JBoss 6.4.20 补丁中允许使用哪些版本的 Jackson? [英] What versions of Jackson are allowed in JBoss 6.4.20 patch?
问题描述
我正在尝试更新我在 6.4.20 JBoss 补丁.我正在使用 org.codehause.jackson
,据我所知,JBoss 6.4.x 没有为较新的 com.fasterxml.jackson
提供隐式依赖项.
I am trying to update my version of Jackson being used after the 6.4.20 JBoss patch. I'm using org.codehause.jackson
, and JBoss 6.4.x does not provide implicit dependencies for the newer com.fasterxml.jackson
as far as I'm aware.
假设 jackson-mapper-asl-1.9.9.redhat-6
是用于 这个补丁?滚动到 6.4.20 公告,我看到提到了 codehaus-jackson-mapper-asl-1.9.9-12.redhat_6
.这是否意味着这是推荐的版本?我可以看到它于 18 年 5 月 14 日发布,并于 18 年 5 月 15 日发布.
Is it appropriate to assume that jackson-mapper-asl-1.9.9.redhat-6
is the valid package to use for this patch? When scrolling to the noarch section of the 6.4.20 announcement, I see codehaus-jackson-mapper-asl-1.9.9-12.redhat_6
mentioned. Does that mean this is the version recommended? I can see that it was released 05/14/18 and the announcement was made 05/15/18.
目前我遇到以下错误,因为 codehause-jackson-mapper-asl
与 fasterxml-jackson-databind
相关联,让我相信我正在使用版本不正确.
Currently I am experiencing the following error as codehause-jackson-mapper-asl
is associated with fasterxml-jackson-databind
, leading me to believe I'm using the incorrect version.
16:01:22,620 错误 [org.jboss.resteasy.resteasy_jaxrs.i18n] (http-127.0.0.1:8080-1) RESTEASY000100: 无法执行 POST/find: org.jboss.resteasy.spi.ReaderException:
16:01:22,620 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (http-127.0.0.1:8080-1) RESTEASY000100: Failed executing POST /find: org.jboss.resteasy.spi.ReaderException:
org.codehaus.jackson.map.JsonMappingException:要反序列化的非法类型 [...]:出于安全原因阻止
org.codehaus.jackson.map.JsonMappingException: Illegal type [...] to deserialize: prevented for security reasons
[...]
引起:org.codehaus.jackson.map.JsonMappingException:反序列化的非法类型[...]:出于安全原因在org.codehaus.jackson.map.deser.BeanDeserializerFactory.checkLegalTypes(BeanDeserializerFactory.java:1521)) [jackson-mapper-asl-1.9.9.redhat-6.jar:1.9.9.redhat-6]`
Caused by: org.codehaus.jackson.map.JsonMappingException: Illegal type [...] to deserialize: prevented for security reasons at org.codehaus.jackson.map.deser.BeanDeserializerFactory.checkLegalTypes(BeanDeserializerFactory.java:1521) [jackson-mapper-asl-1.9.9.redhat-6.jar:1.9.9.redhat-6] `
推荐答案
我最近从 JBoss EAP 6.3.0 升级到 6.4.20 并出现同样的异常.
I recently upgraded from JBoss EAP 6.3.0 to 6.4.20 and had the same exception.
根据异常的堆栈跟踪,我发现有必要使用要反序列化的类的完整类名来设置系统属性 jackson.deserialization.whitelist.packages
.
Following the stackstrace of the exception I discovered that it becomes necessary to set the system property jackson.deserialization.whitelist.packages
with the full class name of the classes you want to deserialize.
如果你愿意,你可以只放包的后缀.对于多个值,用逗号分隔.您可以在第 38 行的 jackson-mapper-asl-1.9.9.redhat-6.jar
类 org.codehaus.jackson.map.deser.BeanDeserializerFactory
中看到这一点到 45.
If you want you can put only the suffix of the package. For multiple values, separate by comma. You can see this in the jackson-mapper-asl-1.9.9.redhat-6.jar
class org.codehaus.jackson.map.deser.BeanDeserializerFactory
of line 38 to 45.
对于 JBoss 环境,您可以在 standalone*.xml
或 domain.xml
中定义系统属性,如下所示:
For JBoss environments you can define the system property in your standalone*.xml
or domain.xml
, as follows:
<system-properties>
<property name="jackson.deserialization.whitelist.packages" value="br.com.myapp" />
</system-properties>
这篇关于JBoss 6.4.20 补丁中允许使用哪些版本的 Jackson?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!