Uploaded image for project: 'ActiveMQ Classic'
  1. ActiveMQ Classic
  2. AMQ-6077

Better configuration of restricted classes for clients

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 5.13.0
    • 5.12.2, 5.13.1, 5.14.0
    • None
    • None

    Description

      AMQ-6013 introduces the checks on the classes that are allowed to be serialized through ObjectMessages. The original implementation was designed to protect the broker, so system property configuration was the easiest solution.

      This change affect the clients that uses ObjectMessages.getObject() method. We need to provide a better way of configuring this for clients. My initial idea is that we should provide a configuration on ActiveMQConnectionFactory and ActiveMQComponent classes.

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. AMQ-6110 ObjectMessage exception is swallowed

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. AMQ-6114 setTrustAllPackages missing from org.apache.activemq.ActiveMQConnectionFactory

          • Major - Major loss of function.
          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              dejanb Dejan Bosanac
              dejanb Dejan Bosanac
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: