From 6b46e2b9681c2b7a52ecbd8556e95ab7ef5fc1db Mon Sep 17 00:00:00 2001 From: kaajaln2 Date: Wed, 10 Sep 2025 07:10:54 -0400 Subject: [PATCH 1/3] =?UTF-8?q?Document=20update=20-=20Added=20serializati?= =?UTF-8?q?on=20to=20Security=20section=20=C2=A0=20Added=20serialization?= =?UTF-8?q?=20page=20under=20Security=20section=20=C2=A0=20Added=20link=20?= =?UTF-8?q?to=20serialization=20page=20from=20Security=20model=20page=20?= =?UTF-8?q?=C2=A0=20Added=20a=20bullet=20point=20to=20the=20Security=20Imp?= =?UTF-8?q?lementaton=20Overview=20page?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../source/subnavs/geode-subnav.erb | 3 ++ .../security/chapter_overview.html.md.erb | 4 ++ .../implementing_security.html.md.erb | 2 + .../security/security_model.html.md.erb | 6 ++- geode-docs/security/serialization.html.md.erb | 54 +++++++++++++++++++ 5 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 geode-docs/security/serialization.html.md.erb diff --git a/geode-book/master_middleman/source/subnavs/geode-subnav.erb b/geode-book/master_middleman/source/subnavs/geode-subnav.erb index 49cd752f9757..b4ba7467a4ce 100644 --- a/geode-book/master_middleman/source/subnavs/geode-subnav.erb +++ b/geode-book/master_middleman/source/subnavs/geode-subnav.erb @@ -159,6 +159,9 @@ limitations under the License. +
  • + Serialization +
    • diff --git a/geode-docs/security/chapter_overview.html.md.erb b/geode-docs/security/chapter_overview.html.md.erb index f75376d6f295..3984dd5ae4c8 100644 --- a/geode-docs/security/chapter_overview.html.md.erb +++ b/geode-docs/security/chapter_overview.html.md.erb @@ -48,3 +48,7 @@ The security framework permits authentication of connecting components and autho - **[SSL](../security/ssl_overview.html)** SSL protects your data in transit between applications. + +- **[Serialization](../security/serialization.html)** + + This section describes the serialization mechanisms available in Apache Geode, including global serialization filters and PDX serialization. diff --git a/geode-docs/security/implementing_security.html.md.erb b/geode-docs/security/implementing_security.html.md.erb index fcccda0933f5..d684346dbfc3 100644 --- a/geode-docs/security/implementing_security.html.md.erb +++ b/geode-docs/security/implementing_security.html.md.erb @@ -37,6 +37,8 @@ SSL-based, rather than plain socket connections. You can enable SSL separately for peer-to-peer, client, JMX, gateway senders and receivers, and HTTP connections. - **Post processing of region data**. Return values for operations that return region values may be formatted. +- **Serialization**. Control and filter object serialization, particularly + in the context of security and performance. ## Overview diff --git a/geode-docs/security/security_model.html.md.erb b/geode-docs/security/security_model.html.md.erb index fc9ccafebeae..1a7f3842b3d4 100644 --- a/geode-docs/security/security_model.html.md.erb +++ b/geode-docs/security/security_model.html.md.erb @@ -22,9 +22,10 @@ Every component of Apache Geode is built with security considerations as a top p solutions require user-specific design and implementation. Geode's default configuration combines maximum flexibility and performance without any input needed from the user. Because of this, certain security measures like **[authentication](authentication_overview.html)**, -**[authorization](authorization_overview.html)** and +**[authorization](authorization_overview.html)**, +**[serialization](../security/serialization.html)** and **[over-the-wire encryption](ssl_overview.html)** -are absent from a default Geode installation. +are absent from a default Geode installation. It is highly recommended that users review Geode's security capabilities and implement them as they see fit. See the **[Security Implementation Introduction and Overview](implementing_security.html)** to get started with Apache Geode security. @@ -33,3 +34,4 @@ Additional documentation related to security can be found on Apache Geode Wiki [Geode Security Framework](https://cwiki.apache.org/confluence/display/GEODE/Geode+Security+Framework) and [Geode Integrated Security](https://cwiki.apache.org/confluence/display/GEODE/Geode+Integrated+Security). + diff --git a/geode-docs/security/serialization.html.md.erb b/geode-docs/security/serialization.html.md.erb new file mode 100644 index 000000000000..f8b4a0435eea --- /dev/null +++ b/geode-docs/security/serialization.html.md.erb @@ -0,0 +1,54 @@ +--- +title: Serialization +--- + + + +Apache Geode offers mechanisms to control and filter object serialization, particularly + in the context of security and performance. This is primarily achieved through: + + +## Global Serialization Filter (Java 8) + +For deployments using Java 8, a global serialization filter can be enabled to restrict the types of objects that can be serialized and +deserialized within the Geode process. This helps mitigate risks associated with deserialization of untrusted data, a common vulnerability. + +- To enable this, the Java system property `geode.enableGlobalSerialFilter` is set to true when starting Geode locators and servers. + +- Additionally, the `serializable-object-filter` configuration option, used in conjunction with `validate-serializable-objects,` is used to +specify a whitelist of user-defined classes that are allowed to be serialized/deserialized, in addition to standard JDK and Geode classes. + This allows for fine-grained control over which custom