You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Bruno Baptista (JIRA)" <ji...@apache.org> on 2019/02/07 12:54:00 UTC
[jira] [Created] (AMQ-7149) activemq-client using HTTP transport
requires Stomp
Bruno Baptista created AMQ-7149:
-----------------------------------
Summary: activemq-client using HTTP transport requires Stomp
Key: AMQ-7149
URL: https://issues.apache.org/jira/browse/AMQ-7149
Project: ActiveMQ
Issue Type: Bug
Components: JMS client, stomp, Transport
Affects Versions: 5.15.8, 5.14.6, 5.16.0, 5.15.9
Reporter: Bruno Baptista
Both the Stomp and HTTP connectors use the XStream library for serializing and deserializing objects on the wire (to/from XML). The XStreamSupport class sets up XStream with some configuration on what classes can/can't be deserialized to prevent deserialization vulnerabilities.
In order to avoid duplicating that code, it was placed in the stomp module, and then referenced in the http module. This was introduced around 5.13. This can cause a client side class not found exception when using simple http communication:
{code:java}
"Exception in thread "ActiveMQ Transport: HTTP Reader http://localhost:9090/" java.lang.NoClassDefFoundError: org/apache/activemq/transport/stomp/XStreamSupport
at org.apache.activemq.transport.xstream.XStreamWireFormat.createXStream(XStreamWireFormat.java:127)
at org.apache.activemq.transport.xstream.XStreamWireFormat.getXStream(XStreamWireFormat.java:113)
at org.apache.activemq.transport.xstream.XStreamWireFormat.unmarshalText(XStreamWireFormat.java:66)
at org.apache.activemq.transport.util.TextWireFormat.unmarshal(TextWireFormat.java:56)
at org.apache.activemq.transport.http.HttpClientTransport.run(HttpClientTransport.java:199)
..."
{code}
The proposed patch places the XStreamSupport class in activemq-client, thus correcting this issue without requiring the inclusion of the optional activemq-stomp library in the client.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)