Describe the bug
The replicate spring session is not create because the Saml2RedirectAuthenticationRequest class is not serializable!
The class Saml2RedirectAuthenticationRequest is not olso instantiable, so the hazelcast serialization overlay cannot be used. can you help me please?
2021-12-07 17:39:16.918 ERROR 16964 --- [nio-8080-exec-2] o.a.c.c.C.[Tomcat].[localhost] : Exception Processing ErrorPage[errorCode=0, location=/error]
com.hazelcast.nio.serialization.HazelcastSerializationException: Failed to serialize 'org.springframework.session.MapSession' at com.hazelcast.internal.serialization.impl.SerializationUtil.handleSerializeException(SerializationUtil.java:129) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toBytes(AbstractSerializationService.java:238) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toBytes(AbstractSerializationService.java:214) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toData(AbstractSerializationService.java:199) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toData(AbstractSerializationService.java:154) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.StorageImpl.updateRecordValue(StorageImpl.java:90) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.StorageImpl.updateRecordValue(StorageImpl.java:44) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.DefaultRecordStore.updateRecord(DefaultRecordStore.java:952) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.DefaultRecordStore.putInternal(DefaultRecordStore.java:910) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.DefaultRecordStore.setWithUncountedAccess(DefaultRecordStore.java:1136) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.operation.EntryOperator.onAddedOrUpdated(EntryOperator.java:268) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.operation.EntryOperator.doPostOperateOps(EntryOperator.java:235) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.operation.EntryOperation.call(EntryOperation.java:194) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationservice.impl.OperationRunnerImpl.call(OperationRunnerImpl.java:272) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationservice.impl.OperationRunnerImpl.run(OperationRunnerImpl.java:248) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationservice.impl.OperationRunnerImpl.run(OperationRunnerImpl.java:213) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationexecutor.impl.OperationThread.process(OperationThread.java:175) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationexecutor.impl.OperationThread.process(OperationThread.java:139) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationexecutor.impl.OperationThread.executeRun(OperationThread.java:123) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.util.executor.HazelcastManagedThread.run(HazelcastManagedThread.java:102) ~[hazelcast-5.0.jar:5.0] at ------ submitted from ------.() ~[na:na] at com.hazelcast.internal.util.ExceptionUtil.cloneExceptionWithFixedAsyncStackTrace(ExceptionUtil.java:279) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.AbstractInvocationFuture.wrapRuntimeException(AbstractInvocationFuture.java:1968) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.AbstractInvocationFuture.wrapOrPeel(AbstractInvocationFuture.java:1949) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.AbstractInvocationFuture$ExceptionalResult.wrapForJoinInternal(AbstractInvocationFuture.java:1431) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.AbstractInvocationFuture.resolveAndThrowForJoinInternal(AbstractInvocationFuture.java:600) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.AbstractInvocationFuture.joinInternal(AbstractInvocationFuture.java:584) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.proxy.MapProxyImpl.executeOnKey(MapProxyImpl.java:821) ~[hazelcast-5.0.jar:5.0] at org.springframework.session.hazelcast.Hazelcast4IndexedSessionRepository.save(Hazelcast4IndexedSessionRepository.java:267) ~[spring-session-hazelcast-2.6.0.jar:2.6.0] at org.springframework.session.hazelcast.Hazelcast4IndexedSessionRepository.save(Hazelcast4IndexedSessionRepository.java:113) ~[spring-session-hazelcast-2.6.0.jar:2.6.0] at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.commitSession(SessionRepositoryFilter.java:226) ~[spring-session-core-2.6.0.jar:2.6.0] at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.access$100(SessionRepositoryFilter.java:193) ~[spring-session-core-2.6.0.jar:2.6.0] at org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:145) ~[spring-session-core-2.6.0.jar:2.6.0] at