objectmessage.xml - activemq-web - Git at Google

 <div class="wiki-content maincontent"><p>Although ObjectMessage usage is generally discouraged, as it introduces coupling of class paths between producers and consumers, ActiveMQ supports them as part of the JMS specification.</p><h2>Security</h2><p>ObjectMessage objects depend on Java serialization of marshal/unmarshal object payload. This process is generally considered unsafe as malicious payload can exploit the host system. That's why starting with versions <strong>5.12.2</strong> and&#160;<strong>5.13.0</strong>, ActiveMQ enforces users to explicitly whitelist packages that can be exchanged using ObjectMessages.</p><p>If you need to exchange object messages, you need to add packages your applications are using. You can do that with by using&#160;<code>org.apache.activemq.SERIALIZABLE_PACKAGES</code>&#160;system property, interpreted by the broker and the activemq client library. You can add this system property to <code>ACTIVEMQ_OPTS</code> variable in <code>${ACTIVEMQ_HOME}/bin/env</code> script.</p><p>For example:</p><structured-macro ac:macro-id="346591dd-1fb9-44e7-826f-7c8f0bae6ead" ac:name="code" ac:schema-version="1"><plain-text-body>-Dorg.apache.activemq.SERIALIZABLE_PACKAGES=java.lang,javax.security,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper,com.mycompany.myapp</plain-text-body></structured-macro><p>will add <code>com.mycompany.myapp</code> package to the list of trusted packages. Note that other packages listed here are enabled by default as they are necessary for the regular broker work. In case you want to shortcut this mechanism, you can allow all packages to be trusted by using <code>*</code> wildcard, like</p><structured-macro ac:macro-id="5d6cbfbc-f74d-407f-979a-f5a282b354f9" ac:name="code" ac:schema-version="1"><plain-text-body>-Dorg.apache.activemq.SERIALIZABLE_PACKAGES=*</plain-text-body></structured-macro><h3>Clients</h3><p>On the client side, you need to have this same mechanism as malicious code can be deserialized on <code>ObjectMessage.getObject()</code> call, compromising your application's environment. You can use the same configuration mechanism on the broker and configure trusted classes using system properties. However, this is usually not convenient in the client applications, so in <strong>5.12.2</strong> and&#160;<strong>5.13.1</strong> we introduced additional configuration mechanism using <code>ActiveMQConnectionFactory</code>. There are two additional methods defined:</p><ul><li>The <code>setTrustedPackages()</code> method allows you to set the list of trusted packages you want to be to unserialize, like</li></ul><structured-macro ac:macro-id="6e2981f2-6a14-4f9c-9534-5cbb8a87cc90" ac:name="code" ac:schema-version="1"><plain-text-body>ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory("tcp://localhost:61616");
 factory.setTrustedPackages(new ArrayList(Arrays.asList("org.apache.activemq.test,org.apache.camel.test".split(","))));</plain-text-body></structured-macro><ul><li>The&#160;<code>setTrustAllPackages()</code> allows you to turn off security check and trust all classes. It's useful for testing purposes.</li></ul><structured-macro ac:macro-id="2890197f-3f12-4c14-8f97-1e13701ba67c" ac:name="code" ac:schema-version="1"><plain-text-body>ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory("tcp://localhost:61616");
 factory.setTrustAllPackages(true);</plain-text-body></structured-macro><p>You can set the same properties in Camel context like:</p><structured-macro ac:macro-id="106dc47e-d931-463a-a596-d077ad26676f" ac:name="code" ac:schema-version="1"><plain-text-body>    &lt;bean id="connectionFactory" class="org.apache.activemq.spring.ActiveMQConnectionFactory"&gt;
         &lt;property name="brokerURL" value="tcp://localhost:61616"/&gt;
         &lt;property name="trustedPackages"&gt;
             &lt;list&gt;
 				&lt;value&gt;org.apache.activemq.test&lt;/value&gt;
                 &lt;value&gt;org.apache.camel.test&lt;/value&gt;
             &lt;/list&gt;
         &lt;/property&gt;
     &lt;/bean&gt;
     &lt;bean id="jmsConfig" class="org.apache.camel.component.jms.JmsConfiguration"&gt;
         &lt;property name="connectionFactory" ref="connectionFactory"/&gt;
     &lt;/bean&gt;
     &lt;bean id="activemq" class="org.apache.activemq.camel.component.ActiveMQComponent"&gt;
         &lt;property name="configuration" ref="jmsConfig"/&gt;
     &lt;/bean&gt;</plain-text-body></structured-macro><p>or</p><structured-macro ac:macro-id="52c5267d-774d-417f-bf32-c66a3d1b7a6e" ac:name="code" ac:schema-version="1"><plain-text-body>    &lt;bean id="connectionFactory" class="org.apache.activemq.spring.ActiveMQConnectionFactory"&gt;
         &lt;property name="brokerURL" value="tcp://localhost:61616"/&gt;
 		&lt;property name="trustAllPackages" value="true"/&gt;
     &lt;/bean&gt;
     &lt;bean id="jmsConfig" class="org.apache.camel.component.jms.JmsConfiguration"&gt;
         &lt;property name="connectionFactory" ref="connectionFactory"/&gt;
     &lt;/bean&gt;
     &lt;bean id="activemq" class="org.apache.activemq.camel.component.ActiveMQComponent"&gt;
