cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1437532 - in /cxf/branches/2.7.x-fixes: ./ rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/ rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/ rt/rs/security/cor...
Date Wed, 23 Jan 2013 16:09:03 GMT
Author: sergeyb
Date: Wed Jan 23 16:09:03 2013
New Revision: 1437532

URL: http://svn.apache.org/viewvc?rev=1437532&view=rev
Log:
Merged revisions 1437405 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1437405 | sergeyb | 2013-01-23 14:26:46 +0000 (Wed, 23 Jan 2013) | 1 line
  
  [CXF-4775] Do not split header values with commas by default
........

Modified:
    cxf/branches/2.7.x-fixes/   (props changed)
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/HttpHeadersImpl.java
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/SecurityContextImpl.java
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/HttpHeadersImplTest.java
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/JAXRSUtilsTest.java
    cxf/branches/2.7.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
    cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java
    cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/resources/jaxrs_non_spring/WEB-INF/web.xml

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/trunk:r1437405

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/HttpHeadersImpl.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/HttpHeadersImpl.java?rev=1437532&r1=1437531&r2=1437532&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/HttpHeadersImpl.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/HttpHeadersImpl.java
Wed Jan 23 16:09:03 2013
@@ -44,9 +44,12 @@ import org.apache.cxf.common.util.String
 import org.apache.cxf.jaxrs.utils.HttpUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
 
 public class HttpHeadersImpl implements HttpHeaders {
 
+    private static final String HEADER_SPLIT_PROPERTY =
+        "org.apache.cxf.http.header.split";
     private static final String COOKIE_SEPARATOR_PROPERTY =
         "org.apache.cxf.http.cookie.separator";
     private static final String COOKIE_SEPARATOR_CRLF = "crlf";
@@ -123,6 +126,11 @@ public class HttpHeadersImpl implements 
         }
     }
     
+    private boolean splitIndividualValue() {
+        Object property = message.getContextualProperty(HEADER_SPLIT_PROPERTY);
+        return MessageUtils.isTrue(property);
+    }
+    
     public Locale getLanguage() {
         List<String> values = getListValues(HttpHeaders.CONTENT_LANGUAGE);
         return values.size() == 0 ? null : HttpUtils.getLocale(values.get(0).trim());
@@ -186,7 +194,11 @@ public class HttpHeadersImpl implements 
             if (value == null) {
                 continue;
             }
-            ls.addAll(getHeaderValues(name, value, sep));
+            if (splitIndividualValue()) {
+                ls.addAll(getHeaderValues(name, value, sep));
+            } else {
+                ls.add(value);
+            }
         }
         return ls;
     }

Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/SecurityContextImpl.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/SecurityContextImpl.java?rev=1437532&r1=1437531&r2=1437532&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/SecurityContextImpl.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/SecurityContextImpl.java
Wed Jan 23 16:09:03 2013
@@ -21,15 +21,17 @@ package org.apache.cxf.jaxrs.impl;
 
 import java.security.Principal;
 import java.util.List;
+import java.util.Map;
 
+import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.SecurityContext;
 
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.jaxrs.utils.HttpUtils;
 import org.apache.cxf.message.Message;
 
-public class SecurityContextImpl implements SecurityContext {
 
+public class SecurityContextImpl implements SecurityContext {
     private Message m;
     
     public SecurityContextImpl(Message m) {
@@ -40,9 +42,22 @@ public class SecurityContextImpl impleme
         if (m.get(AuthorizationPolicy.class) != null) {
             return SecurityContext.BASIC_AUTH;
         }
-        List<String> authorizationValues = new HttpHeadersImpl(m).getRequestHeader("Authorization");
-        
-        return authorizationValues.size() > 0 ? authorizationValues.get(0) : "Unknown
scheme";
+        @SuppressWarnings("unchecked")
+        Map<String, List<String>> headers = 
+            (Map<String, List<String>>)m.get(Message.PROTOCOL_HEADERS);
+        if (headers != null) {
+            List<String> values = headers.get(HttpHeaders.AUTHORIZATION);
+            if (values != null && values.size() == 1) {
+                String value = values.get(0);
+                if (value != null) {
+                    int index = value.trim().indexOf(" ");
+                    if (index != -1) {
+                        return value.substring(0, index);
+                    }
+                }
+            }
+        }
+        return null;
     }
 
     public Principal getUserPrincipal() {

Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/HttpHeadersImplTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/HttpHeadersImplTest.java?rev=1437532&r1=1437531&r2=1437532&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/HttpHeadersImplTest.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/impl/HttpHeadersImplTest.java
Wed Jan 23 16:09:03 2013
@@ -60,6 +60,8 @@ public class HttpHeadersImplTest extends
         MetadataMap<String, String> headers = 
             createHeader("COMPLEX_HEADER",  "b=c; param=c, a=b;param=b");
         EasyMock.expectLastCall().andReturn(headers);
+        m.getContextualProperty("org.apache.cxf.http.header.split");
+        EasyMock.expectLastCall().andReturn("true");
         control.replay();
         HttpHeaders h = new HttpHeadersImpl(m);
         List<String> values = h.getRequestHeader("COMPLEX_HEADER");
@@ -73,6 +75,8 @@ public class HttpHeadersImplTest extends
     public void testGetHeaderWithQuotes1() throws Exception {
         
