syncope-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilgro...@apache.org
Subject [1/3] syncope git commit: [SYNCOPE-1041] Enable secure XML processing - thanks Colm for suggestion
Date Fri, 31 Mar 2017 14:43:42 GMT
Repository: syncope
Updated Branches:
  refs/heads/2_0_X 40fa8614f -> dd7a74a2c
  refs/heads/master 5411181b8 -> b0f0381d8


[SYNCOPE-1041] Enable secure XML processing - thanks Colm for suggestion


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/dd7a74a2
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/dd7a74a2
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/dd7a74a2

Branch: refs/heads/2_0_X
Commit: dd7a74a2c7fa58270f3eed48b13be9331eecdeb6
Parents: 40fa861
Author: Francesco Chicchiriccò <ilgrosso@apache.org>
Authored: Fri Mar 31 16:32:45 2017 +0200
Committer: Francesco Chicchiriccò <ilgrosso@apache.org>
Committed: Fri Mar 31 16:32:45 2017 +0200

----------------------------------------------------------------------
 .../syncope/core/logic/saml2/SAML2ReaderWriter.java     | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/dd7a74a2/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
index 964759a..baa3882 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
@@ -28,6 +28,7 @@ import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.security.KeyStore;
 import java.util.zip.DataFormatException;
+import javax.xml.XMLConstants;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.transform.Transformer;
 import javax.xml.transform.TransformerConfigurationException;
@@ -56,7 +57,16 @@ public class SAML2ReaderWriter {
 
     private static final Logger LOG = LoggerFactory.getLogger(SAML2ReaderWriter.class);
 
-    private static final TransformerFactory TRANSFORMER_FACTORY = TransformerFactory.newInstance();
+    private static final TransformerFactory TRANSFORMER_FACTORY;
+
+    static {
+        TRANSFORMER_FACTORY = TransformerFactory.newInstance();
+        try {
+            TRANSFORMER_FACTORY.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+        } catch (TransformerConfigurationException e) {
+            LOG.error("Could not enable secure XML processing", e);
+        }
+    }
 
     @Autowired
     private SAML2SPLoader loader;


Mime
View raw message