From 40ecf22f0fdff6d3e5404a4a8724af25d0724d09 Mon Sep 17 00:00:00 2001 From: Claus Ibsen Date: Thu, 11 Feb 2016 12:04:24 +0100 Subject: [PATCH] AMQ-6166: Add option to configure trustAllPackages on Camel ActiveMQ component --- .../camel/component/ActiveMQComponent.java | 6 ++++++ .../component/ActiveMQConfiguration.java | 20 +++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java index df38a00168..39d442050b 100644 --- a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java +++ b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQComponent.java @@ -121,6 +121,12 @@ public class ActiveMQComponent extends JmsComponent implements EndpointCompleter } } + public void setTrustAllPackages(boolean trustAllPackages) { + if (getConfiguration() instanceof ActiveMQConfiguration) { + ((ActiveMQConfiguration)getConfiguration()).setTrustAllPackages(trustAllPackages); + } + } + public boolean isExposeAllQueues() { return exposeAllQueues; } diff --git a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java index 7eecac21dd..26d31a6e16 100644 --- a/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java +++ b/activemq-camel/src/main/java/org/apache/activemq/camel/component/ActiveMQConfiguration.java @@ -37,6 +37,7 @@ public class ActiveMQConfiguration extends JmsConfiguration { private boolean usePooledConnection = true; private String userName; private String password; + private boolean trustAllPackages; public ActiveMQConfiguration() { } @@ -109,6 +110,24 @@ public class ActiveMQConfiguration extends JmsConfiguration { this.usePooledConnection = usePooledConnection; } + public boolean isTrustAllPackages() { + return trustAllPackages; + } + + /** + * ObjectMessage objects depend on Java serialization of marshal/unmarshal object payload. + * This process is generally considered unsafe as malicious payload can exploit the host system. + * That's why starting with versions 5.12.2 and 5.13.0, ActiveMQ enforces users to explicitly whitelist packages + * that can be exchanged using ObjectMessages. + *
+ * This option can be set to true to trust all packages (eg whitelist is *). + *

+ * See more details at: http://activemq.apache.org/objectmessage.html + */ + public void setTrustAllPackages(boolean trustAllPackages) { + this.trustAllPackages = trustAllPackages; + } + /** * Factory method to create a default transaction manager if one is not specified */ @@ -126,6 +145,7 @@ public class ActiveMQConfiguration extends JmsConfiguration { @Override protected ConnectionFactory createConnectionFactory() { ActiveMQConnectionFactory answer = new ActiveMQConnectionFactory(); + answer.setTrustAllPackages(trustAllPackages); if (userName != null) { answer.setUserName(userName); }