         Message m = control.createMock(Message.class);
+        m.getContextualProperty("org.apache.cxf.http.header.split");
+        EasyMock.expectLastCall().andReturn("true");
         m.get(Message.PROTOCOL_HEADERS);
         MetadataMap<String, String> headers = createHeader("COMPLEX_HEADER", 
             "a1=\"a\", a2=\"a\";param, b, b;param, c1=\"c, d, e\", "
@@ -100,6 +104,8 @@ public class HttpHeadersImplTest extends
     public void testGetHeaderWithQuotes2() throws Exception {
         
         Message m = control.createMock(Message.class);
+        m.getContextualProperty("org.apache.cxf.http.header.split");
+        EasyMock.expectLastCall().andReturn("true");
         m.get(Message.PROTOCOL_HEADERS);
         MetadataMap<String, String> headers = 
             createHeader("X-WSSE", "UsernameToken Username=\"Foo\", Nonce=\"bar\"");
@@ -118,6 +124,8 @@ public class HttpHeadersImplTest extends
     public void testGetHeaderWithQuotes3() throws Exception {
         
         Message m = control.createMock(Message.class);
+        m.getContextualProperty("org.apache.cxf.http.header.split");
+        EasyMock.expectLastCall().andReturn("true");
         m.get(Message.PROTOCOL_HEADERS);
         MetadataMap<String, String> headers = 
             createHeader("COMPLEX_HEADER", "\"value with space\"");
@@ -138,6 +146,8 @@ public class HttpHeadersImplTest extends
         Message m = control.createMock(Message.class);
         m.get(Message.PROTOCOL_HEADERS);
         EasyMock.expectLastCall().andReturn(createHeaders());
+        m.getContextualProperty("org.apache.cxf.http.header.split");
+        EasyMock.expectLastCall().andReturn("true");
         control.replay();
         HttpHeaders h = new HttpHeadersImpl(m);
         MultivaluedMap<String, String> hs = h.getRequestHeaders();
@@ -236,6 +246,8 @@ public class HttpHeadersImplTest extends
     public void testGetHeader() throws Exception {
         
         Message m = control.createMock(Message.class);
+        m.getContextualProperty("org.apache.cxf.http.header.split");
+        EasyMock.expectLastCall().andReturn("true");
         m.get(Message.PROTOCOL_HEADERS);
         EasyMock.expectLastCall().andReturn(createHeaders());
         control.replay();
@@ -386,6 +398,8 @@ public class HttpHeadersImplTest extends
     public void testUnmodifiableRequestHeaders() throws Exception {
         
         Message m = control.createMock(Message.class);
+        m.getContextualProperty("org.apache.cxf.http.header.split");
+        EasyMock.expectLastCall().andReturn("true");
         m.get(Message.PROTOCOL_HEADERS);
         MetadataMap<String, String> headers = 
             createHeader(HttpHeaders.ACCEPT_LANGUAGE, 

Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/JAXRSUtilsTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/JAXRSUtilsTest.java?rev=1437532&r1=1437531&r2=1437532&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/JAXRSUtilsTest.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/test/java/org/apache/cxf/jaxrs/utils/JAXRSUtilsTest.java
Wed Jan 23 16:09:03 2013
@@ -1468,6 +1468,7 @@ public class JAXRSUtilsTest extends Asse
         headers.add("Foo", "bar, baz");
         
         Message m = new MessageImpl();
+        m.put("org.apache.cxf.http.header.split", "true");
         m.put(Message.PROTOCOL_HEADERS, headers);
         
         List<Object> params = 

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java?rev=1437532&r1=1437531&r2=1437532&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
Wed Jan 23 16:09:03 2013
@@ -477,7 +477,7 @@ public class CrossOriginResourceSharingF
         for (String value : values) {
             String[] items = splitPattern.split(value);
             for (String item : items) {
-                results.add(item);
+                results.add(item.trim());
             }
         }
         return results;

Modified: cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java?rev=1437532&r1=1437531&r2=1437532&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java
(original)
+++ cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java
Wed Jan 23 16:09:03 2013
@@ -86,6 +86,7 @@ public class BookServer extends Abstract
 
         sf.getProperties(true).put("org.apache.cxf.jaxrs.mediaTypeCheck.strict", true);
         sf.getProperties().put("search.visitor", new SQLPrinterVisitor<SearchBean>("books"));
+        sf.getProperties().put("org.apache.cxf.http.header.split", true);
         server = sf.create();
         BusFactory.setDefaultBus(null);
         BusFactory.setThreadDefaultBus(null);

Modified: cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/resources/jaxrs_non_spring/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/resources/jaxrs_non_spring/WEB-INF/web.xml?rev=1437532&r1=1437531&r2=1437532&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/resources/jaxrs_non_spring/WEB-INF/web.xml
(original)
+++ cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/resources/jaxrs_non_spring/WEB-INF/web.xml
Wed Jan 23 16:09:03 2013
@@ -70,6 +70,12 @@
 		      </param-value>    
 		</init-param>
 		<init-param>
+			  <param-name>jaxrs.properties</param-name>
+			  <param-value>
+			    org.apache.cxf.http.header.split=true
+			  </param-value>
+			 </init-param>
+		<init-param>
 		      <param-name>jaxrs.application.address.ignore</param-name>
 		      <param-value>true</param-value>    
 		</init-param>



Mime
View raw message