[
https://issues.apache.org/jira/browse/AMQ-6077?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15056732#comment-15056732
]
Christopher L. Shannon commented on AMQ-6077:
---------------------------------------------
[~dejanb], as a heads up, it looks like this commit broke a bunch STOMP
tests...https://builds.apache.org/view/A-D/view/ActiveMQ/job/ActiveMQ-Java7/896/
Can you take a look when you get a chance?
I went ahead and merged this into 5.12.x and 5.13.x already, so I will wait to
call a vote on 5.12.2 until the test failures are resolved. I figured it would
be nice to have this go out with 5.12.2 (and eventually 5.13.1) because it will
make it easier for people to configure the restricted classes on their clients.
> Better configuration of restricted classes for clients
> ------------------------------------------------------
>
> Key: AMQ-6077
> URL: https://issues.apache.org/jira/browse/AMQ-6077
> Project: ActiveMQ
> Issue Type: Improvement
> Affects Versions: 5.13.0
> Reporter: Dejan Bosanac
> Assignee: Dejan Bosanac
> Fix For: 5.12.2, 5.13.1, 5.14.0
>
>
> [AMQ-6013] introduces the checks on the classes that are allowed to be
> serialized through ObjectMessages. The original implementation was designed
> to protect the broker, so system property configuration was the easiest
> solution.
> This change affect the clients that uses ObjectMessages.getObject() method.
> We need to provide a better way of configuring this for clients. My initial
> idea is that we should provide a configuration on ActiveMQConnectionFactory
> and ActiveMQComponent classes.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
