递归类型序列化期间的 Jackson RuntimePermission 异常

Jackson RuntimePermission exception during Recursive Type serialization

我正在尝试使用 Jackson 序列化递归 Map 并获得一些 RuntimePermission 访问异常。这是堆栈跟踪:

com.fasterxml.jackson.databind.JsonMappingException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers") (through reference chain: java.util.TreeMap["0"])
    at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:394)
    at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:353)
    at com.fasterxml.jackson.databind.ser.std.StdSerializer.wrapAndThrow(StdSerializer.java:316)
    at com.fasterxml.jackson.databind.ser.std.MapSerializer.serializeFields(MapSerializer.java:725)
    at com.fasterxml.jackson.databind.ser.std.MapSerializer.serialize(MapSerializer.java:643)
    at com.fasterxml.jackson.databind.ser.std.MapSerializer.serialize(MapSerializer.java:33)
    at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._serialize(DefaultSerializerProvider.java:480)
    at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider.serializeValue(DefaultSerializerProvider.java:319)
    at com.fasterxml.jackson.databind.ObjectMapper._configAndWriteValue(ObjectMapper.java:3906)
    at com.fasterxml.jackson.databind.ObjectMapper.writeValueAsString(ObjectMapper.java:3220)
    at io.zentity.resolution.Job.serializeLoggedQuery(Job.java:138)
    at io.zentity.resolution.Job.traverse(Job.java:1495)
    at io.zentity.resolution.Job.runResolution(Job.java:1563)
    at io.zentity.resolution.Job.run(Job.java:1604)
    at org.elasticsearch.plugin.zentity.ResolutionAction.lambda$prepareRequest[=10=](ResolutionAction.java:111)
    at org.elasticsearch.plugin.zentity.BaseAction.lambda$wrappedConsumer[=10=](BaseAction.java:22)
    at org.elasticsearch.rest.BaseRestHandler.handleRequest(BaseRestHandler.java:108)
    at org.elasticsearch.rest.RestController.dispatchRequest(RestController.java:227)
    at org.elasticsearch.rest.RestController.tryAllHandlers(RestController.java:309)
    at org.elasticsearch.rest.RestController.dispatchRequest(RestController.java:167)
    at org.elasticsearch.http.AbstractHttpServerTransport.dispatchRequest(AbstractHttpServerTransport.java:322)
    at org.elasticsearch.http.AbstractHttpServerTransport.handleIncomingRequest(AbstractHttpServerTransport.java:372)
    at org.elasticsearch.http.AbstractHttpServerTransport.incomingRequest(AbstractHttpServerTransport.java:301)
    at org.elasticsearch.http.netty4.Netty4HttpRequestHandler.channelRead0(Netty4HttpRequestHandler.java:54)
    at org.elasticsearch.http.netty4.Netty4HttpRequestHandler.channelRead0(Netty4HttpRequestHandler.java:29)
    at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:99)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352)
    at org.elasticsearch.http.netty4.Netty4HttpPipeliningHandler.channelRead(Netty4HttpPipeliningHandler.java:58)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352)
    at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102)
    at io.netty.handler.codec.MessageToMessageCodec.channelRead(MessageToMessageCodec.java:111)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352)
    at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352)
    at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352)
    at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:326)
    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:300)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352)
    at io.netty.handler.timeout.IdleStateHandler.channelRead(IdleStateHandler.java:287)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:352)
    at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1422)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:374)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:360)
    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:931)
    at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
    at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:700)
    at io.netty.channel.nio.NioEventLoop.processSelectedKeysPlain(NioEventLoop.java:600)
    at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:554)
    at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:514)
    at io.netty.util.concurrent.SingleThreadEventExecutor.run(SingleThreadEventExecutor.java:1050)
    at io.netty.util.internal.ThreadExecutorMap.run(ThreadExecutorMap.java:74)
    at java.base/java.lang.Thread.run(Thread.java:830)
Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers")
    at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
    at java.base/java.security.AccessController.checkPermission(AccessController.java:1036)
    at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:408)
    at java.base/java.lang.Class.checkMemberAccess(Class.java:2848)
    at java.base/java.lang.Class.getDeclaredFields(Class.java:2247)
    at com.fasterxml.jackson.databind.util.ClassUtil.getDeclaredFields(ClassUtil.java:1078)
    at com.fasterxml.jackson.databind.introspect.AnnotatedFieldCollector._findFields(AnnotatedFieldCollector.java:66)
    at com.fasterxml.jackson.databind.introspect.AnnotatedFieldCollector._findFields(AnnotatedFieldCollector.java:64)
    at com.fasterxml.jackson.databind.introspect.AnnotatedFieldCollector._findFields(AnnotatedFieldCollector.java:64)
    at com.fasterxml.jackson.databind.introspect.AnnotatedFieldCollector.collect(AnnotatedFieldCollector.java:41)
    at com.fasterxml.jackson.databind.introspect.AnnotatedFieldCollector.collectFields(AnnotatedFieldCollector.java:36)
    at com.fasterxml.jackson.databind.introspect.AnnotatedClass._fields(AnnotatedClass.java:349)
    at com.fasterxml.jackson.databind.introspect.AnnotatedClass.fields(AnnotatedClass.java:321)
    at com.fasterxml.jackson.databind.introspect.POJOPropertiesCollector._addFields(POJOPropertiesCollector.java:379)
    at com.fasterxml.jackson.databind.introspect.POJOPropertiesCollector.collectAll(POJOPropertiesCollector.java:308)
    at com.fasterxml.jackson.databind.introspect.POJOPropertiesCollector.getJsonValueAccessor(POJOPropertiesCollector.java:196)
    at com.fasterxml.jackson.databind.introspect.BasicBeanDescription.findJsonValueAccessor(BasicBeanDescription.java:252)
    at com.fasterxml.jackson.databind.ser.BasicSerializerFactory.findSerializerByAnnotations(BasicSerializerFactory.java:346)
    at com.fasterxml.jackson.databind.ser.BasicSerializerFactory.buildMapSerializer(BasicSerializerFactory.java:767)
    at com.fasterxml.jackson.databind.ser.BasicSerializerFactory.buildContainerSerializer(BasicSerializerFactory.java:568)
    at com.fasterxml.jackson.databind.ser.BeanSerializerFactory._createSerializer2(BeanSerializerFactory.java:196)
    at com.fasterxml.jackson.databind.ser.BeanSerializerFactory.createSerializer(BeanSerializerFactory.java:165)
    at com.fasterxml.jackson.databind.SerializerProvider._createUntypedSerializer(SerializerProvider.java:1388)
    at com.fasterxml.jackson.databind.SerializerProvider._createAndCacheUntypedSerializer(SerializerProvider.java:1336)
    at com.fasterxml.jackson.databind.SerializerProvider.findValueSerializer(SerializerProvider.java:510)
    at com.fasterxml.jackson.databind.ser.impl.PropertySerializerMap.findAndAddSecondarySerializer(PropertySerializerMap.java:90)
    at com.fasterxml.jackson.databind.ser.std.MapSerializer._findAndAddDynamic(MapSerializer.java:1047)
    at com.fasterxml.jackson.databind.ser.std.MapSerializer._findSerializer(MapSerializer.java:1152)
    at com.fasterxml.jackson.databind.ser.std.MapSerializer.serializeFields(MapSerializer.java:720)
    ... 63 more

