Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-8704

Configuration to prevent submission of Java Object values in serialized form

    XMLWordPrintable

Details

    Description

      AT:

      • it exists a configuration option to enable/disable the "Java Serialization Data Format"
      • by default the "Java Serialization Data Format" is disabled
      • the new configuration parameter has affect only in case when vairables are set by their serialized representation
      • the change is described in the upgrade guide [1] and [2]

      Hint:

      • the default serialization data format stays to JAVA - it is used when serializing object variables to store them in the database
      • in case of the patches the "Java Serialization Data Format" should be enabled and the default serialization data format remains as it is

      [1]: https://docs.camunda.org/manual/7.8/update/patch-level/#special-considerations
      [2]: https://docs.camunda.org/manual/7.8/update/minor/

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Issue Links

            is related to

            Sub-task - The sub-task of the issue CAM-13453 Security implications of javaSerializationFormatEnabled = true are not documented well

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Closed
            mentioned in

            Page Loading...

            Activity

              People

                svetlana.dorokhova Svetlana Dorokhova
                roman.smirnov Roman Smirnov
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Salesforce