| Log Message: |
When using the new sessionAttributeValueClassNameFilter, apply the filter earlier rather than loading the class and then deciding to filter it out.
When a SecurityManager is used, enable filtering by default.
This is part 2 of 2 of the fix for CVE-2016-0714
|