objects are permitted in the system. + +## PDX Serialization + +Apache Geode's Portable Data eXchange (PDX) serialization offers a more robust and flexible approach to data serialization, providing features +like schema evolution and language independence. While not a "filter" in the same sense as the global serialization filter, PDX provides control +over how objects are serialized and deserialized. + +- **PdxSerializer:** You can implement a custom `PdxSerializer` to define how specific domain objects are serialized and deserialized, allowing + for selective handling of fields or transformations during the process. + +- **Reflection-Based Auto-Serialization:** PDX also supports automatic reflection-based serialization, where Geode can serialize objects without + requiring explicit implementation of `PdxSerializable` in your domain classes. This can be configured to include or exclude specific types based + on criteria like package names, providing a form of type filtering. + + + + + In conclusion, Apache Geode provides serialization filtering capabilities through a global filter for security hardening in Java 8 environments and + through the flexible configurations of PDX serialization for fine-grained control over data handling and type inclusion/exclusion. From d450b5423d59c7ed8902b23e88e13c618c49b239 Mon Sep 17 00:00:00 2001 From: kaajaln2 Date: Wed, 10 Sep 2025 07:10:54 -0400 Subject: [PATCH 2/3] =?UTF-8?q?Document=20update=20-=20Added=20serializati?= =?UTF-8?q?on=20to=20Security=20section=20=C2=A0=20Added=20serialization?= =?UTF-8?q?=20page=20under=20Security=20section=20=C2=A0=20Added=20link=20?= =?UTF-8?q?to=20serialization=20page=20from=20Security=20model=20page=20?= =?UTF-8?q?=C2=A0=20Added=20a=20bullet=20point=20to=20the=20Security=20Imp?= =?UTF-8?q?lementaton=20Overview=20page=20=20=20Removed=20Java=20version?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../source/subnavs/geode-subnav.erb | 3 ++ .../security/chapter_overview.html.md.erb | 4 ++ .../implementing_security.html.md.erb | 2 + .../security/security_model.html.md.erb | 6 ++- geode-docs/security/serialization.html.md.erb | 54 +++++++++++++++++++ 5 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 geode-docs/security/serialization.html.md.erb diff --git a/geode-book/master_middleman/source/subnavs/geode-subnav.erb b/geode-book/master_middleman/source/subnavs/geode-subnav.erb index 49cd752f9757..b4ba7467a4ce 100644 --- a/geode-book/master_middleman/source/subnavs/geode-subnav.erb +++ b/geode-book/master_middleman/source/subnavs/geode-subnav.erb @@ -159,6 +159,9 @@ limitations under the License. +
  • + Serialization +
    • diff --git a/geode-docs/security/chapter_overview.html.md.erb b/geode-docs/security/chapter_overview.html.md.erb index f75376d6f295..3984dd5ae4c8 100644 --- a/geode-docs/security/chapter_overview.html.md.erb +++ b/geode-docs/security/chapter_overview.html.md.erb @@ -48,3 +48,7 @@ The security framework permits authentication of connecting components and autho - **[SSL](../security/ssl_overview.html)** SSL protects your data in transit between applications. + +- **[Serialization](../security/serialization.html)** + + This section describes the serialization mechanisms available in Apache Geode, including global serialization filters and PDX serialization. diff --git a/geode-docs/security/implementing_security.html.md.erb b/geode-docs/security/implementing_security.html.md.erb index fcccda0933f5..d684346dbfc3 100644 --- a/geode-docs/security/implementing_security.html.md.erb +++ b/geode-docs/security/implementing_security.html.md.erb @@ -37,6 +37,8 @@ SSL-based, rather than plain socket connections. You can enable SSL separately for peer-to-peer, client, JMX, gateway senders and receivers, and HTTP connections. - **Post processing of region data**. Return values for operations that return region values may be formatted. +- **Serialization**. Control and filter object serialization, particularly + in the context of security and performance. ## Overview diff --git a/geode-docs/security/security_model.html.md.erb b/geode-docs/security/security_model.html.md.erb index fc9ccafebeae..1a7f3842b3d4 100644 --- a/geode-docs/security/security_model.html.md.erb +++ b/geode-docs/security/security_model.html.md.erb @@ -22,9 +22,10 @@ Every component of Apache Geode is built with security considerations as a top p solutions require user-specific design and implementation. Geode's default configuration combines maximum flexibility and performance without any input needed from the user. Because of this, certain security measures like **[authentication](authentication_overview.html)**, -**[authorization](authorization_overview.html)** and +**[authorization](authorization_overview.html)**, +**[serialization](../security/serialization.html)** and **[over-the-wire encryption](ssl_overview.html)** -are absent from a default Geode installation. +are absent from a default Geode installation. It is highly recommended that users review Geode's security capabilities and implement them as they see fit. See the **[Security Implementation Introduction and Overview](implementing_security.html)** to get started with Apache Geode security. @@ -33,3 +34,4 @@ Additional documentation related to security can be found on Apache Geode Wiki [Geode Security Framework](https://cwiki.apache.org/confluence/display/GEODE/Geode+Security+Framework) and [Geode Integrated