[
https://issues.apache.org/jira/browse/AMQ-6077?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15060067#comment-15060067
]
ASF subversion and git services commented on AMQ-6077:
------------------------------------------------------
Commit 2ae189e7003927287ae2f55bd7bce101eebdbf70 in activemq's branch
refs/heads/activemq-5.12.x from [~cshannon]
[ https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=2ae189e ]
https://issues.apache.org/jira/browse/AMQ-6077
Making new values in ActiveMQObjectMessage transient which fixes HTTP
serialization
(cherry picked from commit b9dcb010f74675f6369f7e74b931b670e0ecab51)
> Better configuration of restricted classes for clients
> ------------------------------------------------------
>
> Key: AMQ-6077
> URL: https://issues.apache.org/jira/browse/AMQ-6077
> Project: ActiveMQ
> Issue Type: Improvement
> Affects Versions: 5.13.0
> Reporter: Dejan Bosanac
> Assignee: Dejan Bosanac
> Fix For: 5.12.2, 5.13.1, 5.14.0
>
>
> [AMQ-6013] introduces the checks on the classes that are allowed to be
> serialized through ObjectMessages. The original implementation was designed
> to protect the broker, so system property configuration was the easiest
> solution.
> This change affect the clients that uses ObjectMessages.getObject() method.
> We need to provide a better way of configuring this for clients. My initial
> idea is that we should provide a configuration on ActiveMQConnectionFactory
> and ActiveMQComponent classes.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
