activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject svn commit: r1000678 - in /websites/production/activemq/content: cache/main.pageCache objectmessage.html
Date Mon, 07 Nov 2016 16:22:45 GMT
Author: buildbot
Date: Mon Nov  7 16:22:45 2016
New Revision: 1000678

Production update by buildbot for activemq


Modified: websites/production/activemq/content/cache/main.pageCache
Binary files - no diff available.

Modified: websites/production/activemq/content/objectmessage.html
--- websites/production/activemq/content/objectmessage.html (original)
+++ websites/production/activemq/content/objectmessage.html Mon Nov  7 16:22:45 2016
@@ -82,7 +82,7 @@
         <td valign="top" width="100%">
 <div class="wiki-content maincontent"><p>Although ObjectMessage usage is generally
discouraged, as it introduces coupling of class paths between producers and consumers, ActiveMQ
supports them as part of the JMS specification.</p><h2 id="ObjectMessage-Security">Security</h2><p>ObjectMessage
objects depend on Java serialization of marshal/unmarshal object payload. This process is
generally considered unsafe as malicious payload can exploit the host system. That's why starting
with versions <strong>5.12.2</strong> and&#160;<strong>5.13.0</strong>,
ActiveMQ enforces users to explicitly whitelist packages that can be exchanged using ObjectMessages.</p><p>If
you need to exchange object messages, you need to add packages your applications are using.
You can do that with by using&#160;<code>org.apache.activemq.SERIALIZABLE_PACKAGES</code>&#160;system
property, interpreted by the broker and the activemq client library. You can add this system
property to <code>ACTIVEMQ_OPTS</code> variable 
 in <code>${ACTIVEMQ_HOME}/bin/env</code> script.</p><p>For example:</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
-<pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">-Dorg.apache.activemq.SERIALIZABLE_PACKAGES=java.lang,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper,com.mycompany.myapp</pre>
+<pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">-Dorg.apache.activemq.SERIALIZABLE_PACKAGES=java.lang,,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper,com.mycompany.myapp</pre>
 </div></div><p>will add <code>com.mycompany.myapp</code> package
to the list of trusted packages. Note that other packages listed here are enabled by default
as they are necessary for the regular broker work. In case you want to shortcut this mechanism,
you can allow all packages to be trusted by using <code>*</code> wildcard, like</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
 <pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">-Dorg.apache.activemq.SERIALIZABLE_PACKAGES=*</pre>
 </div></div><h3 id="ObjectMessage-Clients">Clients</h3><p>On
the client side, you need to have this same mechanism as malicious code can be deserialized
on <code>ObjectMessage.getObject()</code> call, compromising your application's
environment. You can use the same configuration mechanism on the broker and configure trusted
classes using system properties. However, this is usually not convenient in the client applications,
so in <strong>5.12.2</strong> and&#160;<strong>5.13.1</strong>
we introduced additional configuration mechanism using <code>ActiveMQConnectionFactory</code>.
There are two additional methods defined:</p><ul><li>The <code>setTrustedPackages()</code>
method allows you to set the list of trusted packages you want to be to unserialize, like</li></ul><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent

View raw message