[
https://issues.apache.org/jira/browse/GEODE-3923?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16292941#comment-16292941
]
ASF subversion and git services commented on GEODE-3923:
--------------------------------------------------------
Commit eff77bb1e2eb8a00a2e998bfcb3a692c949eaa7d in geode's branch
refs/heads/develop from Karen Miller
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=eff77bb ]
GEODE-3923 Document the 2 new properties serializable-object-filter (#1166)
* GEODE-3923 Document the 2 new properties serializable-object-filter
and validate-serializable-objects
* GEODE-3923 Revise validate-serializable-objects property defn
> Provide whitelist/blacklist capability for java serialization
> -------------------------------------------------------------
>
> Key: GEODE-3923
> URL: https://issues.apache.org/jira/browse/GEODE-3923
> Project: Geode
> Issue Type: New Feature
> Components: docs
> Reporter: Bruce Schuchardt
> Assignee: Karen Smoler Miller
> Fix For: 1.4.0
>
>
> I would like to be able to restrict what classes of objects Geode will allow
> to be deserialized via Java's ObjectInputStream in clients and servers.
> Something similar to the mechanism recently added to the JRE
> (http://openjdk.java.net/jeps/290) would be pretty cool. Geode would have to
> whitelist its own stuff, of course, so I don't have to deal with it.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
