[JAVASERVERFACES_SPEC_PUBLIC-1127] Must "Serializable" really be the default behavior in both client and server state modes? Created: 30/Jul/12  Updated: 27/Aug/12  Resolved: 27/Aug/12

Status: Closed
Project: javaserverfaces-spec-public
Component/s: Lifecycle
Affects Version/s: None
Fix Version/s: 2.2 Sprint 13

Type: Bug Priority: Trivial
Reporter: Ed Burns Assignee: Ed Burns
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: 4 hours
Time Spent: 1 hour
Original Estimate: 5 hours

Issue Links:
Dependency
blocks JAVASERVERFACES-2349 the default of com.sun.faces.serializ... Closed
Related
is related to JAVASERVERFACES-632 Server-side state saving sensitive to... Closed

 Description   

Mojarra issue JAVASERVERFACES-2349 asks to make Mojarra conform to this spec text, In section "State Saving Alternatives and Implications" in the "Application Integration" chapter.

The default implementation Serializes the view in both the client and server modes.

This issue has a long history, dating back to summer 2007, chronicled in JAVASERVERFACES-632. In that issue, then implementation lead Ryan Lubke stated that he polled the community and the result was that enforcing serializability in all cases should be off by default.

At this point, I'd like to amend the text quoted above to be:

The default implementation Serializes the view in client mode. Serializing the view in server
mode is optional but must be possible by setting context-param javax.faces.SERIALIZE_SERVER_STATE
to true.



 Comments   
Comment by arjan tijms [ 04/Aug/12 ]

One thing to take into account is that serialization on MyFaces (and perhaps on Mojarra as well) breaks injecting EJBs into managed beans.

See e.g. http://stackoverflow.com/questions/7761622/ejb-in-viewscoped-managedbean-causes-java-io-notserializableexception

Comment by Ed Burns [ 22/Aug/12 ]

http://java.net/jira/browse/JAVASERVERFACES_SPEC_PUBLIC-1127

SECTION: Modified Files
----------------------------
M jsf-ri/src/main/java/com/sun/faces/config/WebConfiguration.java

  • declare "javax.faces.SERIALIZE_SERVER_STATE", and its deprecated
    equivalent "com.sun.faces.serializeServerState".

M jsf-ri/src/main/java/com/sun/faces/renderkit/ServerSideStateHelper.java

  • Consider "javax.faces.SERIALIZE_SERVER_STATE", and its deprecated
    equivalent "com.sun.faces.serializeServerState"

M test/agnostic/lifecycle/pom.xml

  • New tests

A test/agnostic/lifecycle/unserializableServerState_negative
A test/agnostic/lifecycle/unserializableServerState_negative/nbactions.xml
A test/agnostic/lifecycle/unserializableServerState_negative/src
A test/agnostic/lifecycle/unserializableServerState_negative/src/test
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative
A test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative/Issue1127IT.java
A test/agnostic/lifecycle/unserializableServerState_negative/src/main
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test/lifecycle
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_negative
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_negative/Bean.java
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/resources
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp/index.xhtml
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp/WEB-INF
A test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp/WEB-INF/web.xml
A test/agnostic/lifecycle/unserializableServerState_negative/pom.xml
A test/agnostic/lifecycle/unserializableServerState_positive
A test/agnostic/lifecycle/unserializableServerState_positive/nbactions.xml
A test/agnostic/lifecycle/unserializableServerState_positive/src
A test/agnostic/lifecycle/unserializableServerState_positive/src/test
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive
A test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive/Issue1127IT.java
A test/agnostic/lifecycle/unserializableServerState_positive/src/main
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test/lifecycle
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_positive
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_positive/Bean.java
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/resources
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp/index.xhtml
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp/WEB-INF
A test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp/WEB-INF/web.xml
A test/agnostic/lifecycle/unserializableServerState_positive/pom.xml

