001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.transport.stomp;
018
019import com.thoughtworks.xstream.XStream;
020import com.thoughtworks.xstream.security.AnyTypePermission;
021import com.thoughtworks.xstream.security.NoTypePermission;
022import com.thoughtworks.xstream.security.PrimitiveTypePermission;
023import org.apache.activemq.util.ClassLoadingAwareObjectInputStream;
024
025import java.util.Collection;
026import java.util.Map;
027
028public class XStreamSupport {
029
030    public static XStream createXStream() {
031        XStream stream = new XStream();
032        stream.addPermission(NoTypePermission.NONE);
033        stream.addPermission(PrimitiveTypePermission.PRIMITIVES);
034        stream.allowTypeHierarchy(Collection.class);
035        stream.allowTypeHierarchy(Map.class);
036        stream.allowTypes(new Class[]{String.class});
037        if (ClassLoadingAwareObjectInputStream.isAllAllowed()) {
038            stream.addPermission(AnyTypePermission.ANY);
039        } else {
040            for (String packageName : ClassLoadingAwareObjectInputStream.serializablePackages) {
041                stream.allowTypesByWildcard(new String[]{packageName + ".**"});
042            }
043        }
044        return stream;
045    }
046
047}