JBoss 6.4.20 补丁中允许使用哪些版本的 Jackson? [英] What versions of Jackson are allowed in JBoss 6.4.20 patch?

问题描述

我正在尝试更新我在 6.4.20 JBoss 补丁.我正在使用 org.codehause.jackson，据我所知，JBoss 6.4.x 没有为较新的 com.fasterxml.jackson 提供隐式依赖项.

I am trying to update my version of Jackson being used after the 6.4.20 JBoss patch. I'm using org.codehause.jackson, and JBoss 6.4.x does not provide implicit dependencies for the newer com.fasterxml.jackson as far as I'm aware.

假设 jackson-mapper-asl-1.9.9.redhat-6 是用于 这个补丁?滚动到 6.4.20 公告，我看到提到了 codehaus-jackson-mapper-asl-1.9.9-12.redhat_6.这是否意味着这是推荐的版本?我可以看到它于 18 年 5 月 14 日发布，并于 18 年 5 月 15 日发布.

Is it appropriate to assume that jackson-mapper-asl-1.9.9.redhat-6 is the valid package to use for this patch? When scrolling to the noarch section of the 6.4.20 announcement, I see codehaus-jackson-mapper-asl-1.9.9-12.redhat_6 mentioned. Does that mean this is the version recommended? I can see that it was released 05/14/18 and the announcement was made 05/15/18.

目前我遇到以下错误，因为 codehause-jackson-mapper-asl 与 fasterxml-jackson-databind 相关联，让我相信我正在使用版本不正确.

Currently I am experiencing the following error as codehause-jackson-mapper-asl is associated with fasterxml-jackson-databind, leading me to believe I'm using the incorrect version.

16:01:22,620 错​​误 [org.jboss.resteasy.resteasy_jaxrs.i18n] (http-127.0.0.1:8080-1) RESTEASY000100: 无法执行 POST/find: org.jboss.resteasy.spi.ReaderException:

16:01:22,620 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (http-127.0.0.1:8080-1) RESTEASY000100: Failed executing POST /find: org.jboss.resteasy.spi.ReaderException:

org.codehaus.jackson.map.JsonMappingException:要反序列化的非法类型 [...]:出于安全原因阻止

org.codehaus.jackson.map.JsonMappingException: Illegal type [...] to deserialize: prevented for security reasons

[...]

引起:org.codehaus.jackson.map.JsonMappingException:反序列化的非法类型[...]:出于安全原因在org.codehaus.jackson.map.deser.BeanDeserializerFactory.checkLegalTypes(BeanDeserializerFactory.java:1521)) [jackson-mapper-asl-1.9.9.redhat-6.jar:1.9.9.redhat-6]`

Caused by: org.codehaus.jackson.map.JsonMappingException: Illegal type [...] to deserialize: prevented for security reasons at org.codehaus.jackson.map.deser.BeanDeserializerFactory.checkLegalTypes(BeanDeserializerFactory.java:1521) [jackson-mapper-asl-1.9.9.redhat-6.jar:1.9.9.redhat-6] `

推荐答案

我最近从 JBoss EAP 6.3.0 升级到 6.4.20 并出现同样的异常.

I recently upgraded from JBoss EAP 6.3.0 to 6.4.20 and had the same exception.

根据异常的堆栈跟踪，我发现有必要使用要反序列化的类的完整类名来设置系统属性 jackson.deserialization.whitelist.packages.

Following the stackstrace of the exception I discovered that it becomes necessary to set the system property jackson.deserialization.whitelist.packages with the full class name of the classes you want to deserialize.

如果你愿意，你可以只放包的后缀.对于多个值，用逗号分隔.您可以在第 38 行的 jackson-mapper-asl-1.9.9.redhat-6.jar 类 org.codehaus.jackson.map.deser.BeanDeserializerFactory 中看到这一点到 45.

If you want you can put only the suffix of the package. For multiple values, separate by comma. You can see this in the jackson-mapper-asl-1.9.9.redhat-6.jar class org.codehaus.jackson.map.deser.BeanDeserializerFactory of line 38 to 45.

对于 JBoss 环境，您可以在 standalone*.xml 或 domain.xml 中定义系统属性，如下所示:

For JBoss environments you can define the system property in your standalone*.xml or domain.xml, as follows:

<system-properties>
    <property name="jackson.deserialization.whitelist.packages" value="br.com.myapp" />
</system-properties>

这篇关于JBoss 6.4.20 补丁中允许使用哪些版本的 Jackson?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！