geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r440396 - in /geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc: URLPatternSpec.java WebResourcePermission.java WebUserDataPermission.java
Date Tue, 05 Sep 2006 16:46:39 GMT
Author: adc
Date: Tue Sep  5 09:46:38 2006
New Revision: 440396

URL: http://svn.apache.org/viewvc?view=rev&rev=440396
Log:
GERONIMO-2327 Need to encode colons for JACC web permissions

Modified:
    geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/URLPatternSpec.java
    geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebResourcePermission.java
    geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebUserDataPermission.java

Modified: geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/URLPatternSpec.java
URL: http://svn.apache.org/viewvc/geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/URLPatternSpec.java?view=diff&rev=440396&r1=440395&r2=440396
==============================================================================
--- geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/URLPatternSpec.java
(original)
+++ geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/URLPatternSpec.java
Tue Sep  5 09:46:38 2006
@@ -25,9 +25,10 @@
 
 import java.util.Iterator;
 import java.util.LinkedList;
+import javax.servlet.http.HttpServletRequest;
+
 
 /**
- *
  * @version $Rev$ $Date$
  */
 final class URLPatternSpec {
@@ -46,7 +47,7 @@
         first = new URLPattern(tokens[0]);
 
         URLPattern candidate;
-        for (int i=1; i<tokens.length; i++) {
+        for (int i = 1; i < tokens.length; i++) {
             candidate = new URLPattern(tokens[i]);
 
             // No pattern may exist in the URLPatternList that matches the first pattern.
@@ -54,18 +55,16 @@
                 throw new java.lang.IllegalArgumentException("Qualifier patterns in the URLPatternSpec
cannot match the first URLPattern");
             }
 
-            if (first.type == URLPattern.PATH_PREFIX ) {
+            if (first.type == URLPattern.PATH_PREFIX) {
 
                 // If the first pattern is a path-prefix pattern, only exact patterns
                 // matched by the first pattern and path-prefix patterns matched by,
                 // but different from, the first pattern may occur in the URLPatternList.
 
-                if (candidate.type == URLPattern.EXACT && !first.matches(candidate))
-                {
+                if (candidate.type == URLPattern.EXACT && !first.matches(candidate))
{
                     throw new java.lang.IllegalArgumentException("Exact qualifier patterns
in the URLPatternSpec must be matched by the first URLPattern");
-                }
-                else if (candidate.type == URLPattern.PATH_PREFIX
-                         && !(first.matches(candidate) && first.pattern.length()
< candidate.pattern.length()))
+                } else if (candidate.type == URLPattern.PATH_PREFIX
+                           && !(first.matches(candidate) && first.pattern.length()
< candidate.pattern.length()))
                 {
                     throw new java.lang.IllegalArgumentException("path-prefix qualifier patterns
in the URLPatternSpec must be matched by, but different from, the first URLPattern");
                 } else if (candidate.type == URLPattern.EXTENSION) {
@@ -125,7 +124,7 @@
         // of this permission.
         Iterator iter1 = qualifiers.iterator();
         while (iter1.hasNext()) {
-            if (((URLPattern)iter1.next()).matches(p.first)) return false;
+            if (((URLPattern) iter1.next()).matches(p.first)) return false;
         }
 
         // If the first URLPattern in the name of the argument permission
@@ -138,11 +137,11 @@
 
             while (iter2.hasNext()) {
                 Iterator iter3 = qualifiers.iterator();
-                URLPattern test = (URLPattern)iter2.next();
+                URLPattern test = (URLPattern) iter2.next();
                 boolean found = false;
 
                 while (iter3.hasNext()) {
-                    if (test.matches((URLPattern)iter3.next())) {
+                    if (test.matches((URLPattern) iter3.next())) {
                         found = true;
                         break;
                     }
@@ -154,11 +153,21 @@
         return true;
     }
 
+    static String encodeColons(HttpServletRequest request) {
+        String result = request.getServletPath() + (request.getPathInfo() == null ? "" :
request.getPathInfo());
+
+        if (result.indexOf("%3A") > -1) result = result.replaceAll("%3A", "%3A%3A");
+        if (result.indexOf(":") > -1) result = result.replaceAll(":", "%3A");
+
+        return result;
+    }
+
     private class URLPattern {
-        public final static int EXACT       = 0x0;
+
+        public final static int EXACT = 0x0;
         public final static int PATH_PREFIX = 0x1;
-        public final static int EXTENSION   = 0x2;
-        public final static int DEFAULT     = 0x4;
+        public final static int EXTENSION = 0x2;
+        public final static int DEFAULT = 0x4;
 
         public int type;
         public String pattern;
@@ -167,7 +176,7 @@
             if (pat == null) throw new java.lang.IllegalArgumentException("URLPattern cannot
be null");
             if (pat.length() == 0) throw new java.lang.IllegalArgumentException("URLPattern
cannot be empty");
 
-            if (pat.equals("/") || pat.equals("/*") ) {
+            if (pat.equals("/") || pat.equals("/*")) {
                 type = DEFAULT;
             } else if (pat.charAt(0) == '/' && pat.endsWith("/*")) {
                 type = PATH_PREFIX;
@@ -194,10 +203,10 @@
                 // 2 characters, and the next character of the argument pattern,
                 // if there is one, is "/"
                 case PATH_PREFIX: {
-                    int length = pattern.length()-2;
+                    int length = pattern.length() - 2;
                     if (length > test.length()) return false;
 
-                    for (int i=0; i<length; i++) {
+                    for (int i = 0; i < length; i++) {
                         if (pattern.charAt(i) != test.charAt(i)) return false;
                     }
 

Modified: geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebResourcePermission.java
URL: http://svn.apache.org/viewvc/geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebResourcePermission.java?view=diff&rev=440396&r1=440395&r2=440396
==============================================================================
--- geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebResourcePermission.java
(original)
+++ geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebResourcePermission.java
Tue Sep  5 09:46:38 2006
@@ -44,7 +44,7 @@
     public WebResourcePermission(HttpServletRequest request) {
         super(request.getServletPath());
 
-        urlPatternSpec = new URLPatternSpec(request.getServletPath() + (request.getPathInfo()
== null ? "" : request.getPathInfo()));
+        urlPatternSpec = new URLPatternSpec(URLPatternSpec.encodeColons(request));
         httpMethodSpec = new HTTPMethodSpec(request.getMethod(), HTTPMethodSpec.NA);
     }
 

Modified: geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebUserDataPermission.java
URL: http://svn.apache.org/viewvc/geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebUserDataPermission.java?view=diff&rev=440396&r1=440395&r2=440396
==============================================================================
--- geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebUserDataPermission.java
(original)
+++ geronimo/specs/branches/1_1_1/geronimo-spec-j2ee-jacc/src/main/java/javax/security/jacc/WebUserDataPermission.java
Tue Sep  5 09:46:38 2006
@@ -66,7 +66,7 @@
     public WebUserDataPermission(HttpServletRequest request) {
         super(request.getServletPath());
 
-        urlPatternSpec = new URLPatternSpec(request.getServletPath());
+        urlPatternSpec = new URLPatternSpec(URLPatternSpec.encodeColons(request));
         httpMethodSpec = new HTTPMethodSpec(request.getMethod(), request.isSecure()? HTTPMethodSpec.CONFIDENTIAL:
HTTPMethodSpec.NONE);
     }
 



Mime
View raw message