AllowList Recording Does Not Record java*.* , weblogic., oracle. in jep290-recorded.serial.properties
(Doc ID 2942847.1)
Last updated on APRIL 21, 2023
Applies to:Oracle WebLogic Server - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
As per Oracle Docs :
"Allowlists are configuration files that define a list of the WebLogic Server and customer application classes and packages that you wish to allow to be deserialized. Allowlists can be created and configured to control which packages and classes are deserialized (or blocked) in running systems.
When allowlist recording is enabled, all classes are allowed during deserialization except for the classes specified in the blockist.
Run a full set of tests to ensure that the recorded allowlist configuration file provides appropriate coverage of all packages and classes that must be allowed in order for your application to run successfully. When deserialization occurs, each class is recorded in the following configuration file:
It was noticed that jep290 recording is not recording java.net.URL in jep290-recorded.serial.properties
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document