Skip to content

Add serialVersionUID to DefaultSavedRequest and SavedCookie #10594

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
xhh1314 opened this issue Dec 8, 2021 · 4 comments
Closed

Add serialVersionUID to DefaultSavedRequest and SavedCookie #10594

xhh1314 opened this issue Dec 8, 2021 · 4 comments
Assignees
@marcusdacoregio
Labels
in: web An issue in web modules (web, webmvc) status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
Milestone
5.7.0-M2

Comments

@xhh1314
Copy link

xhh1314 commented Dec 8, 2021

Describe the bug
the class org.springframework.security.web.savedrequest.DefaultSavedRequest and org.springframework.security.web.savedrequest.SavedCookie had implements Serializable , but did't added serialVersionUID, lead a deserialization exception

To Reproduce
use spring-session-data-redis and SkyWalking would got exception

Expected behavior
please add serialVersionUID to those class

Sample
@xhh1314 xhh1314 added status: waiting-for-triage An issue we've not yet triaged type: bug A general bug labels Dec 8, 2021
@marcusdacoregio
Copy link
Contributor

Hi, thanks for reaching out.

The absence of the serialVersionUID property alone should not cause a deserialization exception, because the serialVersionUID is calculated based on many aspects of the class.

Can you elaborate more on your configuration? Are you upgrading from another version?

Also, if you can provide a minimal reproducible sample, it would be even better for us to analyze further.

@marcusdacoregio marcusdacoregio added the status: waiting-for-feedback We need additional information before we can continue label Dec 8, 2021
@xhh1314 xhh1314 closed this as completed Dec 9, 2021
@xhh1314 xhh1314 reopened this Dec 9, 2021
@xhh1314
Copy link
Author

xhh1314 commented Dec 9, 2021

I am using Spring OAuth2, Spring-Session-Data-Redis and SkyWalking APM which is a java agent that enhances DefaultSavedRequest object

You can reference this issue: spring-attic/spring-security-oauth#1684

Please Declare serialVersionUID on those classes

Thanks

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels Dec 9, 2021
@marcusdacoregio marcusdacoregio changed the title please add serialVersionUID to class Add serialVersionUID to DefaultSavedRequest and SavedCookie Dec 22, 2021
@marcusdacoregio
Copy link
Contributor

@xhh1314 are you interested in submitting a PR to fix this? One way to do this is by using SpringSecurityCoreVersion:

private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;

@marcusdacoregio marcusdacoregio added in: web An issue in web modules (web, webmvc) status: ideal-for-contribution An issue that we actively are looking for someone to help us with and removed status: waiting-for-triage An issue we've not yet triaged status: feedback-provided Feedback has been provided labels Dec 22, 2021
@jakspok jakspok mentioned this issue Jan 4, 2022
Closed
@jakspok
Copy link
Contributor

jakspok commented Jan 5, 2022

Hello everyone, this is the contribution mentioned in previous threads, I hope it will be useful

@marcusdacoregio marcusdacoregio added type: enhancement A general enhancement and removed type: bug A general bug labels Jan 18, 2022
@marcusdacoregio marcusdacoregio added this to the 5.7.0-M2 milestone Jan 18, 2022
marcusdacoregio pushed a commit that referenced this issue Jan 18, 2022
@jakspok @marcusdacoregio
Add serialVersionUID to DefaultSavedRequest and SavedCookie
7435da6 
Closes gh-10594
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcusdacoregio marcusdacoregio

Labels
in: web An issue in web modules (web, webmvc) status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
Projects
None yet
Milestone
5.7.0-M2
Development

No branches or pull requests
4 participants
@marcusdacoregio @spring-projects-issues @xhh1314 @jakspok