         &lt;property name="configuration" ref="jmsConfig"/&gt;
     &lt;/bean&gt;</plain-text-body></structured-macro><p>This configuration will override system properties if they are set.</p></div>
	<div class="wiki-content maincontent"><p>Although ObjectMessage usage is generally discouraged, as it introduces coupling of class paths between producers and consumers, ActiveMQ supports them as part of the JMS specification.</p><h2>Security</h2><p>ObjectMessage objects depend on Java serialization of marshal/unmarshal object payload. This process is generally considered unsafe as malicious payload can exploit the host system. That's why starting with versions <strong>5.12.2</strong> and <strong>5.13.0</strong>, ActiveMQ enforces users to explicitly whitelist packages that can be exchanged using ObjectMessages.</p><p>If you need to exchange object messages, you need to add packages your applications are using. You can do that with by using <code>org.apache.activemq.SERIALIZABLE_PACKAGES</code> system property, interpreted by the broker and the activemq client library. You can add this system property to <code>ACTIVEMQ_OPTS</code> variable in <code>${ACTIVEMQ_HOME}/bin/env</code> script.</p><p>For example:</p><structured-macro ac:macro-id="346591dd-1fb9-44e7-826f-7c8f0bae6ead" ac:name="code" ac:schema-version="1"><plain-text-body>-Dorg.apache.activemq.SERIALIZABLE_PACKAGES=java.lang,javax.security,java.util,org.apache.activemq,org.fusesource.hawtbuf,com.thoughtworks.xstream.mapper,com.mycompany.myapp</plain-text-body></structured-macro><p>will add <code>com.mycompany.myapp</code> package to the list of trusted packages. Note that other packages listed here are enabled by default as they are necessary for the regular broker work. In case you want to shortcut this mechanism, you can allow all packages to be trusted by using <code></code> wildcard, like</p><structured-macro ac:macro-id="5d6cbfbc-f74d-407f-979a-f5a282b354f9" ac:name="code" ac:schema-version="1"><plain-text-body>-Dorg.apache.activemq.SERIALIZABLE_PACKAGES=</plain-text-body></structured-macro><h3>Clients</h3><p>On the client side, you need to have this same mechanism as malicious code can be deserialized on <code>ObjectMessage.getObject()</code> call, compromising your application's environment. You can use the same configuration mechanism on the broker and configure trusted classes using system properties. However, this is usually not convenient in the client applications, so in <strong>5.12.2</strong> and <strong>5.13.1</strong> we introduced additional configuration mechanism using <code>ActiveMQConnectionFactory</code>. There are two additional methods defined:</p><ul><li>The <code>setTrustedPackages()</code> method allows you to set the list of trusted packages you want to be to unserialize, like</li></ul><structured-macro ac:macro-id="6e2981f2-6a14-4f9c-9534-5cbb8a87cc90" ac:name="code" ac:schema-version="1"><plain-text-body>ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory("tcp://localhost:61616");
	factory.setTrustedPackages(new ArrayList(Arrays.asList("org.apache.activemq.test,org.apache.camel.test".split(","))));</plain-text-body></structured-macro><ul><li>The <code>setTrustAllPackages()</code> allows you to turn off security check and trust all classes. It's useful for testing purposes.</li></ul><structured-macro ac:macro-id="2890197f-3f12-4c14-8f97-1e13701ba67c" ac:name="code" ac:schema-version="1"><plain-text-body>ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory("tcp://localhost:61616");
	factory.setTrustAllPackages(true);</plain-text-body></structured-macro><p>You can set the same properties in Camel context like:</p><structured-macro ac:macro-id="106dc47e-d931-463a-a596-d077ad26676f" ac:name="code" ac:schema-version="1"><plain-text-body> <bean id="connectionFactory" class="org.apache.activemq.spring.ActiveMQConnectionFactory">
	<property name="brokerURL" value="tcp://localhost:61616"/>
	<property name="trustedPackages">
	<list>
	<value>org.apache.activemq.test</value>
	<value>org.apache.camel.test</value>
	</list>
	</property>
	</bean>
	<bean id="jmsConfig" class="org.apache.camel.component.jms.JmsConfiguration">
	<property name="connectionFactory" ref="connectionFactory"/>
	</bean>
	<bean id="activemq" class="org.apache.activemq.camel.component.ActiveMQComponent">
	<property name="configuration" ref="jmsConfig"/>
	</bean></plain-text-body></structured-macro><p>or</p><structured-macro ac:macro-id="52c5267d-774d-417f-bf32-c66a3d1b7a6e" ac:name="code" ac:schema-version="1"><plain-text-body> <bean id="connectionFactory" class="org.apache.activemq.spring.ActiveMQConnectionFactory">
	<property name="brokerURL" value="tcp://localhost:61616"/>
	<property name="trustAllPackages" value="true"/>
	</bean>
	<bean id="jmsConfig" class="org.apache.camel.component.jms.JmsConfiguration">
	<property name="connectionFactory" ref="connectionFactory"/>
	</bean>
	<bean id="activemq" class="org.apache.activemq.camel.component.ActiveMQComponent">
	<property name="configuration" ref="jmsConfig"/>
	</bean></plain-text-body></structured-macro><p>This configuration will override system properties if they are set.</p></div>