diff --git a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java
index df38a00168..39d442050b 100644
--- a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java
+++ b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java
@@ -121,6 +121,12 @@ public class ActiveMQComponent extends JmsComponent implements EndpointCompleter
}
}
+ public void setTrustAllPackages(boolean trustAllPackages) {
+ if (getConfiguration() instanceof ActiveMQConfiguration) {
+ ((ActiveMQConfiguration)getConfiguration()).setTrustAllPackages(trustAllPackages);
+ }
+ }
+
public boolean isExposeAllQueues() {
return exposeAllQueues;
}
diff --git a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java
index 7eecac21dd..26d31a6e16 100644
--- a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java
+++ b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java
@@ -37,6 +37,7 @@ public class ActiveMQConfiguration extends JmsConfiguration {
private boolean usePooledConnection = true;
private String userName;
private String password;
+ private boolean trustAllPackages;
public ActiveMQConfiguration() {
}
@@ -109,6 +110,24 @@ public class ActiveMQConfiguration extends JmsConfiguration {
this.usePooledConnection = usePooledConnection;
}
+ public boolean isTrustAllPackages() {
+ return trustAllPackages;
+ }
+
+ /**
+ * ObjectMessage objects depend on Java serialization of marshal/unmarshal object payload.
+ * This process is generally considered unsafe as malicious payload can exploit the host system.
+ * That's why starting with versions 5.12.2 and 5.13.0, ActiveMQ enforces users to explicitly whitelist packages
+ * that can be exchanged using ObjectMessages.
+ *
+ * This option can be set to true to trust all packages (eg whitelist is *).
+ *