[jira] [Updated] (OFBIZ-6942) Comment out RMI related code because of the Java deserialization issue

[Jacques Le Roux (JIRA)]

     [ 
https://issues.apache.org/jira/browse/OFBIZ-6942?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jacques Le Roux updated OFBIZ-6942:
-----------------------------------
    Description: 
Because of the danger of Java deserialization when using RMI, we (PMC) have 
decided to comment out RMI related code. I decided to comment out as less as 
possible because once the RMI loaders, the RMI dispatcher and the related test 
services are off there is no RMI related danger left (test services are not a 
danger but would fail during tests run).  It's then easier for users who need 
RMI in their projects to have only to uncomment those and not digg everywhere. 
Because the naming (JNDI) server relies on the rmi loader it will also be 
commented out.

You can get more information in wiki page linked below in the "Issue Links" 
section.

  was:Because of the danger of Java deserialization when using RMI, we (PMC) 
have decided to comment out RMI related code. I decided to comment out as less 
as possible because once the RMI loaders, the RMI dispatcher and the related 
test services are off there is no RMI related danger left (test services are 
not a danger but would fail during tests run).  It's then easier for users who 
need RMI in their projects to have only to uncomment those and not digg 
everywhere. Because the naming (JNDI) server relies on the rmi loader it will 
also be commented out.


> Comment out RMI related code because of the Java deserialization issue
> ----------------------------------------------------------------------
>
>                 Key: OFBIZ-6942
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-6942
>             Project: OFBiz
>          Issue Type: Sub-task
>          Components: framework
>    Affects Versions: Trunk
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>             Fix For: 14.12.01, 12.04.06, 13.07.03, Upcoming Branch
>
>
> Because of the danger of Java deserialization when using RMI, we (PMC) have 
> decided to comment out RMI related code. I decided to comment out as less as 
> possible because once the RMI loaders, the RMI dispatcher and the related 
> test services are off there is no RMI related danger left (test services are 
> not a danger but would fail during tests run).  It's then easier for users 
> who need RMI in their projects to have only to uncomment those and not digg 
> everywhere. Because the naming (JNDI) server relies on the rmi loader it will 
> also be commented out.
> You can get more information in wiki page linked below in the "Issue Links" 
> section.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)