Deprecate unsecure XMLSerializer

commit: 9348dd8f9e8f2d33a475f785c93093d4d73b6102 [log] [tgz]
author: Francois Papon <fpapon@apache.org> Fri Apr 10 16:19:46 2020 +0200
committer: Francois Papon <fpapon@apache.org> Fri Apr 10 16:19:46 2020 +0200
tree: a26be9df0f9eeacdbc8e575750682b4e72580b5d
parent: 8b46c8acfcbbb867eb97b4abb7e44e6bfee9c495 [diff]
diff --git a/lang/src/main/java/org/apache/shiro/io/XmlSerializer.java b/lang/src/main/java/org/apache/shiro/io/XmlSerializer.java
index 12c2a39..583a8ce 100644
--- a/lang/src/main/java/org/apache/shiro/io/XmlSerializer.java
+++ b/lang/src/main/java/org/apache/shiro/io/XmlSerializer.java

@@ -32,8 +32,9 @@
  * <p/>
  * <b>NOTE:</b> The JavaBeans XMLEncoder/XMLDecoder only successfully encode/decode objects when they are
  * JavaBeans compatible!
- * 
+ *
  * @since 0.9
+ * @deprecated This class should not be used directly because of unsecure XMLEncoder/XMLDecoder usage.
  */
 public class XmlSerializer implements Serializer {
commit	9348dd8f9e8f2d33a475f785c93093d4d73b6102	[log] [tgz]
author	Francois Papon <fpapon@apache.org>	Fri Apr 10 16:19:46 2020 +0200
committer	Francois Papon <fpapon@apache.org>	Fri Apr 10 16:19:46 2020 +0200
tree	a26be9df0f9eeacdbc8e575750682b4e72580b5d
parent	8b46c8acfcbbb867eb97b4abb7e44e6bfee9c495 [diff]