This is an automated email from the ASF dual-hosted git repository.
jinwoo pushed a change to branch support/2.0
in repository https://gitbox.apache.org/repos/asf/geode.git
from f97ffdefa5 Add version constraint for jackson-dataformat-yaml
new 7aad894677 Add application-level security using ObjectInputFilter (JEP
290)
new 1605e109aa Add ObjectInputFilter security documentation for HTTP
Session Management
new 716a9804f6 Address PR review feedback: cache filter, add null check,
add logging
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../internal/filter/GemfireHttpSession.java | 41 +-
.../modules/util/ClassLoaderObjectInputStream.java | 27 +
.../util/ClassLoaderObjectInputStreamTest.java | 140 +++++
.../modules/util/DeserializationSecurityTest.java | 484 ++++++++++++++++
.../modules/util/GadgetChainSecurityTest.java | 621 +++++++++++++++++++++
.../src/main/webapp/WEB-INF/web.xml | 6 +
.../http_session_mgmt/chapter_overview.html.md.erb | 4 +
.../session_security_filter.html.md.erb | 325 +++++++++++
8 files changed, 1647 insertions(+), 1 deletion(-)
create mode 100644
extensions/geode-modules/src/test/java/org/apache/geode/modules/util/DeserializationSecurityTest.java
create mode 100644
extensions/geode-modules/src/test/java/org/apache/geode/modules/util/GadgetChainSecurityTest.java
create mode 100644
geode-docs/tools_modules/http_session_mgmt/session_security_filter.html.md.erb
