problem. We tried to debug the application and apparently the session content is empty.

      Anyone experienced the same problem or have an idea of the cause?


      Thanks in advance for your reply.
      Mattie