|
13 | 13 | */ |
14 | 14 | package org.openmrs.module.metadatasharing.serializer; |
15 | 15 |
|
| 16 | +import java.lang.reflect.Method; |
| 17 | + |
16 | 18 | import org.apache.commons.logging.Log; |
17 | 19 | import org.apache.commons.logging.LogFactory; |
18 | 20 | import org.openmrs.BaseOpenmrsObject; |
|
39 | 41 | import org.openmrs.module.metadatasharing.subscription.SubscriptionHeader; |
40 | 42 | import org.openmrs.serialization.OpenmrsSerializer; |
41 | 43 | import org.openmrs.serialization.SerializationException; |
| 44 | +import org.openmrs.serialization.SimpleXStreamSerializer; |
42 | 45 | import org.openmrs.util.OpenmrsClassLoader; |
43 | 46 | import org.openmrs.util.OpenmrsConstants; |
44 | 47 | import org.springframework.beans.factory.annotation.Autowired; |
@@ -178,6 +181,19 @@ protected MapperWrapper wrapMapper(MapperWrapper next) { |
178 | 181 | xstream.setMode(XStream.ID_REFERENCES); |
179 | 182 | xstream.processAnnotations(new Class[] { SubscriptionHeader.class, Item.class }); |
180 | 183 |
|
| 184 | + setupXStreamSecurity(xstream); |
181 | 185 | } |
182 | 186 |
|
| 187 | + private void setupXStreamSecurity(XStream xstream) { |
| 188 | + SimpleXStreamSerializer serializer = Context.getRegisteredComponent("simpleXStreamSerializer", SimpleXStreamSerializer.class); |
| 189 | + if (serializer != null) { |
| 190 | + try { |
| 191 | + Method method = serializer.getClass().getMethod("initXStream", XStream.class); |
| 192 | + method.invoke(serializer, xstream); |
| 193 | + } |
| 194 | + catch (Exception ex) { |
| 195 | + log.error("Failed to set up XStream Security", ex); |
| 196 | + } |
| 197 | + } |
| 198 | + } |
183 | 199 | } |
0 commit comments