Due to recent changes on XStream’s end, a lot of the reflection they do to figure out how to deserialize and serialize objects is blocked off.
This problem has resulted in an expanded version update on our end, that sadly enough, forces Axon’s users to define an
XStream instance themselves if they’re not using Spring Boot.
In a Spring Boot application, Axon Framework will search your
ComponentScan (meta-)annotated beans and add the classes to the security context.
FYI, you can find the issue here.
Nonetheless, this doesn’t solve your issue directly.
I believe that Spring Boot 2.5.5 has something to do with JDK 17.
Note that Axon isn’t JDK17 ready yet, partially due to the aforementioned XStream situation.
I’d thus recommend using Spring Boot 2.5.4 for now.
And, stick to JDK 11 for the time being as well.