How to Filter Incoming Serialization Data in JBoss EAP 8 / 7.4

Solution Verified - Updated -

Issue

  • How to Filter Incoming Serialization Data in JBoss EAP 8.x ?
  • How to Filter Incoming Serialization Data in JBoss EAP 7.4
  • We want to configure Java serialization filtering (https://docs.oracle.com/en/java/javase/11/core/serialization-filtering1.html) for an enterprise application. Clients connect to stateless session beans via the JBoss EJB client API, with the 'remote+http' protocol.
  • Where can we find documentation on JBoss serialization filtering?
  • How can serialization filtering for session beans be configured? I.e. can we allow/deny classes beyond the default configuration?

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content