[
https://issues.apache.org/jira/browse/AMQ-6077?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15056496#comment-15056496
]
ASF subversion and git services commented on AMQ-6077:
------------------------------------------------------
Commit 5e02e305ea39314589329643c164be62d5b35592 in activemq's branch
refs/heads/activemq-5.13.x from [~dejanb]
[ https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=5e02e30 ]
https://issues.apache.org/jira/browse/AMQ-6077 - define object message trusted
packages on connection factory
(cherry picked from commit 94446e53dc348b9109dff46e92484ed9e6cc1d72)
> Better configuration of restricted classes for clients
> ------------------------------------------------------
>
> Key: AMQ-6077
> URL: https://issues.apache.org/jira/browse/AMQ-6077
> Project: ActiveMQ
> Issue Type: Improvement
> Affects Versions: 5.13.0
> Reporter: Dejan Bosanac
> Assignee: Dejan Bosanac
> Fix For: 5.13.1
>
>
> [AMQ-6013] introduces the checks on the classes that are allowed to be
> serialized through ObjectMessages. The original implementation was designed
> to protect the broker, so system property configuration was the easiest
> solution.
> This change affect the clients that uses ObjectMessages.getObject() method.
> We need to provide a better way of configuring this for clients. My initial
> idea is that we should provide a configuration on ActiveMQConnectionFactory
> and ActiveMQComponent classes.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