Authentication realm: <https://svn.java.net:443> Subversion Repository
Username: edburns
Password for 'edburns':
Sending jsf-ri/src/main/java/com/sun/faces/config/WebConfiguration.java
Sending jsf-ri/src/main/java/com/sun/faces/renderkit/ServerSideStateHelper.java
Sending test/agnostic/lifecycle/pom.xml
Adding test/agnostic/lifecycle/unserializableServerState_negative
Adding test/agnostic/lifecycle/unserializableServerState_negative/nbactions.xml
Adding test/agnostic/lifecycle/unserializableServerState_negative/pom.xml
Adding test/agnostic/lifecycle/unserializableServerState_negative/src
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test/lifecycle
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_negative
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_negative/Bean.java
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/resources
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp/WEB-INF
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp/WEB-INF/web.xml
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/main/webapp/index.xhtml
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative
Adding test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative/Issue1127IT.java
Adding test/agnostic/lifecycle/unserializableServerState_positive
Adding test/agnostic/lifecycle/unserializableServerState_positive/nbactions.xml
Adding test/agnostic/lifecycle/unserializableServerState_positive/pom.xml
Adding test/agnostic/lifecycle/unserializableServerState_positive/src
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test/lifecycle
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_positive
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/java/com/sun/faces/test/lifecycle/unserializableServerState_positive/Bean.java
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/resources
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp/WEB-INF
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp/WEB-INF/web.xml
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/main/webapp/index.xhtml
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive
Adding test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive/Issue1127IT.java
Transmitting file data ...............
Committed revision 10483.

Comment by Ed Burns [ 22/Aug/12 ]

SECTION: Modified Files
----------------------------
M test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative/Issue1127IT.java
M test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive/Issue1127IT.java

  • Ignore these tests until I can figure out why they fail on tomcat.
    Authentication realm: <https://svn.java.net:443> Subversion Repository
    Username: edburns
    Password for 'edburns':
    Sending test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative/Issue1127IT.java
    Sending test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive/Issue1127IT.java
    Transmitting file data ..
    Committed revision 10505.
Comment by Ed Burns [ 24/Aug/12 ]

SECTION: Modified Files
----------------------------
M test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative/Issue1127IT.java
M test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive/Issue1127IT.java

These tests are failing in the following permutations

-Dwebapp.projectStage=Production -Dwebapp.stateSavingMethod=server -Dwebapp.partialStateSaving=true
-Dwebapp.projectStage=Production -Dwebapp.stateSavingMethod=server -Dwebapp.partialStateSaving=false
-Dwebapp.projectStage=Production -Dwebapp.stateSavingMethod=client -Dwebapp.partialStateSaving=false
-Dwebapp.projectStage=Development -Dwebapp.stateSavingMethod=server -Dwebapp.partialStateSaving=true
-Dwebapp.projectStage=Development -Dwebapp.stateSavingMethod=server -Dwebapp.partialStateSaving=false
-Dwebapp.projectStage=Development -Dwebapp.stateSavingMethod=client -Dwebapp.partialStateSaving=false

But passing in these:

-Dwebapp.projectStage=Production -Dwebapp.stateSavingMethod=client -Dwebapp.partialStateSaving=true
-Dwebapp.projectStage=Development -Dwebapp.stateSavingMethod=client -Dwebapp.partialStateSaving=true

Authentication realm: <https://svn.java.net:443> Subversion Repository
Username: edburns
Sending test/agnostic/lifecycle/unserializableServerState_negative/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_negative/Issue1127IT.java
Sending test/agnostic/lifecycle/unserializableServerState_positive/src/test/java/com/sun/faces/test/agnostic/lifeycle/unserializableServerState_positive/Issue1127IT.java
Transmitting file data ..

r 10508

Comment by Ed Burns [ 27/Aug/12 ]

All tests pass. Failures were apparently due to a Hudson job configuration issue.

Generated at Sun Jul 05 06:45:54 UTC 2015 using JIRA 6.2.3#6260-sha1:63ef1d6dac3f4f4d7db4c1effd405ba38ccdc558.