Connects Enterprise Hotfixes November 2022-August 2023
- Jacob Artz
Analytics
Release notes - ClearViewConnects2 - 2022.20a
Bug
CC2-4775 Provide redirect for /login endpoint so old email links still work
Description
The various endpoints that we send to reviewers direct them to:
http://clearviewconnects.com/login
That endpoint went away with the upgrade to Spring Security in https://clearviewpartners.atlassian.net/browse/CC2-4463
I’ve recommended this be patched with a quick fix to email links.
Release notes - ClearViewConnects2 - 2023.09a
Story
CC2-5120 Hide API Key Generation Page
Description
This will be a front end change to hide the API Key Generation Page from customers. This is due to the fact that the feature is not complete and although this specific functionality is ready for release, the rest of the feature set is not.
Bug
CC2-5129 Incident logging - Revert deployment due to application errors
Description
Problem: When we did the release deployment https://clearviewpartners.atlassian.net/browse/CC2-5117 on 17.05.2023, we saw application logs throw a number of errors. Due to this we rolled back the deployment to a previous fix version. A client reached out since they could not log in to the application. They saw an error stating “Page is not working” after the deployment.
Potential root cause: This is likely due to the Spring security upgrade which made the session created with older version incompatible with the updated spring version. So, if a user has an active session prior, they could not login successfully after the deployment.
Proposed solution: Deploy during off peak hours so there are fewer active user sessions. Consider removing spring sessions from the database if required.
Stacktrace of errors look like this :
java.io.InvalidClassException: org.springframework.security.core.context.SecurityContextImpl; local class incompatible: stream classdesc serialVersionUID = 560, local class serialVersionUID = 570 at java.io.ObjectStreamClass.initNonProxy(ObjectStreamClass.java:699) at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:2005) at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1852) at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2186) at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1669) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:503) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:461) at org.springframework.core.serializer.DefaultDeserializer.deserialize(DefaultDeserializer.java:71) at org.springframework.core.serializer.support.DeserializingConverter.convert(DeserializingConverter.java:73) ... 71 common frames omitted Wrapped by: org.springframework.core.serializer.support.SerializationFailedException: Failed to deserialize payload. Is the byte array a result of corresponding serialization for DefaultDeserializer?; nested exception is java.io.InvalidClassException: org.springframework.security.core.context.SecurityContextImpl; local class incompatible: stream classdesc serialVersionUID = 560, local class serialVersionUID = 570 at org.springframework.core.serializer.support.DeserializingConverter.convert(DeserializingConverter.java:78) at org.springframework.core.serializer.support.DeserializingConverter.convert(DeserializingConverter.java:36) at org.springframework.core.convert.support.GenericConversionService$ConverterAdapter.convert(GenericConversionService.java:386) at org.springframework.core.convert.support.ConversionUtils.invokeConverter(ConversionUtils.java:41) ... 68 common frames omitted Wrapped by: org.springframework.core.convert.ConversionFailedException: Failed to convert from type [byte[]] to type [java.lang.Object] for value [byte[]@337ef465]; nested exception is org.springframework.core.serializer.support.SerializationFailedException: Failed to deserialize payload. Is the byte array a result of corresponding serialization for DefaultDeserializer?; nested exception is java.io.InvalidClassException: org.springframework.security.core.context.SecurityContextImpl; local class incompatible: stream classdesc serialVersionUID = 560, local class serialVersionUID = 570 at org.springframework.core.convert.support.ConversionUtils.invokeConverter(ConversionUtils.java:47) at org.springframework.core.convert.support.GenericConversionService.convert(GenericConversionService.java:192) at org.springframework.session.jdbc.JdbcIndexedSessionRepository.deserialize(JdbcIndexedSessionRepository.java:628) at org.springframework.session.jdbc.JdbcIndexedSessionRepository.access$1900(JdbcIndexedSessionRepository.java:133) at org.springframework.session.jdbc.JdbcIndexedSessionRepository$SessionResultSetExtractor.lambda$extractData$0(JdbcIndexedSessionRepository.java:898) at org.springframework.session.jdbc.JdbcIndexedSessionRepository$4.get(JdbcIndexedSessionRepository.java:650) at org.springframework.session.jdbc.JdbcIndexedSessionRepository$JdbcSession.getAttribute(JdbcIndexedSessionRepository.java:728) at org.springframework.session.PrincipalNameIndexResolver.resolveIndexValueFor(PrincipalNameIndexResolver.java:46) at org.springframework.session.SingleIndexResolver.resolveIndexesFor(SingleIndexResolver.java:48) at org.springframework.session.DelegatingIndexResolver.resolveIndexesFor(DelegatingIndexResolver.java:49) at org.springframework.session.jdbc.JdbcIndexedSessionRepository$JdbcSession.lambda$save$11(JdbcIndexedSessionRepository.java:840) at org.springframework.transaction.support.TransactionOperations.lambda$executeWithoutResult$0(TransactionOperations.java:68) at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:140)