JBoss 6.4.20补丁中允许使用什么版本的Jackson? [英] What versions of Jackson are allowed in JBoss 6.4.20 patch?
问题描述
我正在尝试在 6.4.20 JBoss补丁.我使用的是org.codehause.jackson
,据我所知,JBoss 6.4.x并未为较新的com.fasterxml.jackson
提供隐式依赖关系.
I am trying to update my version of Jackson being used after the 6.4.20 JBoss patch. I'm using org.codehause.jackson
, and JBoss 6.4.x does not provide implicit dependencies for the newer com.fasterxml.jackson
as far as I'm aware.
假设jackson-mapper-asl-1.9.9.redhat-6
是用于 6.4.20公告,我看到提到了codehaus-jackson-mapper-asl-1.9.9-12.redhat_6
.这是否意味着这是推荐的版本?我可以看到它已于05/14/18发布,而公告已于05/15/18发布.
Is it appropriate to assume that jackson-mapper-asl-1.9.9.redhat-6
is the valid package to use for this patch? When scrolling to the noarch section of the 6.4.20 announcement, I see codehaus-jackson-mapper-asl-1.9.9-12.redhat_6
mentioned. Does that mean this is the version recommended? I can see that it was released 05/14/18 and the announcement was made 05/15/18.
由于codehause-jackson-mapper-asl
与fasterxml-jackson-databind
相关联,因此我目前遇到以下错误,使我相信自己使用的版本不正确.
Currently I am experiencing the following error as codehause-jackson-mapper-asl
is associated with fasterxml-jackson-databind
, leading me to believe I'm using the incorrect version.
16:01:22,620错误[org.jboss.resteasy.resteasy_jaxrs.i18n](http-127.0.0.1:8080-1)RESTEASY000100:执行POST失败/查找:org.jboss.resteasy.spi.ReaderException:
16:01:22,620 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (http-127.0.0.1:8080-1) RESTEASY000100: Failed executing POST /find: org.jboss.resteasy.spi.ReaderException:
org.codehaus.jackson.map.JsonMappingException:要反序列化的非法类型[...]:出于安全原因而被阻止
org.codehaus.jackson.map.JsonMappingException: Illegal type [...] to deserialize: prevented for security reasons
[...]
原因:org.codehaus.jackson.map.JsonMappingException:要反序列化的非法类型:出于安全原因,在org.codehaus.jackson.map.deser.BeanDeserializerFactory.checkLegalTypes(BeanDeserializerFactory.java:1521 )[jackson-mapper-asl-1.9.9.redhat-6.jar:1.9.9.redhat-6] `
Caused by: org.codehaus.jackson.map.JsonMappingException: Illegal type [...] to deserialize: prevented for security reasons at org.codehaus.jackson.map.deser.BeanDeserializerFactory.checkLegalTypes(BeanDeserializerFactory.java:1521) [jackson-mapper-asl-1.9.9.redhat-6.jar:1.9.9.redhat-6] `
推荐答案
我最近从JBoss EAP 6.3.0升级到6.4.20,但有相同的例外.
I recently upgraded from JBoss EAP 6.3.0 to 6.4.20 and had the same exception.
在出现异常的堆栈跟踪之后,我发现有必要使用要反序列化的类的完整类名来设置系统属性jackson.deserialization.whitelist.packages
.
Following the stackstrace of the exception I discovered that it becomes necessary to set the system property jackson.deserialization.whitelist.packages
with the full class name of the classes you want to deserialize.
如果需要,可以仅放置包装的后缀.对于多个值,请用逗号分隔.您可以在第38至45行的jackson-mapper-asl-1.9.9.redhat-6.jar
类org.codehaus.jackson.map.deser.BeanDeserializerFactory
中看到这一点.
If you want you can put only the suffix of the package. For multiple values, separate by comma. You can see this in the jackson-mapper-asl-1.9.9.redhat-6.jar
class org.codehaus.jackson.map.deser.BeanDeserializerFactory
of line 38 to 45.
对于JBoss环境,您可以在standalone*.xml
或domain.xml
中定义系统属性,如下所示:
For JBoss environments you can define the system property in your standalone*.xml
or domain.xml
, as follows:
<system-properties>
<property name="jackson.deserialization.whitelist.packages" value="br.com.myapp" />
</system-properties>
这篇关于JBoss 6.4.20补丁中允许使用什么版本的Jackson?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!