Documentation

Serialization failure during Forms startup in AEM Forms

Last update: Tue Dec 16 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

After you upgrade to AEM Forms, the server startup fails with a serialization failure. This happens because the deserialization firewall configuration is missing required class whitelisting or contains conflicting serialFilter settings. To fix this, update the deserialization firewall configuration and remove any conflicting serialFilter parameters from the server startup configuration.

Description description

Environment

Adobe Experience Manager - Forms (AEM - Forms)

Issue/Symptoms

An error similar to this one occurs during server startup and prevents the server from starting properly:

[ com.adobe.idp.scheduler.SchedulerServiceImpl] (ServerService Thread Pool -- 259) Error starting scheduler: org.quartz.SchedulerConfigException: Failure occured during job recovery. [ See nested exception: org.quartz.JobPersistenceException: Couldn't store trigger: filter status: REJECTED [ See nested exception: java.io.InvalidClassException: filter status: REJECTED] ]

Resolution resolution

  1. Go to the system console at http://hostname:port/lc/system/console/configMgr.

  2. Find the configuration for com.adobe.cq.deserfw.impl.DeserializationFirewallImpl.

  3. In this configuration, make sure com.adobe.cq.deserfw.impl.DeserializationFirewallImpl.firewall.deserialization.whitelist.nameincludes these classes:

    • org.quartz
    • sun.util.calendar.ZoneInfo
    • sun.security.x509.X509CertImpl
    • com.rsa.certj.cert.X509CRL$X509CrlRep
    • org.apache.xmlbeans.impl.values.XmlObjectBase$SerializedRootObject
    • org.apache.xerces.dom
    • sun.security.rsa.RSAPrivateCrtKeyImpl
    • sun.security.rsa.RSAPublicKeyImpl
    • org.jaxen.dom.DocumentNavigator
    • org.quartz.JobDataMap
    • org.quartz.utils.StringKeyDirtyFlagMap
    • double
    • org.quartz.utils.DirtyFlagMap
    • com.sun.proxy.$Proxy356
    • com.rsa.certj.cert.X509CRL
    • com.sun.proxy.$Proxy383
    • org.apache.xml.xml_soap.Map

  4. Save your changes.

  5. Restart your application server.

If these whitelist entries are present in the deserialization firewall configuration, you don’t need to add serialFilter parameters for normal operation on Java 11 or later. If you skip these settings, Quartz job persistence errors or rejected serialization attempts can occur during server startup.

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f