Return-Path: 
 <dev-return-84506-apmail-geronimo-dev-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-dev-archive@www.apache.org
Received: (qmail 88993 invoked from network); 29 Jul 2010 15:05:47 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 29 Jul 2010 15:05:47 -0000
Received: (qmail 59342 invoked by uid 500); 29 Jul 2010 15:05:46 -0000
Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org
Received: (qmail 59273 invoked by uid 500); 29 Jul 2010 15:05:46 -0000
Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:dev-help@geronimo.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@geronimo.apache.org>
List-Post: <mailto:dev@geronimo.apache.org>
Reply-To: dev@geronimo.apache.org
List-Id: <dev.geronimo.apache.org>
Delivered-To: mailing list dev@geronimo.apache.org
Received: (qmail 59266 invoked by uid 99); 29 Jul 2010 15:05:45 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Jul 2010 15:05:45 +0000
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of jgawor@gmail.com designates
 209.85.212.54 as permitted sender)
Received: from [209.85.212.54] (HELO mail-vw0-f54.google.com) (209.85.212.54)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Jul 2010 15:05:39 +0000
Received: by vws7 with SMTP id 7so388588vws.13
        for <dev@geronimo.apache.org>; Thu, 29 Jul 2010 08:05:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:received:in-reply-to
         :references:date:message-id:subject:from:to:content-type
         :content-transfer-encoding;
        bh=sJHLW2LM7ZmbYlwbsGdv9MRYKj19lXJtW0REmNL2kQo=;
        b=auo5tnZ/RTk6dLj1YQH2bdWW1n3B97fv38leaNm1o7Lq57iE4T+jxx5IivXhUG+B5s
         u59edOKoBUVvC4KV6Vqbu2HekgXg7/rL0rLb1Gt2xmy0zZALe4Q3eSdnA4lfSCOSl/FL
         hxdFpHOBuz/OwfOGpGkUPl5YBG0+BIAnePuog=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        b=etUswn3s6bjS/qg83XJTYXz9d0d91TmV4bOcUqsdz9kJuAhKbolYqhSryFrp3WO+ZR
         Knq+tM3F5tggeEEX2h2NJT/2OOfFi+/JeM/gscIJY7gxwU0FFt19Zs8h+44QZPn/wkgi
         NYPYYnqIOnf8FkrYfKxNOz4Bv8EOppmxbii5Q=
MIME-Version: 1.0
Received: by 10.220.161.201 with SMTP id s9mr85614vcx.277.1280415917988; Thu,
	29 Jul 2010 08:05:17 -0700 (PDT)
Received: by 10.220.160.82 with HTTP; Thu, 29 Jul 2010 08:05:17 -0700 (PDT)
In-Reply-To: <AANLkTi=_UnmupOXDV2tR6AuLKnp=x3fDujhs38fTsM58@mail.gmail.com>
References: <20100729055433.7A20F238897D@eris.apache.org>
	<AANLkTikiahAGj7z32W9BkMtG1rsoT0ccm0rNSw-ms8Cf@mail.gmail.com>
	<C3E46D3A-21F4-48AC-814C-DEF5D7EFEC51@yahoo.com>
	<AANLkTi=_UnmupOXDV2tR6AuLKnp=x3fDujhs38fTsM58@mail.gmail.com>
Date: Thu, 29 Jul 2010 11:05:17 -0400
Message-ID: <AANLkTinrTS_Ox8r6dqyOmTtbUZgOorfb4TLActyoRhQy@mail.gmail.com>
Subject: Re: svn commit: r980317 -
 /geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java
From: Jarek Gawor <jgawor@gmail.com>
To: dev@geronimo.apache.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

The end result with the old code was that less Permission objects were
created which made things easier to debug and it's a bit better from
performance point of view.

