gemmellr commented on code in PR #5307: URL: https://github.com/apache/activemq-artemis/pull/5307#discussion_r1812253036
########## docs/user-manual/security.adoc: ########## @@ -1431,6 +1431,16 @@ comma separated values for allow list These properties, once specified, are eventually set on the corresponding internal factories. +=== Filtering using built-in JVM support + +Now that Apache ActiveMQ Artemis requires a minimum JVM version of 11, built-in Java serialization filtering mechanisms can be utilized. +Instead of providing an `allow list` or `deny list`, you can specify either a `serialFilter` or `serialFilterClassName`. + +* `serialFilter` - A pattern based filter that allows you to define allow/deny lists and constraints limiting graph complexity and size. https://docs.oracle.com/en/java/javase/17/core/serialization-filtering1.html#JSCOR-GUID-8296D8E8-2B93-4B9A-856E-0A65AF9B8C66[Filter Syntax] Review Comment: First time that has been mentioned in >18 months, even when you agreed with Justin and said you were renaming it hehe. I'm not sure that should be a goal personally. Switching to deserializationFilter from deserializationAllowList and deserializationDenyList seems more obvious, and would be more consistent between themselves whilst both are around. Thoughts @jbertram ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: gitbox-unsubscr...@activemq.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: gitbox-unsubscr...@activemq.apache.org For additional commands, e-mail: gitbox-h...@activemq.apache.org For further information, visit: https://activemq.apache.org/contact
