Package org.apache.qpid.jms.policy

Class JmsDefaultDeserializationPolicy

java.lang.Object
org.apache.qpid.jms.policy.JmsDefaultDeserializationPolicy
All Implemented Interfaces:
JmsDeserializationPolicy
public class JmsDefaultDeserializationPolicy extends Object implements JmsDeserializationPolicy
Default implementation of the deserialization policy that can read allow and deny lists of classes/packages from the environment, and be updated by the connection uri options. The policy reads a default deny list string value (comma separated) from the system property "org.apache.qpid.jms.deserialization.deny_list" which defaults to null which indicates an empty deny list. The policy reads a default allow list string value (comma separated) from the system property "org.apache.qpid.jms.deserialization.allow_list" which defaults to a "*" which indicates that all classes are allowed. The deny list overrides the allow list, entries that could match both are counted as denied. If the policy should treat all classes as untrusted the deny list should be set to "*"".

  • Field Details

  • Constructor Details

    • JmsDefaultDeserializationPolicy

      public JmsDefaultDeserializationPolicy()
      Creates an instance of this policy with default configuration.

    • JmsDefaultDeserializationPolicy

      public JmsDefaultDeserializationPolicy(JmsDefaultDeserializationPolicy source)
      Parameters:
      source - The instance whose configuration should be copied from.

  • Method Details

    • copy

      public JmsDeserializationPolicy copy()
      Specified by:
      copy in interface JmsDeserializationPolicy

    • isTrustedType

      public boolean isTrustedType(JmsDestination destination, Class<?> clazz)
      Description copied from interface: JmsDeserializationPolicy
      Returns whether the given class is a trusted type and can be deserialized by the client when calls to ObjectMessage.getObject() are made.
      Specified by:
      isTrustedType in interface JmsDeserializationPolicy
      Parameters:
      destination - the Destination for the message containing the type to be deserialized.
      clazz - the Type of the object that is about to be read.
      Returns:
      true if the type is trusted or false if not.

    • getWhiteList

      @Deprecated public String getWhiteList()
      Deprecated.
      Use the replacement method getAllowList()
      Returns:
      the allow list configured on this policy instance.

    • getAllowList

      public String getAllowList()
      Returns:
      the allow list configured on this policy instance.

    • getBlackList

      @Deprecated public String getBlackList()
      Deprecated.
      Use the replacement method getDenyList()
      Returns:
      the deny list configured on this policy instance.

    • getDenyList

      public String getDenyList()
      Returns:
      the deny list configured on this policy instance.

    • setWhiteList

      @Deprecated public void setWhiteList(String allowList)
      Deprecated.
      Use the replacement method setAllowList(String)
      Parameters:
      allowList - the allow list that this policy is configured to recognize.

    • setAllowList

      public void setAllowList(String allowList)
      Replaces the currently configured allow list with a comma separated string containing the new allow list. Null or empty string denotes no allow list entries, "*" indicates that all classes are allowed.
      Parameters:
      allowList - the allow list that this policy is configured to recognize.

    • setBlackList

      @Deprecated public void setBlackList(String denyList)
      Deprecated.
      Use the replacement method setDenyList(String)
      Parameters:
      denyList - the deny list that this policy is configured to recognize.

    • setDenyList

      public void setDenyList(String denyList)
      Replaces the currently configured deny list with a comma separated string containing the new deny list. Null or empty string denotes no deny list entries, "*" indicates that all classes are denied.
      Parameters:
      denyList - the deny list that this policy is configured to recognize.

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object