How to configure a deserializer securizer with graniteds?

Question

In the latest version of granite ds, the deserializer securizer has been introduced.

If I understand well, this is basically to prevent the deserializer to invoke classes that were not meant to be transported.

Unfortunately I cannot find how to configure it in the granite-config.xml. And this part is not very well documented nor in the documentation nor in the Javadoc of the RegexAMF3DeserializerSecurizer.

Does anyone have the xml snippet to add?

Thanks in advance M.

Answer 1

I spot the answer.

<amf3-deserializer-securizer param="org\.granite\..* | flex\.messaging\..* | my\.packages\.bo\..*"/>

This will configure the default securizer and allows it to construct classes from the specified packages.

M.