递归类型定义为:

public class FilterTree extends TreeMap<String, FilterTree> {
}

对象正在像这样被序列化:

Map<Integer, FilterTree> tree = new TreeMap<>(Collections.reverseOrder());
tree.put(0, new FilterTree());

ObjectMapper mapper = new ObjectMapper();
String jsonStr = mapper.writeValueAsString(tree); // here lies the exception

有什么我明显做错的地方吗?

Jackson 库在序列化递归数据结构方面没有任何问题。

我正在使用以下 jackson 库

compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: '2.8.5'
compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.8.5'

并且我能够序列化您提供的类似数据结构。 请参阅下面的代码

public class Test {

static class FilterTree extends TreeMap<String, FilterTree> {
}

public static void main(String[] args) throws JsonProcessingException {
    Map<Integer, FilterTree> tree = new TreeMap<>(Collections.reverseOrder());
    FilterTree childTree = new FilterTree();
    childTree.put("aaa", new FilterTree());
    childTree.put("bbb", new FilterTree());
    childTree.get("bbb").put("ccc", new FilterTree());
    tree.put(0, childTree);


    ObjectMapper mapper = new ObjectMapper();
    String jsonStr = mapper.writeValueAsString(tree);
    System.out.println(jsonStr);
}

}

我得到的输出是

{"0":{"aaa":{},"bbb":{"ccc":{}}}}

所以我认为 jackson 库本身没有任何问题。

从您提供的堆栈跟踪来看,您似乎正在使用一些 elastic-search plugin

查看以下内容

  • 您使用的是哪个版本的 Jackson?
  • jackson 库是否捆绑在 elastic search 插件中 - 如果是,那么 elastic search 是否为 Object Mapper 或 Json 序列化提供任何配置?
  • 正在序列化的字段不是private/protected并且可以访问。
  • 此外,如果您使用的是旧版本的弹性搜索插件,您可以尝试升级版本,看看是否能解决问题

我发现很少有与您报告的类似的问题。检查它们是否有任何帮助(尽管它们是 2017 年以来的一些老问题)