Class DefaultDeserializationTypeValidator

java.lang.Object
org.camunda.bpm.engine.impl.runtime.DefaultDeserializationTypeValidator
All Implemented Interfaces:
DeserializationTypeValidator, WhitelistingDeserializationTypeValidator

public class DefaultDeserializationTypeValidator extends Object implements WhitelistingDeserializationTypeValidator
Validate a type against a list of allowed packages and classes. Allows a basic set of packages and classes without known security issues based on Jackson Databind's SubTypeValidator.