In fact, I see two options to solve the problem : - throw a *GenericSecurityException* (instead of *LoginFailedException*) and always use a constructor to set a *cause *value (different from the object itself) - create a dedicated Kryo serializer, so that the *cause *property will not be serialized.
Best, Jérôme 2013/12/17 Misagh Moayyed <mmoay...@unicon.net> > Is there an approach we might take to not require/do serialization? > > Misagh > > > ------------------------------ > *From: *"Jérôme LELEU" <lel...@gmail.com> > *To: *cas-dev@lists.jasig.org > *Sent: *Tuesday, December 17, 2013 10:33:38 AM > *Subject: *[cas-dev] New issue on 4.0-RC2 > > Hi, > > I've made a very elaborated test on 4.0-RC2 and found a new issue. > > The test case : I have two authentication handlers, one for database and > one for LDAP and I'm using Memcached as a tickets registry. > > If for example, the authentication is successful for the database and not > for the LDAP, the *TicketGrantingTicketImpl *has an *ImmutableAuthentication > *property which has a *failures* map which has a *FailedLoginException*. > The problem is that the *FailedLoginException *references itself through > its *cause *property [1]. > > Thus, the Kryo serialization fails with the following error: *Buffer > limit exceeded writing object of type: > javax.security.auth.login.FailedLoginException*. > > There is no constructor for the *FailedLoginException *to set the *cause > *property > (to null). Only its parent (*GeneralSecurityException*) has a constructor > to set the *cause *property. > > What do you think ? > > Thanks. > Best regards, > Jérôme > > > [1] : > http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b14/java/lang/Throwable.java#175 > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > mmoay...@unicon.net > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: lel...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
