You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@brooklyn.apache.org by "Juan Cabrerizo (JIRA)" <ji...@apache.org> on 2019/02/12 13:46:00 UTC

[jira] [Created] (BROOKLYN-609) Configure security for XStream intances

Juan Cabrerizo created BROOKLYN-609:
---------------------------------------

             Summary: Configure security for XStream intances 
                 Key: BROOKLYN-609
                 URL: https://issues.apache.org/jira/browse/BROOKLYN-609
             Project: Brooklyn
          Issue Type: Bug
            Reporter: Juan Cabrerizo


After upgrading XStream from 1.4.8 to 1.4.11.1, the console throws this message:

`Security framework of XStream not initialized, XStream is probably vulnerable`

To solve that, the XStream  security must be initialized and some set of classes or packages allowed to deserialization must be provided after create new instantiates of XStream 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)