You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomee.apache.org by sgjava <sg...@gmail.com> on 2015/12/14 17:29:24 UTC
This class is not allowed to be serialized. Add package with
'org.apache.activemq.SERIALIZABLE_PACKAGES' system property
Failed to build body from content. Serializable class not available to
broker. Reason: java.lang.ClassNotFoundException: Forbidden class
com.bhn.services.dto.TuneToChannelDto! This class is not allowed to be
serialized. Add package with 'org.apache.activemq.SERIALIZABLE_PACKAGES'
system property.
I added
-Dorg.apache.activemq.SERIALIZABLE_PACKAGES="java.lang,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper,com.bhn.services.dto"
to argLine of maven-surefire-plugin, in the test itself, etc. and I still
get the same error.
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/This-class-is-not-allowed-to-be-serialized-Add-package-with-org-apache-activemq-SERIALIZABLE-PACKAGEy-tp4677229.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: This class is not allowed to be serialized. Add package with
'org.apache.activemq.SERIALIZABLE_PACKAGES' system property
Posted by Steve Goldsmith <sg...@gmail.com>.
See http://activemq.apache.org/objectmessage.html. For tests using TomEE
embedded I use:
System.setProperty("org.apache.activemq.SERIALIZABLE_PACKAGES",
"java.lang,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper,com.mycompany.myapp");
The same as the documentation and it works fine. I agree with Romain that *
is a security risk (even if that did work). As for lack of documentation
the link I provided above was enough for me. What else are you looking for?
On Sat, Jan 9, 2016 at 6:06 PM, Romain Manni-Bucau <rm...@gmail.com>
wrote:
> Setting it as system props on both sides work. It is impacting but for
> security.
> Le 9 janv. 2016 23:50, "Scott Lovenberg" <sc...@gmail.com> a
> écrit :
>
> > sgjava <sgjava <at> gmail.com> writes:
> >
> > >
> > > Answering my own question, this property must be set on client and
> > server.
> > >
> >
> > Hi!
> >
> > Any chance you remember where/how you set this? My client and server are
> > on the same box/same JVM, but setting this as a karaf environment
> variable
> > gives me nothing, setting it via properties apparently won't be a thing
> > until 5.13.1 (not yet released as of 2016.01.09) and putting
> > "System.setProperty("org.apache.activemq.SERIALIZABLE_PACKAGES","*");" in
> > both the client and the server's constructors has yielded no change in
> > behavior.
> >
> > As an aside; frankly, IMHO, this is breaking behavior for a point release
> > due to the lack of documentation and the fact that it's enabled by
> > default, in a core component, on a service that I already have to
> > authenticate with to connect to even within the same JVM.
> >
> >
>
--
Steven P. Goldsmith
Re: This class is not allowed to be serialized. Add package with
'org.apache.activemq.SERIALIZABLE_PACKAGES' system property
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Setting it as system props on both sides work. It is impacting but for
security.
Le 9 janv. 2016 23:50, "Scott Lovenberg" <sc...@gmail.com> a
écrit :
> sgjava <sgjava <at> gmail.com> writes:
>
> >
> > Answering my own question, this property must be set on client and
> server.
> >
>
> Hi!
>
> Any chance you remember where/how you set this? My client and server are
> on the same box/same JVM, but setting this as a karaf environment variable
> gives me nothing, setting it via properties apparently won't be a thing
> until 5.13.1 (not yet released as of 2016.01.09) and putting
> "System.setProperty("org.apache.activemq.SERIALIZABLE_PACKAGES","*");" in
> both the client and the server's constructors has yielded no change in
> behavior.
>
> As an aside; frankly, IMHO, this is breaking behavior for a point release
> due to the lack of documentation and the fact that it's enabled by
> default, in a core component, on a service that I already have to
> authenticate with to connect to even within the same JVM.
>
>
Re: This class is not allowed to be serialized. Add package with 'org.apache.activemq.SERIALIZABLE_PACKAGES' system property
Posted by Scott Lovenberg <sc...@gmail.com>.
sgjava <sgjava <at> gmail.com> writes:
>
> Answering my own question, this property must be set on client and
server.
>
Hi!
Any chance you remember where/how you set this? My client and server are
on the same box/same JVM, but setting this as a karaf environment variable
gives me nothing, setting it via properties apparently won't be a thing
until 5.13.1 (not yet released as of 2016.01.09) and putting
"System.setProperty("org.apache.activemq.SERIALIZABLE_PACKAGES","*");" in
both the client and the server's constructors has yielded no change in
behavior.
As an aside; frankly, IMHO, this is breaking behavior for a point release
due to the lack of documentation and the fact that it's enabled by
default, in a core component, on a service that I already have to
authenticate with to connect to even within the same JVM.
Re: This class is not allowed to be serialized. Add package with
'org.apache.activemq.SERIALIZABLE_PACKAGES' system property
Posted by sgjava <sg...@gmail.com>.
Answering my own question, this property must be set on client and server.
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/This-class-is-not-allowed-to-be-serialized-Add-package-with-org-apache-activemq-SERIALIZABLE-PACKAGEy-tp4677229p4677230.html
Sent from the TomEE Users mailing list archive at Nabble.com.