geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan <xhh...@gmail.com>
Subject Re: svn commit: r980317 - /geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java
Date Thu, 29 Jul 2010 07:06:30 GMT
Yes, I have considered this while I did the changes, the URLPattern
overrides the equal and hashCode methods, so the result of them are totally
depending on the String field pattern in the class, also each
getQualifiedPattern invocation, a HashSet is passed in. So I am thinking
that the initial patterns have already been filtered. There should be no
duplicate items. Please correct me if I miss anything :-)
I found Jarek opened a JIRA for the web security issue with Equonix
platform, is it caused by this change ?

2010/7/29 David Jencks <david_jencks@yahoo.com>

> I'm not sure it would make a difference to the effect of the permission you
> end up with, but the code with the hashset eliminates duplicates.  I think
> you can have duplicates in the "everything leftover" permission (IIRC
> /:<path1>:<path2>:<path3:....)  if some paths have different permissions
for
> different http methods.  I don't have an example and haven't looked at more
> than this much of the code so I could easily be wrong.
>
> thanks
> david jencks
>
> On Jul 28, 2010, at 11:12 PM, Ivan wrote:
>
> Hi, Jarek:
>     What is the difference between the old one and the new one ? While I
> did it in the past, I just feel that there is no need to create an extra
> HashSet.
>
> 2010/7/29 <gawor@apache.org>
>
>> Author: gawor
>> Date: Thu Jul 29 05:54:33 2010
>> New Revision: 980317
>>
>> URL: http://svn.apache.org/viewvc?rev=980317&view=rev
>> Log:
>> restore old code which seems to work better
>>
>> Modified:
>>
>>  geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java
>>
>> Modified:
>> geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java
>> URL:
>> http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java?rev=980317&r1=980316&r2=980317&view=diff
>>
>> ==============================================================================
>> ---
>> geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java
>> (original)
>> +++
>> geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java
>> Thu Jul 29 05:54:33 2010
>> @@ -76,21 +76,20 @@ public class URLPattern {
>>         if (type == EXACT) {
>>             return pattern;
>>         } else {
>> -            //HashSet<String> bucket = new HashSet<String>();
>> +            HashSet<String> bucket = new HashSet<String>();
>>             StringBuilder result = new StringBuilder(pattern);
>> +
>>             // Collect a set of qualifying patterns, depending on the type
>> of this pattern.
>>             for (URLPattern p : patterns) {
>>                 if (type.check(this, p)) {
>> -                    //bucket.add(p.pattern);
>> -                    result.append(':');
>> -                    result.append(p.pattern);
>> +                    bucket.add(p.pattern);
>>                 }
>>             }
>>             // append the set of qualifying patterns
>> -            /*for (String aBucket : bucket) {
>> +            for (String aBucket : bucket) {
>>                 result.append(':');
>>                 result.append(aBucket);
>> -            }*/
>> +            }
>>             return result.toString();
>>         }
>>     }
>>
>>
>>
>
>
> --
> Ivan
>
>
>


-- 
Ivan

Mime
View raw message