Hi all, I know you can easily protect your xml based ws from large array attacks by setting up a DepthRestrictingInterceptor<http://svn.apache.org/repos/asf/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java> .
I am wondering how to achieve the same thing if Json is chosen as well as Jackson Json provider. As far as I can see there is no properties in Jackson to set the max depth, unlike the CXF's default Json provider. Cheers, Jason