org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82) ~[spring-session-core-2.6.0.jar:2.6.0] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:103) ~[spring-web-5.3.13.jar:5.3.13] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:711) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:461) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:385) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:313) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:403) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:249) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:344) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1722) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.55.jar:9.0.55] at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na] Caused by: com.hazelcast.nio.serialization.HazelcastSerializationException: There is no suitable serializer for class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest at com.hazelcast.internal.serialization.impl.AbstractSerializationService.serializerFor(AbstractSerializationService.java:594) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.writeObject(AbstractSerializationService.java:329) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.ByteArrayObjectDataOutput.writeObject(ByteArrayObjectDataOutput.java:402) ~[hazelcast-5.0.jar:5.0] at org.springframework.session.hazelcast.HazelcastSessionSerializer.write(HazelcastSessionSerializer.java:99) ~[spring-session-hazelcast-2.6.0.jar:2.6.0] at org.springframework.session.hazelcast.HazelcastSessionSerializer.write(HazelcastSessionSerializer.java:84) ~[spring-session-hazelcast-2.6.0.jar:2.6.0] at com.hazelcast.internal.serialization.impl.StreamSerializerAdapter.write(StreamSerializerAdapter.java:39) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toBytes(AbstractSerializationService.java:235) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toBytes(AbstractSerializationService.java:214) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toData(AbstractSerializationService.java:199) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.serialization.impl.AbstractSerializationService.toData(AbstractSerializationService.java:154) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.StorageImpl.updateRecordValue(StorageImpl.java:90) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.StorageImpl.updateRecordValue(StorageImpl.java:44) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.DefaultRecordStore.updateRecord(DefaultRecordStore.java:952) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.DefaultRecordStore.putInternal(DefaultRecordStore.java:910) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.recordstore.DefaultRecordStore.setWithUncountedAccess(DefaultRecordStore.java:1136) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.operation.EntryOperator.onAddedOrUpdated(EntryOperator.java:268) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.operation.EntryOperator.doPostOperateOps(EntryOperator.java:235) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.map.impl.operation.EntryOperation.call(EntryOperation.java:194) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationservice.impl.OperationRunnerImpl.call(OperationRunnerImpl.java:272) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationservice.impl.OperationRunnerImpl.run(OperationRunnerImpl.java:248) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationservice.impl.OperationRunnerImpl.run(OperationRunnerImpl.java:213) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationexecutor.impl.OperationThread.process(OperationThread.java:175) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationexecutor.impl.OperationThread.process(OperationThread.java:139) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.spi.impl.operationexecutor.impl.OperationThread.executeRun(OperationThread.java:123) ~[hazelcast-5.0.jar:5.0] at com.hazelcast.internal.util.executor.HazelcastManagedThread.run(HazelcastManagedThread.java:102) ~[hazelcast-5.0.jar:5.0]
To Reproduce Spring boot / Spring Session & Hazelcast
Comment From: bameur
to reproducte this issue, you can start spring boot app with this conf :
package` com.company.security.hazelcast;
import com.hazelcast.config.*;
import com.hazelcast.core.Hazelcast;
import com.hazelcast.core.HazelcastInstance;
import com.company.security.hazelcast.serialization.GlobalStreamSerializer;
import com.company.security.hazelcast.serialization.Saml2RedirectAuthenticationRequestSerializer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest;
import org.springframework.session.FindByIndexNameSessionRepository;
import org.springframework.session.FlushMode;
import org.springframework.session.MapSession;
import org.springframework.session.SaveMode;
