Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
8.0.14, 8.0.15, 9.0.0, 9.1.0
-
None
Description
Given the following configuration:
@CustomFormAuthenticationMechanismDefinition( loginToContinue = @LoginToContinue(loginPage = "/login", useForwardToLogin = true)) @FacesConfig @ApplicationScoped public class ApplicationConfig { }
An exception will be thrown:
java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute [org.apache.tomee.security.request.original] org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1430) org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1386) org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:136) org.apache.tomee.security.http.LoginToContinueMechanism.saveRequest(LoginToContinueMechanism.java:90) org.apache.tomee.security.cdi.LoginToContinueInterceptor.processContainerInitiatedAuthentication(LoginToContinueInterceptor.java:132) org.apache.tomee.security.cdi.LoginToContinueInterceptor.validateRequest(LoginToContinueInterceptor.java:78) org.apache.tomee.security.cdi.LoginToContinueInterceptor.intercept(LoginToContinueInterceptor.java:63)
This is beacuse SavedAuthentication and SavedRequest does not implement Serializable