cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1393558 - /cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Date Wed, 03 Oct 2012 15:43:59 GMT
Author: dkulp
Date: Wed Oct  3 15:43:58 2012
New Revision: 1393558

URL: http://svn.apache.org/viewvc?rev=1393558&view=rev
Log:
Merged revisions 1393553 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/branches/2.5.x-fixes

........
  r1393553 | dkulp | 2012-10-03 11:36:33 -0400 (Wed, 03 Oct 2012) | 18 lines

  Merged revisions 1393547 via  git cherry-pick from
  https://svn.apache.org/repos/asf/cxf/branches/2.6.x-fixes

  ........
    r1393547 | dkulp | 2012-10-03 11:31:25 -0400 (Wed, 03 Oct 2012) | 10 lines

    Merged revisions 1393544 via  git cherry-pick from
    https://svn.apache.org/repos/asf/cxf/trunk

    ........
      r1393544 | dkulp | 2012-10-03 11:29:31 -0400 (Wed, 03 Oct 2012) | 2 lines

      [CXF-5440] Problems with basic-auth passwords that contain a colon.

    ........

  ........

........

Modified:
    cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java

Modified: cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=1393558&r1=1393557&r2=1393558&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
(original)
+++ cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Wed Oct  3 15:43:58 2012
@@ -154,11 +154,18 @@ public abstract class AbstractHTTPDestin
             String authEncoded = credentials.split(" ")[1];
             try {
                 String authDecoded = new String(Base64Utility.decode(authEncoded));
-                String authInfo[] = authDecoded.split(":");
-                String username = (authInfo.length > 0) ? authInfo[0] : "";
-                // Below line for systems that blank out password after authentication;
-                // see CXF-1495 for more info
-                String password = (authInfo.length > 1) ? authInfo[1] : "";
+                int idx = authDecoded.indexOf(':');
+                String username = null;
+                String password = null;
+                if (idx == -1) {
+                    username = authDecoded;
+                } else {
+                    username = authDecoded.substring(0, idx);
+                    if (idx < (authDecoded.length() - 1)) {
+                        password = authDecoded.substring(idx + 1);
+                    }
+                }
+                
                 AuthorizationPolicy policy = pp == null 
                     ? new AuthorizationPolicy() : new PrincipalAuthorizationPolicy(pp);
                 policy.setUserName(username);



Mime
View raw message