import org.springframework.session.config.SessionRepositoryCustomizer;
import org.springframework.session.hazelcast.Hazelcast4IndexedSessionRepository;
import org.springframework.session.hazelcast.Hazelcast4PrincipalNameExtractor;
import org.springframework.session.hazelcast.HazelcastSessionSerializer;
import org.springframework.session.hazelcast.config.annotation.SpringSessionHazelcastInstance;
import org.springframework.session.hazelcast.config.annotation.web.http.EnableHazelcastHttpSession;
//import com.hazelcast.web.WebFilter;
//import java.util.Properties;
// tag::class[]
@Configuration
@EnableHazelcastHttpSession
public class SessionConfig {
@Bean
public Config hazelcastConfig() {
Config config = new Config();
NetworkConfig networkConfig = config.getNetworkConfig();
networkConfig.setPort(0);
networkConfig.getJoin().getMulticastConfig().setEnabled(false);
AttributeConfig attributeConfig = new AttributeConfig()
.setName(Hazelcast4IndexedSessionRepository.PRINCIPAL_NAME_ATTRIBUTE)
.setExtractorClassName(Hazelcast4PrincipalNameExtractor.class.getName());
config.getMapConfig(Hazelcast4IndexedSessionRepository.DEFAULT_SESSION_MAP_NAME)
.addAttributeConfig(attributeConfig).addIndexConfig(
new IndexConfig(IndexType.HASH, Hazelcast4IndexedSessionRepository.PRINCIPAL_NAME_ATTRIBUTE));
SerializerConfig serializerConfig = new SerializerConfig();
serializerConfig.setImplementation(new HazelcastSessionSerializer()).setTypeClass(MapSession.class);
//SerializerConfig serializerConfigS2RAR = new SerializerConfig();
//serializerConfigS2RAR.setImplementation(new HazelcastSessionSerializer())
// .setTypeClass(Saml2RedirectAuthenticationRequest.class)
// .setClassName(Saml2RedirectAuthenticationRequestSerializer.class.getName());
//GlobalSerializerConfig globalSerializerConfig = new GlobalSerializerConfig();
//globalSerializerConfig.setOverrideJavaSerialization(true);
//globalSerializerConfig.setClassName(GlobalStreamSerializer.class.getName());
config.getSerializationConfig().addSerializerConfig(serializerConfig);
//config.getSerializationConfig().addSerializerConfig(serializerConfigS2RAR);
//config.getSerializationConfig().setGlobalSerializerConfig(globalSerializerConfig);
//CompactSerializationConfig().setEnabled(true);
return config;
}
@Bean
@SpringSessionHazelcastInstance
HazelcastInstance hazelcastInstance(Config config) {
return Hazelcast.newHazelcastInstance(config);
}
/*
@Bean
public FindByIndexNameSessionRepository findByIndexNameSessionRepository(HazelcastInstance hazelcastInstance){
Hazelcast4IndexedSessionRepository sessionRepository = new Hazelcast4IndexedSessionRepository(hazelcastInstance);
sessionRepository.setFlushMode(FlushMode.IMMEDIATE);
sessionRepository.setSaveMode(SaveMode.ALWAYS);
sessionRepository.setSessionMapName(Hazelcast4IndexedSessionRepository.DEFAULT_SESSION_MAP_NAME);
sessionRepository.setDefaultMaxInactiveInterval(900);
return sessionRepository;
}
*/
@Bean
public SessionRepositoryCustomizer<Hazelcast4IndexedSessionRepository> customize() {
return (sessionRepository) -> {
sessionRepository.setFlushMode(FlushMode.IMMEDIATE);
sessionRepository.setSaveMode(SaveMode.ALWAYS);
sessionRepository.setSessionMapName(Hazelcast4IndexedSessionRepository.DEFAULT_SESSION_MAP_NAME);
sessionRepository.setDefaultMaxInactiveInterval(900);
};
}
/*
@Bean
public WebFilter webFilter(HazelcastInstance hazelcastInstance) {
Properties properties = new Properties();
properties.put("instance-name", hazelcastInstance.getName());
properties.put("sticky-session", "false");
return new WebFilter(properties);
}
*/
}
// end::class[]
and
package com.company.security.saml2;
import com.company.security.saml2.handler.Saml2AuthenticationFailureHandler;
import com.company.security.saml2.handler.Saml2AuthenticationSuccessHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.saml2.provider.service.metadata.OpenSamlMetadataResolver;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver;
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationTokenConverter;
import org.springframework.security.saml2.provider.service.web.Saml2MetadataFilter;
import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.session.FindByIndexNameSessionRepository;
import org.springframework.session.Session;
import org.springframework.session.security.SpringSessionBackedSessionRegistry;
import org.springframework.session.security.web.authentication.SpringSessionRememberMeServices;
import javax.servlet.http.HttpServletRequest;
@Configuration
@Order(2)
public class SecurityConfigSaml2 <S extends Session> extends WebSecurityConfigurerAdapter {
@Autowired
private FindByIndexNameSessionRepository<S> sessionRepository;
@Value("${spring.security.oauth2.client.registration.wso2oauth2.client-id}")
