Greetings, fellow StackOverFlow members. I have just begun to learn how to program web-enabled applications using technologies such as Java Enterprise Beans and Java Persistence API.
The official NetBeans website currently offers a bundle that (supposedly) allows me to develop said applications. A bundle that has an approximate size of 213 MB.
Now here's the deal: suppose that I want to simulate the process of logging in to a website. You know, like, when I log into Amazon, my session data is stored in my browser, and that is how they're able to, like, display things such as "Welcome, Miguel Martins" or "Recommended purchases for Miguel Martins", right? Right. Well, here's what I do (let's start with index.jsp):
<%@page import="beans.UserBeanRemote"%>
<%@page import="entities.SimplifiedUser"%>
<%@page import="beans.BeanFacade"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<%
UserBeanRemote userBean = BeanFacade.getUserBean();
userBean.setAuthenticatedUser(session, new SimplifiedUser("Miguel Martins", "password"));
SimplifiedUser authenticatedUser = userBean.getAuthenticatedUser(session);
if (authenticatedUser == null) {
out.write("No user is authenticated.");
}
else {
out.write("There is an authenticated user. Username: " + authenticatedUser.getUserName());
}
%>
</body>
</html>
Simple, right? My intentions here are (obviously) to call the setAuthenticatedUser method to store session data, and then the getAuthenticatedUser method to basically ask "who is authenticated in this web browser?"
And here's how I programmed the rest. Keep in mind this is supposed to be a simple/minimalistic application, for learning purposes.
BeanFacade.java
package beans;
import javax.naming.InitialContext;
import javax.naming.NamingException;
public class BeanFacade {
private static InitialContext context;
private static void initializeContext() throws NamingException {
if (context == null) {
context = new InitialContext();
}
}
public static UserBeanRemote getUserBean() throws NamingException {
initializeContext();
return (UserBeanRemote) context.lookup("java:global/SimplifiedAuthentication/SimplifiedAuthentication-ejb/UserBean!beans.UserBeanRemote");
}
}
UserBean.java
package beans;
import entities.SimplifiedUser;
import javax.ejb.Stateless;
import javax.servlet.http.HttpSession;
@Stateless
public class UserBean implements UserBeanRemote {
@Override
public void setAuthenticatedUser(HttpSession session, SimplifiedUser user) {
session.setAttribute("authenticated_user", user);
}
@Override
public SimplifiedUser getAuthenticatedUser(HttpSession session) {
return (SimplifiedUser) session.getAttribute("authenticated_user");
}
}
UserBeanRemote.java (obviously, UserBean's remote interface)
package beans;
import entities.SimplifiedUser;
import javax.ejb.Remote;
import javax.servlet.http.HttpSession;
@Remote
public interface UserBeanRemote {
public void setAuthenticatedUser(HttpSession session, SimplifiedUser user);
public SimplifiedUser getAuthenticatedUser(HttpSession session);
}
And last, but not least, SimplifiedUser.java. This is what I want to store as session data.
package entities;
import java.io.Serializable;
import javax.persistence.Entity;
import javax.persistence.Id;
@Entity
public class SimplifiedUser implements Serializable {
private static final long serialVersionUID = 1L;
@Id
private String userName;
private String password;
public SimplifiedUser() {
}
public SimplifiedUser(String userName, String password) {
this.userName = userName;
this.password = password;
}
public String getUserName() {
return userName;
}
}
However, much to my dismay, when I run the project, it throws an exception at me:
HTTP Status 500 -
type Exception report
message
descriptionThe server encountered an internal error () that prevented it from fulfilling this request.
exception
org.apache.jasper.JasperException: javax.ejb.EJBException: java.rmi.MarshalException: CORBA BAD_PARAM 1330446342 Maybe; nested exception is: java.io.NotSerializableException:
root cause
javax.ejb.EJBException: java.rmi.MarshalException: CORBA BAD_PARAM 1330446342 Maybe; nested exception is: java.io.NotSerializableException:
root cause
java.rmi.MarshalException: CORBA BAD_PARAM 1330446342 Maybe; nested exception is: java.io.NotSerializableException:
root cause
java.io.NotSerializableException:
root cause
org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 6 completed: Maybe
note The full stack traces of the exception and its root causes are available in the GlassFish Server Open Source Edition 3.0.1 logs. GlassFish Server Open Source Edition 3.0.1
And, after some old-fashioned debugging ("commenting stuff out"), it seems that the cause of the exception is this:
session.setAttribute("authenticated_user", user);
And this:
return (SimplifiedUser) session.getAttribute("authenticated_user");
Which indicates me that, somehow, they don't want me to store my user data (nor retreive it) inside an HttpSession instance.
Does anyone know why this is? Isn't it perfectly legal to store a Serializable object inside an HttpSession instance in the first place? If so, then what in the world is going on here?
Thank you, Miguel Martins