Remove support for unused custom User serialization

CHANGELOG.md

@@ -33,6 +33,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ### Removed
 
+- Removed unused support for custom User object serialization ([#5339](https://github.com/opensearch-project/security/pull/5339))
+
 ### Fixed
 - Corrections in DlsFlsFilterLeafReader regarding PointVales and object valued attributes ([#5303](https://github.com/opensearch-project/security/pull/5303))
 - Fix issue computing diffs in compliance audit log when writing to security index ([#5279](https://github.com/opensearch-project/security/pull/5279))

src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java

@@ -11,13 +11,10 @@
 
 package com.amazon.dlic.auth.ldap;
 
-import java.io.IOException;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 
-import org.opensearch.core.common.io.stream.StreamInput;
-import org.opensearch.core.common.io.stream.StreamOutput;
 import org.opensearch.security.auth.ldap.util.Utils;
 import org.opensearch.security.support.WildcardMatcher;
 import org.opensearch.security.user.AuthCredentials;
@@ -58,12 +55,6 @@ public LdapUser(
         attributes.putAll(extractLdapAttributes(originalUsername, userEntry, customAttrMaxValueLen, allowlistedCustomLdapAttrMatcher));
     }
 
-    public LdapUser(StreamInput in) throws IOException {
-        super(in);
-        userEntry = null;
-        originalUsername = in.readString();
-    }
-
     /**
      * May return null because ldapEntry is transient
      *
@@ -107,10 +98,4 @@ public static Map<String, String> extractLdapAttributes(
         }
         return Collections.unmodifiableMap(attributes);
     }
-
-    @Override
-    public void writeTo(StreamOutput out) throws IOException {
-        super.writeTo(out);
-        out.writeString(originalUsername);
-    }
 }

src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java

@@ -775,8 +775,7 @@
         if (address == null && threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER) != null) {
             address = new TransportAddress(
                 (InetSocketAddress) Base64Helper.deserializeObject(
-                    threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER),
-                    threadPool.getThreadContext().getTransient(ConfigConstants.USE_JDK_SERIALIZATION)
+                    threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_REMOTE_ADDRESS_HEADER)
                 )
             );
         }
@@ -787,8 +786,7 @@
         User user = threadPool.getThreadContext().getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER);
         if (user == null && threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER) != null) {
             user = (User) Base64Helper.deserializeObject(
-                threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER),
-                threadPool.getThreadContext().getTransient(ConfigConstants.USE_JDK_SERIALIZATION)
+                threadPool.getThreadContext().getHeader(ConfigConstants.OPENDISTRO_SECURITY_USER_HEADER)
             );
         }
         return user == null ? null : user.getName();

src/main/java/org/opensearch/security/auth/UserInjector.java

@@ -26,7 +26,6 @@
 
 package org.opensearch.security.auth;
 
-import java.io.IOException;
 import java.io.ObjectStreamException;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
@@ -39,8 +38,6 @@
 import org.apache.logging.log4j.Logger;
 
 import org.opensearch.common.settings.Settings;
-import org.opensearch.core.common.io.stream.StreamInput;
-import org.opensearch.core.common.io.stream.StreamOutput;
 import org.opensearch.core.common.transport.TransportAddress;
 import org.opensearch.security.auditlog.AuditLog;
 import org.opensearch.security.filter.SecurityRequestChannel;
@@ -73,11 +70,6 @@ public InjectedUser(String name) {
             super(name);
         }
 
-        public InjectedUser(StreamInput in) throws IOException {
-            super(in);
-            this.setInjected(true);
-        }
-
         private Object writeReplace() throws ObjectStreamException {
             User user = new User(getName());
             user.addRoles(getRoles());
@@ -106,11 +98,6 @@ public void setTransportAddress(String addr) throws UnknownHostException, Illega
 
             this.transportAddress = new TransportAddress(iAdress, port);
         }
-
-        @Override
-        public void writeTo(StreamOutput out) throws IOException {
-            super.writeTo(out);
-        }
     }
 
     public InjectedUser getInjectedUser() {

src/main/java/org/opensearch/security/filter/SecurityFilter.java

@@ -184,10 +184,6 @@ private <Request extends ActionRequest, Response extends ActionResponse> void ap
                 threadContext.putTransient(ConfigConstants.OPENDISTRO_SECURITY_ORIGIN, Origin.LOCAL.toString());
             }
 
-            if (threadContext.getTransient(ConfigConstants.USE_JDK_SERIALIZATION) == null) {
-                threadContext.putTransient(ConfigConstants.USE_JDK_SERIALIZATION, true);
-            }
-
             final ComplianceConfig complianceConfig = auditLog.getComplianceConfig();
             if (complianceConfig != null && complianceConfig.isEnabled()) {
                 attachSourceFieldContext(request);

src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java

@@ -34,7 +34,6 @@
 import org.opensearch.security.ssl.util.ExceptionUtils;
 import org.opensearch.security.ssl.util.SSLRequestHelper;
 import org.opensearch.security.support.ConfigConstants;
-import org.opensearch.security.support.SerializationFormat;
 import org.opensearch.tasks.Task;
 import org.opensearch.threadpool.ThreadPool;
 import org.opensearch.transport.TransportChannel;
@@ -91,11 +90,6 @@ public final void messageReceived(T request, TransportChannel channel, Task task
             channel = getInnerChannel(channel);
         }
 
-        threadContext.putTransient(
-            ConfigConstants.USE_JDK_SERIALIZATION,
-            SerializationFormat.determineFormat(channel.getVersion()) == SerializationFormat.JDK
-        );
-
         if (SSLRequestHelper.containsBadHeader(threadContext, "_opendistro_security_ssl_")) {
             final Exception exception = ExceptionUtils.createBadHeaderException();
             channel.sendResponse(exception);