Spring Boot/Kafka Json反序列化-受信任的软件包 [英] Spring Boot / Kafka Json Deserialization - Trusted Packages

问题描述

我刚刚开始在Spring Boot& amp;中使用Kafka.想要发送&使用JSON对象.

I am just starting to use Kafka with Spring Boot & want to send & consume JSON objects.

当我尝试使用来自Kafka主题的消息时，出现以下错误:

I am getting the following error when I attempt to consume an message from the Kafka topic:

org.apache.kafka.common.errors.SerializationException: Error deserializing key/value for partition dev.orders-0 at offset 9903. If needed, please seek past the record to continue consumption.
Caused by: java.lang.IllegalArgumentException: The class 'co.orders.feedme.feed.domain.OrderItem' is not in the trusted packages: [java.util, java.lang]. If you believe this class is safe to deserialize, please provide its name. If the serialization is only done by a trusted source, you can also enable trust all (*).
at org.springframework.kafka.support.converter.DefaultJackson2JavaTypeMapper.getClassIdType(DefaultJackson2JavaTypeMapper.java:139) ~[spring-kafka-2.1.5.RELEASE.jar:2.1.5.RELEASE]
at org.springframework.kafka.support.converter.DefaultJackson2JavaTypeMapper.toJavaType(DefaultJackson2JavaTypeMapper.java:113) ~[spring-kafka-2.1.5.RELEASE.jar:2.1.5.RELEASE]
at org.springframework.kafka.support.serializer.JsonDeserializer.deserialize(JsonDeserializer.java:218) ~[spring-kafka-2.1.5.RELEASE.jar:2.1.5.RELEASE]
at org.apache.kafka.clients.consumer.internals.Fetcher.parseRecord(Fetcher.java:923) ~[kafka-clients-1.0.1.jar:na]
at org.apache.kafka.clients.consumer.internals.Fetcher.access$2600(Fetcher.java:93) ~[kafka-clients-1.0.1.jar:na]

我试图通过在application.properties中定义以下属性将软件包添加到受信任软件包列表中:

I have attempted to add my package to the list of trusted packages by defining the following property in application.properties:

spring.kafka.consumer.properties.spring.json.trusted.packages = co.orders.feedme.feed.domain

这似乎没有任何区别.将我的软件包添加到Spring的Kafka JsonDeserializer的受信任软件包列表中的正确方法是什么?

This doesn't appear to make any differences. What is the correct way to add my package to the list of trusted packages for Spring's Kafka JsonDeserializer?

推荐答案

既然您已经解决了受信任的软件包问题，那么对于下一个问题，您可以利用超载的

Since you have the trusted package issue solved, for your next problem you could take advantage of the overloaded

DefaultKafkaConsumerFactory(Map<String, Object> configs,
            Deserializer<K> keyDeserializer,
            Deserializer<V> valueDeserializer)

和Spring kafka的JsonDeserializer包装器"

 and the JsonDeserializer "wrapper" of spring kafka

JsonDeserializer(Class<T> targetType, ObjectMapper objectMapper)

结合以上内容，对于Java我有:

Combining the above, for Java I have:

new DefaultKafkaConsumerFactory<>(properties,
                new IntegerDeserializer(),
                new JsonDeserializer<>(Foo.class,
                        new ObjectMapper()
                .registerModules(new KotlinModule(), new JavaTimeModule()).setSerializationInclusion(JsonInclude.Include.NON_NULL)
                .setDateFormat(new ISO8601DateFormat()).configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false))));

从本质上讲，您可以告诉工厂使用自己的反序列化器，而对于Json，则提供自己的ObjectMapper.您可以在那里注册Kotlin模块以及自定义日期格式和其他内容.

Essentially, you can tell the factory to use your own Deserializers and for the Json one, provide your own ObjectMapper. There you can register the Kotlin Module as well as customize date formats and other stuff.

这篇关于Spring Boot/Kafka Json反序列化-受信任的软件包的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！