Security](https://cwiki.apache.org/confluence/display/GEODE/Geode+Integrated+Security). + diff --git a/geode-docs/security/serialization.html.md.erb b/geode-docs/security/serialization.html.md.erb new file mode 100644 index 000000000000..b96cb7178ddd --- /dev/null +++ b/geode-docs/security/serialization.html.md.erb @@ -0,0 +1,54 @@ +--- +title: Serialization +--- + + + +Apache Geode offers mechanisms to control and filter object serialization, particularly + in the context of security and performance. This is primarily achieved through: + + +## Global Serialization Filter (Java) + +For deployments using Java, a global serialization filter can be enabled to restrict the types of objects that can be serialized and +deserialized within the Geode process. This helps mitigate risks associated with deserialization of untrusted data, a common vulnerability. + +- To enable this, the Java system property `geode.enableGlobalSerialFilter` is set to true when starting Geode locators and servers. + +- Additionally, the `serializable-object-filter` configuration option, used in conjunction with `validate-serializable-objects,` is used to +specify a whitelist of user-defined classes that are allowed to be serialized/deserialized, in addition to standard JDK and Geode classes. + This allows for fine-grained control over which custom objects are permitted in the system. + +## PDX Serialization + +Apache Geode's Portable Data eXchange (PDX) serialization offers a more robust and flexible approach to data serialization, providing features +like schema evolution and language independence. While not a "filter" in the same sense as the global serialization filter, PDX provides control +over how objects are serialized and deserialized. + +- **PdxSerializer:** You can implement a custom `PdxSerializer` to define how specific domain objects are serialized and deserialized, allowing + for selective handling of fields or transformations during the process. + +- **Reflection-Based Auto-Serialization:** PDX also supports automatic reflection-based serialization, where Geode can serialize objects without + requiring explicit implementation of `PdxSerializable` in your domain classes. This can be configured to include or exclude specific types based + on criteria like package names, providing a form of type filtering. + + + + + In conclusion, Apache Geode provides serialization filtering capabilities through a global filter for security hardening in Java 8 environments and + through the flexible configurations of PDX serialization for fine-grained control over data handling and type inclusion/exclusion. From 33ce3a6fd75d030c3412e01fc0d0b8d86c4d585c Mon Sep 17 00:00:00 2001 From: kaajaln2 Date: Wed, 10 Sep 2025 17:36:54 -0400 Subject: [PATCH 3/3] Document update: Removed java version in serialization section --- geode-docs/security/serialization.html.md.erb | 54 +++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/geode-docs/security/serialization.html.md.erb b/geode-docs/security/serialization.html.md.erb index e69de29bb2d1..b96cb7178ddd 100644 --- a/geode-docs/security/serialization.html.md.erb +++ b/geode-docs/security/serialization.html.md.erb @@ -0,0 +1,54 @@ +--- +title: Serialization +--- + + + +Apache Geode offers mechanisms to control and filter object serialization, particularly + in the context of security and performance. This is primarily achieved through: + + +## Global Serialization Filter (Java) + +For deployments using Java, a global serialization filter can be enabled to restrict the types of objects that can be serialized and +deserialized within the Geode process. This helps mitigate risks associated with deserialization of untrusted data, a common vulnerability. + +- To enable this, the Java system property `geode.enableGlobalSerialFilter` is set to true when starting Geode locators and servers. + +- Additionally, the `serializable-object-filter` configuration option, used in conjunction with `validate-serializable-objects,` is used to +specify a whitelist of user-defined classes that are allowed to be serialized/deserialized, in addition to standard JDK and Geode classes. + This allows for fine-grained control over which custom objects are permitted in the system. + +## PDX Serialization + +Apache Geode's Portable Data eXchange (PDX) serialization offers a more robust and flexible approach to data serialization, providing features +like schema evolution and language independence. While not a "filter" in the same sense as the global serialization filter, PDX provides control +over how objects are serialized and deserialized. + +- **PdxSerializer:** You can implement a custom `PdxSerializer` to define how specific domain objects are serialized and deserialized, allowing + for selective handling of fields or transformations during the process. + +- **Reflection-Based Auto-Serialization:** PDX also supports automatic reflection-based serialization, where Geode can serialize objects without + requiring explicit implementation of `PdxSerializable` in your domain classes. This can be configured to include or exclude specific types based + on criteria like package names, providing a form of type filtering. + + + + + In conclusion, Apache Geode provides serialization filtering capabilities through a global filter for security hardening in Java 8 environments and + through the flexible configurations of PDX serialization for fine-grained control over data handling and type inclusion/exclusion.