Using JSONFactoryUtil.looseDeserialize method deserilizes to HashMap instead of my class.

Issue

  • We have a WAR portlet that uses JSONFactoryUtil.looseDeserialize method.
  • Also, our class is defined as whitelisted. See following:
json.deserialization.whitelist.class.names=\
com.liferay.portal.kernel.cal.DayAndPosition,\
com.liferay.portal.kernel.cal.Duration,\
com.liferay.portal.kernel.cal.TZSRecurrence,\
com.liferay.portal.kernel.internal.service.permission.ModelPermissionsImpl,\
com.liferay.portal.kernel.messaging.Message,\
com.liferay.portal.kernel.model.PortletPreferencesIds,\
com.liferay.portal.kernel.security.auth.HttpPrincipal,\
com.liferay.portal.kernel.service.ServiceContext,\
com.liferay.portal.kernel.util.HtmlEscapableObject,\
com.liferay.portal.kernel.util.GroupSubscriptionCheckSubscriptionSender,\
com.liferay.portal.kernel.util.LongWrapper,\
com.liferay.portal.kernel.util.SubscriptionSender,\
com.liferay.portal.kernel.util.SubscriptionSender$HTMLAtributeEscapableObject,\
com.liferay.portal.kernel.util.SubscriptionSender$URIEscapableObject,\
com.liferay.portal.kernel.util.Tuple,\
java.util.GregorianCalendar,\
java.util.Locale,\
java.util.TimeZone,\
sun.util.calendar.ZoneInfo,\
com.acme.MyClass
  • But when we use that method we get a HashMap object instead of com.acme.MyClass as expected.

 

Resolution

  • There is another available method to get the expected result:
JSONFactoryUtil.deserialize(String json)
  • This method provides a deserializing procedure that uses the property
json.deserialization.whitelist.class.names
  • Whereas the refered method
JSONFactoryUtil.looseDeserialize(String json)

does not use that property. As result, the deserializing procedure is not completed.

  • Thus, you have to use JSONFactoryUtil.deserialize(String json) method.

 

 

 

这篇文章有帮助吗?
1 人中有 1 人觉得有帮助