Hi there,
Chris, thanks for your fast GIT introduction :) I took this as a
(mental) starting point for developing the new 'persistAuthentication'
option of the Managers (Standard and Persistent). Almost there... I will
push this branch to my GitHub fork as soon as possible (tomorrow?).
Maybe you (and also Mark) could have a look at it before I open a
Bugzilla enhancement?
During that, I may have found a bug in both StandardSession and
DeltaSession. In both classes, there is a doReadObject method, which
loads the session from storage. When reading session attributes, the
code expects de-serialization failures for attribute values. Although
each class does this a bit differently, both classes do catch a
WriteAbortedException and log/continue if that exception's getCause()
returns an instance of NotSerializableException. For any other cause,
the WriteAbortedException gets re-thrown.
AFAIK, those exceptions are never thrown when reading from an
ObjectInputStream. Maybe that's a copy and paste bug? Method readObject
should throw ClassNotFoundException and any subclass of
ObjectStreamException except WriteAbortedException and
NotSerializableException.
Carsten
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
