I have an application that uses logback classic's SocketAppender to send events to a separate logging process.  The separate process is using logback classic's ServerSocketReceiver and then tracks details about the events.  With logback 1.2 it stopped working and the receiving process started outputting: "java.io.InvalidClassException: Unauthorized deserialization attempt; [Ljava.lang.Object;".  Trying to track it down I finally found that it happened when I had two or more Markers on the event.  Specifically with code such as:

Marker marker = MarkerFactory.getDetachedMarker(processName);
marker.add(MarkerFactory.getMarker(priority));

Tracing further, the error message comes from logback core's HardenedObjectInputStream.resolveClass(ObjectStreamClass).  The related class HardenedLoggingEventInputStream has a whitelist of accepted classnames that includes org.slf4j.helpers.BasicMarker but not Object[].  When the sending application code calls BasicMarker.add(Marker), the BasicMarker will create a new internal Vector.  That Vector has the field elementData of type Object[] which gets serialized in the sending process.  Then the receiving process does not accept Object[] during deserialization and produces the error above.

In short, I can't have two slf4j Markers on an event and send it across with serialization with logback classic's SocketAppender and ServerSocketReceiver.