Jarek

On Thu, Jul 29, 2010 at 3:06 AM, Ivan <xhhsld@gmail.com> wrote:
> Yes, I have considered this while I did the changes, the URLPattern
> overrides the equal and hashCode methods, so the result of them are total=
ly
> depending on the String field pattern in the class, also each
> getQualifiedPattern invocation, a HashSet is passed in. So I am thinking
> that the initial patterns have already been filtered. There should be no
> duplicate items. Please correct me if I miss anything :-)
> I found Jarek opened a JIRA for the web security issue with Equonix
> platform, is it caused by this change ?
>
> 2010/7/29 David Jencks <david_jencks@yahoo.com>
>>
>> I'm not sure it would make a difference to the effect of the permission
>> you end up with, but the code with the hashset eliminates duplicates. =
=A0I
>> think you can have duplicates in the "everything leftover" permission (I=
IRC
>> /:<path1>:<path2>:<path3:....) =A0if some paths have different permissio=
ns for
>> different http methods. =A0I don't have an example and haven't looked at=
 more
>> than this much of the code so I could easily be wrong.
>> thanks
>> david jencks
>> On Jul 28, 2010, at 11:12 PM, Ivan wrote:
>>
>> Hi, Jarek:
>> =A0=A0=A0 What is the difference between the old one and the new one ? W=
hile I
>> did it in the past, I just feel that there is no need to create an extra
>> HashSet.
>>
>> 2010/7/29 <gawor@apache.org>
>>>
>>> Author: gawor
>>> Date: Thu Jul 29 05:54:33 2010
>>> New Revision: 980317
>>>
>>> URL: http://svn.apache.org/viewvc?rev=3D980317&view=3Drev
>>> Log:
>>> restore old code which seems to work better
>>>
>>> Modified:
>>>
>>> =A0geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/ap=
ache/geronimo/web/security/URLPattern.java
>>>
>>> Modified:
>>> geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apach=
e/geronimo/web/security/URLPattern.java
>>> URL:
>>> http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/j2ee/geronim=
o-web/src/main/java/org/apache/geronimo/web/security/URLPattern.java?rev=3D=
980317&r1=3D980316&r2=3D980317&view=3Ddiff
>>>
>>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
>>> ---
>>> geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apach=
e/geronimo/web/security/URLPattern.java
>>> (original)
>>> +++
>>> geronimo/server/trunk/plugins/j2ee/geronimo-web/src/main/java/org/apach=
e/geronimo/web/security/URLPattern.java
>>> Thu Jul 29 05:54:33 2010
>>> @@ -76,21 +76,20 @@ public class URLPattern {
>>> =A0 =A0 =A0 =A0 if (type =3D=3D EXACT) {
>>> =A0 =A0 =A0 =A0 =A0 =A0 return pattern;
>>> =A0 =A0 =A0 =A0 } else {
>>> - =A0 =A0 =A0 =A0 =A0 =A0//HashSet<String> bucket =3D new HashSet<Strin=
g>();
>>> + =A0 =A0 =A0 =A0 =A0 =A0HashSet<String> bucket =3D new HashSet<String>=
();
>>> =A0 =A0 =A0 =A0 =A0 =A0 StringBuilder result =3D new StringBuilder(patt=
ern);
>>> +
>>> =A0 =A0 =A0 =A0 =A0 =A0 // Collect a set of qualifying patterns, depend=
ing on the
>>> type of this pattern.
>>> =A0 =A0 =A0 =A0 =A0 =A0 for (URLPattern p : patterns) {
>>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 if (type.check(this, p)) {
>>> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0//bucket.add(p.pattern);
>>> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0result.append(':');
>>> - =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0result.append(p.pattern);
>>> + =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0bucket.add(p.pattern);
>>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 }
>>> =A0 =A0 =A0 =A0 =A0 =A0 }
>>> =A0 =A0 =A0 =A0 =A0 =A0 // append the set of qualifying patterns
>>> - =A0 =A0 =A0 =A0 =A0 =A0/*for (String aBucket : bucket) {
>>> + =A0 =A0 =A0 =A0 =A0 =A0for (String aBucket : bucket) {
>>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 result.append(':');
>>> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 result.append(aBucket);
>>> - =A0 =A0 =A0 =A0 =A0 =A0}*/
>>> + =A0 =A0 =A0 =A0 =A0 =A0}
>>> =A0 =A0 =A0 =A0 =A0 =A0 return result.toString();
>>> =A0 =A0 =A0 =A0 }
>>> =A0 =A0 }
>>>
>>>
>>
>>
>>
>> --
>> Ivan
>>
>
>
>
> --
> Ivan
>