Skip to main content

Table of Contents

Configuring the deserialization filter


Only available versions of this content are shown in the dropdown

In Pega Platform, a global filter checks a list of blocked classes that are not allowed to be deserialized. You can add classes to the global deserialization filter to increase the security of your application by preventing unauthorized access.

  1. In the header of Dev Studio, click Configure System Settings Deserialization Blacklist .

  2. To add a class to the list of blocked classes, click Add gadget class to blacklist, and enter a class name.

    Pega Platform does not deserialize classes that match this class name or pattern. Repeat this step to add multiple class names or patterns. You can use wildcards to specify a pattern for the class names to block.

    Wildcard Function
    <package name>.** Match any class in the package and all subpackages.
    <package name>.* Match any class in the package.
    <partial name>* Match anything that starts with <partial name>.

  3. Click Save.

Related Content

Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us