Hi,
I am trying to implement ClassFilter of Nashorn to achieve whiteListing class. Because SecureJavascriptConfigurator uses Rhino Scripting Engine and it converts integer to double by default, we are unable to use SecureJavascriptConfigurator as double value breaks our usecase.
Default flowable script executor(Nashorn I think) does not convert integer to double. So is there any way I can use Nashhorn class filtering to achive whiteListing of classes also.
Hi @joram, We are using SecureJavascriptConfigurator to use whiteListing of java classes in script task. But since SecureJavascriptConfigurator uses rhino engine, rhino engine is converting integer to double.
So I was looking for an alternative of rhino. I saw nashorn is used by flowable bydefault(when not using SecureJavascriptConfigurator) and we don’t face the issue of integer to decimal conversion. But I am not finding ways to configure whitelisting of java classes with nashorn other than ClassFilter. Then your answer came. You can refer here also. execution.setVariable will change integer type to double type · Issue #2485 · flowable/flowable-engine · GitHub.
Please read my previous post: Flowable doesn’t use Nashorn. Flowable uses Nashorn if that’s the scripting engine available for javascript in your JDK. The secure scripting module does have a hard dependency on rhino (because it dates from before the JDK removed the scripting engine).
Hi, @joram I’m interested in this question particularly because I’m planning to enable GraalVM polyglot SDK within flowable. I’m interested in knowing if there are any recommendations or HOW-TOs for creating a custom engine.
Thanks
As Joram explained earlier. Flowable uses the Java Scripting API. If you expose GraalVM as a Java Scripting engine it should work without any changes. If you want to do something more natively, you’ll have to look into using a custom task.
Thanks, @filiphr
Actually, I was thinking about more native integration using Graal’s polyglot capabilities. I managed to create a custom task but that was not the best approach.