Google app engine 迁移到Spring Security 4.1.0.0版本后恢复会话对象_Google App Engine_Spring Security

Google app engine 迁移到Spring Security 4.1.0.0版本后恢复会话对象

google-app-engine spring-security

Google app engine 迁移到Spring Security 4.1.0.0版本后恢复会话对象,google-app-engine,spring-security,Google App Engine,Spring Security,从Spring Security 4.0.x迁移到Spring Security 4.1.0.RELEASE后，由于不同的serialVersionUID，我无法从会话还原SecurityContext public class SecurityContextImpl implements SecurityContext { private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VER

从Spring Security 4.0.x迁移到Spring Security 4.1.0.RELEASE后，由于不同的

serialVersionUID

，我无法从会话还原

SecurityContext

public class SecurityContextImpl implements SecurityContext {

    private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
...
}

例外情况：

Exception while loading session data
java.lang.RuntimeException: java.io.InvalidClassException: org.springframework.security.core.context.SecurityContextImpl; local class incompatible: stream classdesc serialVersionUID = 400, local class serialVersionUID = 410
    at com.google.apphosting.runtime.SessionManagerUtil.deserialize(SessionManagerUtil.java:58)
    at com.google.apphosting.runtime.DatastoreSessionStore.createSessionFromEntity(DatastoreSessionStore.java:58)
    at com.google.apphosting.runtime.DatastoreSessionStore.getSession(DatastoreSessionStore.java:85)
    at com.google.apphosting.runtime.jetty.SessionManager.loadSession(SessionManager.java:330)
    at com.google.apphosting.runtime.jetty.SessionManager.getSession(SessionManager.java:303)
    at org.mortbay.jetty.servlet.AbstractSessionManager.getHttpSession(AbstractSessionManager.java:237)
    at org.mortbay.jetty.servlet.SessionHandler.setRequestedId(SessionHandler.java:246)
    at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:136)
    at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
    at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.handle(AppVersionHandlerMap.java:260)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
    at org.mortbay.jetty.Server.handle(Server.java:326)
    at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
    at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
    at com.google.apphosting.runtime.jetty.RpcRequestParser.parseAvailable(RpcRequestParser.java:78)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
    at com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:148)
    at com.google.apphosting.runtime.JavaRuntime$RequestRunnable.run(JavaRuntime.java:468)
    at com.google.tracing.TraceContext$TraceContextRunnable.runInContext(TraceContext.java:439)
    at com.google.tracing.TraceContext$TraceContextRunnable$1.run(TraceContext.java:446)
    at com.google.tracing.CurrentContext.runInContext(CurrentContext.java:256)
    at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContextNoUnref(TraceContext.java:310)
    at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContext(TraceContext.java:302)
    at com.google.tracing.TraceContext$TraceContextRunnable.run(TraceContext.java:443)
    at com.google.apphosting.runtime.ThreadGroupPool$PoolEntry.run(ThreadGroupPool.java:235)
    at java.lang.Thread.run(Thread.java:745)
Caused by: java.io.InvalidClassException: org.springframework.security.core.context.SecurityContextImpl; local class incompatible: stream classdesc serialVersionUID = 400, local class serialVersionUID = 410
    at java.io.ObjectStreamClass.initNonProxy(ObjectStreamClass.java:617)
    at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1746)
    at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1630)
    at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1907)
    at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1462)
    at java.io.ObjectInputStream.readObject(ObjectInputStream.java:417)
    at java.util.HashMap.readObject(HashMap.java:1182)
    at sun.reflect.GeneratedMethodAccessor65.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1017)
    at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2040)
    at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1936)
    at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1462)
    at java.io.ObjectInputStream.readObject(ObjectInputStream.java:417)
    at com.google.apphosting.runtime.SessionManagerUtil.deserialize(SessionManagerUtil.java:56)
    ... 26 more

我遇到了同样的问题。就我而言，这是由于web安全配置的XML模式版本

是的

http://www.springframework.org/schema/security/spring-security-4.0.xsd

我把它调好后就修好了

http://www.springframework.org/schema/security/spring-security-4.1.xsd

根据M.Deinum的建议，在Spring安全更新的情况下，您无法恢复这些会话。必须清除它们才能再次正确使用会话。正如Igor所建议的，您可以通过删除数据存储中的会话实体来实现这一点。

我怀疑这是Spring更新，而是Spring安全更新。。。事实上，你不能像预期的那样反序列化它们。清除存储的会话（将其删除）。有人知道我如何在GAE上执行此操作吗？清除表

\u ah\u会话