Commit 6cb29c0
authored
CAMEL-23373: camel-jms - Disable ObjectMessage by default (#22866)
* CAMEL-23373: camel-jms - Disable ObjectMessage by default
Java object serialization over JMS is rarely used in practice and is a
recurring source of security advisories. Disable creation and reading
of jakarta.jms.ObjectMessage by default and add a new objectMessageEnabled
option (default false) on JmsConfiguration / JmsComponent / JmsEndpoint
to opt back in.
When disabled, JmsBinding now refuses to:
- create an ObjectMessage from a Serializable body (auto-detected
jmsMessageType=Object or explicitly set)
- create an ObjectMessage for transferExchange or transferException
- extract the body of a received ObjectMessage
Existing tests that rely on ObjectMessage have been updated to opt in.
A new JmsObjectMessageEnabledTest validates the default disabled
behavior on producer and consumer side, and JmsBindingTest covers the
unit-level checks. Documentation updated in the 4.21 upgrade guide.
Signed-off-by: Andrea Cosentino <ancosen@gmail.com>
* CAMEL-23373: Regenerate camel-jms / camel-activemq* / camel-amqp DSL builders
The componentdsl and endpointdsl builder factories for camel-jms and the
JMS-derived components (camel-activemq, camel-activemq6, camel-amqp) needed
to be regenerated to expose the new objectMessageEnabled option in the
fluent DSL. These are generated files only; no hand-written code changed.
Signed-off-by: Andrea Cosentino <ancosen@gmail.com>
---------
Signed-off-by: Andrea Cosentino <ancosen@gmail.com>1 parent ed8ec89 commit 6cb29c0
45 files changed
Lines changed: 1467 additions & 422 deletions
File tree
- catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components
- components
- camel-activemq6/src/generated
- java/org/apache/camel/component/activemq6
- resources/META-INF/org/apache/camel/component/activemq6
- camel-activemq/src/generated
- java/org/apache/camel/component/activemq
- resources/META-INF/org/apache/camel/component/activemq
- camel-amqp/src/generated
- java/org/apache/camel/component/amqp
- resources/META-INF/org/apache/camel/component/amqp
- camel-jms/src
- generated
- java/org/apache/camel/component/jms
- resources/META-INF/org/apache/camel/component/jms
- main/java/org/apache/camel/component/jms
- test/java/org/apache/camel/component/jms
- integration
- activemq
- issues
- issues
- error/ncd
- core/camel-util/src/main/java/org/apache/camel/util
- docs/user-manual/modules/ROOT/pages
- dsl
- camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl
- camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Lines changed: 54 additions & 52 deletions
Large diffs are not rendered by default.
Lines changed: 54 additions & 52 deletions
Large diffs are not rendered by default.
Lines changed: 55 additions & 53 deletions
Large diffs are not rendered by default.
Lines changed: 53 additions & 51 deletions
Large diffs are not rendered by default.
Lines changed: 2 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
23 | 23 | | |
24 | 24 | | |
25 | 25 | | |
26 | | - | |
| 26 | + | |
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
| |||
87 | 87 | | |
88 | 88 | | |
89 | 89 | | |
| 90 | + | |
90 | 91 | | |
91 | 92 | | |
92 | 93 | | |
| |||
Lines changed: 54 additions & 52 deletions
Large diffs are not rendered by default.
Lines changed: 2 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
23 | 23 | | |
24 | 24 | | |
25 | 25 | | |
26 | | - | |
| 26 | + | |
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
| |||
87 | 87 | | |
88 | 88 | | |
89 | 89 | | |
| 90 | + | |
90 | 91 | | |
91 | 92 | | |
92 | 93 | | |
| |||
Lines changed: 54 additions & 52 deletions
Large diffs are not rendered by default.
Lines changed: 2 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
23 | 23 | | |
24 | 24 | | |
25 | 25 | | |
26 | | - | |
| 26 | + | |
27 | 27 | | |
28 | 28 | | |
29 | 29 | | |
| |||
86 | 86 | | |
87 | 87 | | |
88 | 88 | | |
| 89 | + | |
89 | 90 | | |
90 | 91 | | |
91 | 92 | | |
| |||
Lines changed: 55 additions & 53 deletions
Large diffs are not rendered by default.
0 commit comments