private String OAUTH2_CLIENT_ID;
@Value("${spring.security.oauth2.client.registration.wso2oauth2.client-secret}")
private String OAUTH2_CLIENT_SECRET;
@Value("${spring.security.oauth2.client.registration.wso2oauth2.authorization-grant-type}")
private String OAUTH2_AUTHORIZATION_GRANT_TYPE;
@Value("${spring.security.oauth2.client.provider.wso2oauth2.token-uri}")
private String OAUTH2_TOKEN_URI;
@Override
protected void configure(HttpSecurity http) throws Exception {
/*
OpenSaml4AuthenticationProvider authenticationProvider = new OpenSaml4AuthenticationProvider();
authenticationProvider.setResponseAuthenticationConverter(responseToken -> {
Saml2Authentication authentication = OpenSaml4AuthenticationProvider
.createDefaultResponseAuthenticationConverter()
.convert(responseToken);
Assertion assertion = responseToken.getResponse().getAssertions().get(0);
String username = assertion.getSubject().getNameID().getValue();
//UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
//UserDetails userDetails = mySamlUserDetailsService().loadUserByUsername(authentication.getSaml2Response());
return mySaml2Authentication(null, authentication);
});
*/
// @formatter:off
http.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
.requestMatcher(new RequestNotInHeaderRequestMatcher("access-token"))
.saml2Login((saml2) -> saml2.loginProcessingUrl("/login/saml2/sso")
//.authenticationManager(new ProviderManager(authenticationProvider))
.successHandler(new Saml2AuthenticationSuccessHandler(OAUTH2_CLIENT_ID, OAUTH2_CLIENT_SECRET, OAUTH2_AUTHORIZATION_GRANT_TYPE, OAUTH2_TOKEN_URI))
.failureHandler(new Saml2AuthenticationFailureHandler()))
.rememberMe((rememberMe) -> rememberMe
.rememberMeServices(rememberMeServices()))
.sessionManagement((sessionManagement) -> sessionManagement
.maximumSessions(2)
.sessionRegistry(sessionRegistry())
)
.saml2Logout(Customizer.withDefaults());
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Bean
RelyingPartyRegistrationResolver relyingPartyRegistrationResolver(
RelyingPartyRegistrationRepository registrations) {
return new DefaultRelyingPartyRegistrationResolver((id) -> registrations.findByRegistrationId("wso2saml2"));
}
@Bean
Saml2AuthenticationTokenConverter authentication(RelyingPartyRegistrationResolver registrations) {
return new Saml2AuthenticationTokenConverter(registrations);
}
@Bean
FilterRegistrationBean<Saml2MetadataFilter> metadata(RelyingPartyRegistrationResolver registrations) {
Saml2MetadataFilter metadata = new Saml2MetadataFilter(registrations, new OpenSamlMetadataResolver());
FilterRegistrationBean<Saml2MetadataFilter> filter = new FilterRegistrationBean<>(metadata);
filter.setOrder(-101);
return filter;
}
/*
public Saml2Authentication mySaml2Authentication(UserDetails userDetails, Saml2Authentication authentication){
System.out.println("===================================================");
System.out.println(authentication.getSaml2Response());
System.out.println("===================================================");
return authentication;
}
*/
class RequestNotInHeaderRequestMatcher implements RequestMatcher {
RequestHeaderRequestMatcher rhm;
public RequestNotInHeaderRequestMatcher(String expectedHeaderName) {
this.rhm = new RequestHeaderRequestMatcher(expectedHeaderName);
}
public boolean matches(HttpServletRequest request){
return !rhm.matches(request);
}
}
@Bean
public SpringSessionRememberMeServices rememberMeServices() {
SpringSessionRememberMeServices rememberMeServices = new SpringSessionRememberMeServices();
// optionally customize
rememberMeServices.setAlwaysRemember(true);
return rememberMeServices;
}
@Bean
public SpringSessionBackedSessionRegistry<S> sessionRegistry() {
return new SpringSessionBackedSessionRegistry<>(this.sessionRepository);
}
}
and
package com.company;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cache.annotation.EnableCaching;
@EnableCaching
@SpringBootApplication
public class LoginApplication {
public static void main(String[] args) {
SpringApplication.run(LoginApplication.class, args);
}
}
Comment From: bameur
I just prepared a simple project (attached) which reproduces the error. thank you in advance for your help
ops-app-spring-login-error.zip
L'exception :Caused by: com.hazelcast.nio.serialization.HazelcastSerializationException: There is no suitable serializer for class org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest
Comment From: bitrecycling
just a hint, I opened the "same" issue a couple of days ago, it's already filed for see https://github.com/spring-projects/spring-security/issues/10550
Comment From: marcusdacoregio
Thanks. I'll close this as a duplicate of #10550.