Open
Description
Environment: Spring Boot - 3.3.3 and Spring Cloud - 2023.0.2
In microservice with jasper (=Servlet Container to generate js Files) dependency added Spring Redis Session dependency to manage Sessions via Redis Server, but SessionRepositoryFilter throws Exceptions . e.g. this one....
java.lang.IllegalArgumentException: DefaultSerializer requires a Serializable payload but received an object of type [jakarta.servlet.jsp.jstl.fmt.LocalizationContext]
Configuration:
@Bean
SecurityFilterChain securityFilterChain(HttpSecurity http,
RequestMatcherBuilder mvc) throws Exception {
return http
.authorizeHttpRequests(auth ->
auth.dispatcherTypeMatchers( DispatcherType.FORWARD, DispatcherType.INCLUDE, DispatcherType.REQUEST ).permitAll()
.requestMatchers(mvc.matchers(HttpMethod.GET, "/", "/home")).permitAll()
.requestMatchers(mvc.matchers(HttpMethod.GET, "/repository", "/someother")).authenticated()
.anyRequest().authenticated()
)
.oauth2ResourceServer(oauth2 -> oauth2.jwt(withDefaults()))
//.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED))
.csrf(csrf -> csrf.disable())
.build();
}
pom dependencies
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.session</groupId>
<artifactId>spring-session-data-redis</artifactId>
</dependency>
<!-- tomcat: jasper -->
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-jasper</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>jakarta.servlet.jsp.jstl</groupId>
<artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
</dependency>
<dependency>
<groupId>org.glassfish.web</groupId>
<artifactId>jakarta.servlet.jsp.jstl</artifactId>
</dependency>
some other.....
@Configuration(proxyBeanMethods = false)
@EnableRedisHttpSession//(redisNamespace = "gateway:session")
public class SessionConfig {// implements BeanClassLoaderAware {
@Bean
LettuceConnectionFactory redisConnectionFactory() {
return new LettuceConnectionFactory();
}
}
`
.yml
server:
servlet:
encoding:
charset: UTF-8
enabled: true
force: true
session:
timeout: 480m
cookie:
name: GATEWAY-SESSION
spring:
main:
allow-bean-definition-overriding: true
mvc:
servlet:
path: /
session:
redis:
repository-type: default
flush-mode: on_save
namespace: gateway:session
data:
redis:
host: localhost
port: 6379
database: 0
timeout: 30000
Results in Exception Report
Message Cannot serialize
Description The request has not been applied to the target resource because it lacks valid authentication credentials for that resource.
Exception
org.springframework.data.redis.serializer.SerializationException: Cannot serialize
org.springframework.data.redis.serializer.JdkSerializationRedisSerializer.serialize(JdkSerializationRedisSerializer.java:94)
org.springframework.data.redis.core.AbstractOperations.rawHashValue(AbstractOperations.java:186)
org.springframework.data.redis.core.DefaultHashOperations.putAll(DefaultHashOperations.java:161)
org.springframework.session.data.redis.RedisSessionRepository$RedisSession.saveDelta(RedisSessionRepository.java:328)
org.springframework.session.data.redis.RedisSessionRepository$RedisSession.save(RedisSessionRepository.java:306)
org.springframework.session.data.redis.RedisSessionRepository.save(RedisSessionRepository.java:132)
org.springframework.session.data.redis.RedisSessionRepository.save(RedisSessionRepository.java:45)
org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.commitSession(SessionRepositoryFilter.java:229)
org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:145)
org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268)
org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:113)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
org.springframework.web.filter.ForwardedHeaderFilter.doFilterInternal(ForwardedHeaderFilter.java:173)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
Root Cause
org.springframework.core.serializer.support.SerializationFailedException: Failed to serialize object using DefaultSerializer
org.springframework.core.serializer.support.SerializingConverter.convert(SerializingConverter.java:64)
org.springframework.core.serializer.support.SerializingConverter.convert(SerializingConverter.java:33)
org.springframework.data.redis.serializer.JdkSerializationRedisSerializer.serialize(JdkSerializationRedisSerializer.java:92)
org.springframework.data.redis.core.AbstractOperations.rawHashValue(AbstractOperations.java:186)
org.springframework.data.redis.core.DefaultHashOperations.putAll(DefaultHashOperations.java:161)
org.springframework.session.data.redis.RedisSessionRepository$RedisSession.saveDelta(RedisSessionRepository.java:328)
org.springframework.session.data.redis.RedisSessionRepository$RedisSession.save(RedisSessionRepository.java:306)
org.springframework.session.data.redis.RedisSessionRepository.save(RedisSessionRepository.java:132)
org.springframework.session.data.redis.RedisSessionRepository.save(RedisSessionRepository.java:45)
org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.commitSession(SessionRepositoryFilter.java:229)
org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:145)
org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268)
org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:113)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
org.springframework.web.filter.ForwardedHeaderFilter.doFilterInternal(ForwardedHeaderFilter.java:173)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
Root Cause
java.lang.IllegalArgumentException: DefaultSerializer requires a Serializable payload but received an object of type [jakarta.servlet.jsp.jstl.fmt.LocalizationContext]
org.springframework.core.serializer.DefaultSerializer.serialize(DefaultSerializer.java:43)
org.springframework.core.serializer.Serializer.serializeToByteArray(Serializer.java:56)
org.springframework.core.serializer.support.SerializingConverter.convert(SerializingConverter.java:60)
org.springframework.core.serializer.support.SerializingConverter.convert(SerializingConverter.java:33)
org.springframework.data.redis.serializer.JdkSerializationRedisSerializer.serialize(JdkSerializationRedisSerializer.java:92)
org.springframework.data.redis.core.AbstractOperations.rawHashValue(AbstractOperations.java:186)
org.springframework.data.redis.core.DefaultHashOperations.putAll(DefaultHashOperations.java:161)
org.springframework.session.data.redis.RedisSessionRepository$RedisSession.saveDelta(RedisSessionRepository.java:328)
org.springframework.session.data.redis.RedisSessionRepository$RedisSession.save(RedisSessionRepository.java:306)
org.springframework.session.data.redis.RedisSessionRepository.save(RedisSessionRepository.java:132)
org.springframework.session.data.redis.RedisSessionRepository.save(RedisSessionRepository.java:45)
org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.commitSession(SessionRepositoryFilter.java:229)
org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:145)
org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268)
org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:113)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
org.springframework.web.filter.ForwardedHeaderFilter.doFilterInternal(ForwardedHeaderFilter.java:173)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)
Note The full stack trace of the root cause is available in the server logs.