In Pega Platform, a global filter checks a list of blocked classes
that are not allowed to be deserialized. You can add classes to the global deserialization
filter to increase the security of your application by preventing unauthorized
access.
-
In the header of Dev Studio, click .
-
To add a class to the list of blocked classes, click Add gadget
class to blacklist, and enter a class name.
Pega Platform does not deserialize classes that match this class
name or pattern. Repeat this step to add multiple class names or patterns. You
can use wildcards to specify a pattern for the class names to block.
| Wildcard |
Function |
<package
name>.** |
Match any class in the package and all
subpackages. |
<package
name>.* |
Match any class in the package. |
<partial
name>* |
Match anything that starts with <partial
name>. |
-
Click Save.