[jboss-identity-issues] [JBoss JIRA] Updated: (JBID-37) Some minor bugs

Monday, 26 January 2009



     [
https://jira.jboss.org/jira/browse/JBID-37?page=com.atlassian.jira.plugin...
]

Marc Schoenefeld updated JBID-37:
---------------------------------

    Priority: Minor  (was: Major)


...
 Some minor bugs
 ---------------

                 Key: JBID-37
                 URL: https://jira.jboss.org/jira/browse/JBID-37
             Project: JBoss Identity
          Issue Type: Bug
    Affects Versions: 1.0.0.alpha1
            Reporter: Marc Schoenefeld
            Assignee: Anil Saldhana
            Priority: Minor

 1) Possible NPE with ldapContext
 public class LDAPIdentityStoreImpl implements IdentityStore
 {
  public List<SearchResult> searchIdentityObjects(IdentityStoreInvocationContext
ctx,
                                                    String[] entryCtxs,
                                                    String filter,
                                                    Object[] filterArgs,
                                                    String[] returningAttributes,
                                                    Control[] requestControls) throws
NamingException, IdentityException
    {
       LdapContext ldapContext = getLDAPContext(ctx);
       if (ldapContext != null)
       {
          ldapContext.setRequestControls(requestControls);
       }
       NamingEnumeration results = null;
       try
       {
          SearchControls searchControls = new SearchControls();
          searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
          searchControls.setReturningObjFlag(true);
          searchControls.setTimeLimit(getConfiguration(ctx).getSearchTimeLimit());
          if (returningAttributes != null)
          {
             searchControls.setReturningAttributes(returningAttributes);
          }
          if (entryCtxs.length == 1)
          {
             if (filterArgs == null)
             {
                results = ldapContext.search(entryCtxs[0], filter, searchControls);
             }
             else
             {
                results = ldapContext.search(entryCtxs[0], filter, filterArgs,
searchControls);
             }
             return Tools.toList(results);
 2) Credentials object not immutable, "value" can be changed after  creation, 
 public class BinaryCredential extends AbstractCredential
 {
    private final byte[] value;
    public static final SimpleCredentialType TYPE = new
SimpleCredentialType("BINARY");
    public BinaryCredential(byte[] value)
    {
       super(TYPE);
 ==>      this.value = value;
 better   this.value = value.clone();
 same with public class SimpleLDAPIdentityObjectTypeConfiguration : ctxDNS
    public String[] getCtxDNs() : better return clone, don't let untrusted code modify
ctxdns 
 dito for SimpleLDAPIdentityObjectTypeConfiguration.allowedMembershipTypes and also in
other places where mutable arrays are returned 
 3) Dead code: 
  - object result in HibernateIdentityStoreImpl.getAttribute is useless
  - object iot in PersistenceManagerImpl.removeIdentity is useless
  - object names in HibernateIdentityStoreImpl.getRelationshipNames is useless 
-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[jboss-identity-issues] [JBoss JIRA] Updated: (JBID-37) Some minor bugs