Hi again,
I've spent some time on this today and have found (at least I think so)
that my problem in deserializing an instance of an object is related to
the ClassLoader that the class ObjectInputStream uses. It appears that
it does not use the WebappClassLoader of the service in question, but
instead defaults to a ClassLoader higher up the tree (which does not
have visibility on the cache of the WebappClassLoader).
In my service, I've loaded a full class definition and created an
instance of it. At this point it (afaik) must be in the cache of the
WebappClassLoader. However, when an ObjectInputStream is called to...
ois.readObject() on a byte[] of an instance of that same class, it fail
for ClassNotFoundException.
A Tomcat solution is identified here...
http://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/util/CustomObjectInputStream.html
Which is in $CATILANA_HOME/lib/catalina.jar.
Has anyone use this? do I need to add this jar implement this, and
include it in my war file?
regards,
Peter
On 01/21/2013 08:30 PM, Konstantin Kolinko wrote:
2013/1/21 Peter Lavin<lav...@cs.tcd.ie>:
Dear List,
My web application needs to deserialize both classes and objects which are
sent to it.
I'm using Base64 serialization, and when I transport full<name>.class file
to a service, I can deserialize it with no problem using
ObjectInputStream.readObject(). I also need to transport instances of
certain classes to the application but without having the benefit of having
the class loaded in the WebappClassLoader. Not surprisingly, deserializing
an instance of a class fails for ClassNotFoundException.
My question: When I need to transport an instance of a class, I can easily
also transport the full class. This full class can be instantiated if
required. How could I load this class to the WebappClassLoader and have it
available there for when I need to call ois.readObject()? I want to load the
(full) class to the WebClassLoader to over come the ClassNotFoundException.
The same as with any other ClassLoader:
use the bytes and call ClassLoader.defineClass(..), then
ClassLoader.resolveClass(..).
There is an example in WebappClassLoader.clearReferencesJdbc() method
(though resolveClass() is not called there, I do not know why - maybe
it was just forgotten).
Env:
Tomcat 7.0.14
Known security issues:
http://tomcat.apache.org/security-7.html
OSCentOS release 5.8 (Final)
java version 1.6.0 22
OpenJDK Runtime Environment (IcedTea6 1.10.10)
(rhel-1.28.1.10.10.el5 8-x86 64)
OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
--
with best regards,
Peter Lavin,
PhD Candidate,
CAG - Computer Architecture & Grid Research Group,
Lloyd Institute, 005,
Trinity College Dublin, Ireland.
+353 1 8961536
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
