[jboss-jira] [JBoss JIRA] (SECURITY-653) JBossPDP isDirectory called should check if the argument is of file pattern
[
https://issues.jboss.org/browse/SECURITY-653?page=com.atlassian.jira.plug...
]
Josef Cacek commented on SECURITY-653:
--------------------------------------
The fix solves the mentioned use-case, but I think it's still not correct and it will
cause problems if the policies location is a directory.
There is no guarantee the folder path will be prefixed by the scheme (file:).
E.g. there could be policyConfig.xml with
<{urn:jboss:xacml:2.0}Location>path/to/policies/folder</{urn:jboss:xacml:2.0}Location>
for which the isDirectory() call returns false, because it's not starting with
"file".
JBossPDP isDirectory called should check if the argument is of file
pattern
---------------------------------------------------------------------------
Key: SECURITY-653
URL: https://issues.jboss.org/browse/SECURITY-653
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossXACML
Affects Versions: jbossxacml_2.0.6.Final
Reporter: Anil Saldhana
Assignee: Anil Saldhana
Fix For: picketbox_xacml_2.0.8.Final
Attachments: jbossxacml-2.0.8-SNAPSHOT.jar
https://issues.jboss.org/browse/JBPAPP-8462 has an exception for the AS7 environment.
======================
15:51:51,112 ERROR
[org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/pdp].[SOAPSAMLXACMLPDPServlet]]
(http--127.0.0.1-8080-1) Allocate exception for servlet SOAPSAMLXACMLPDPServlet:
java.lang.IllegalArgumentException: URI scheme is not "file"
at java.io.File.<init>(File.java:366) [rt.jar:1.6.0_31]
at org.jboss.security.xacml.core.JBossPDP.isDirectory(JBossPDP.java:590)
[jbossxacml-2.0.6.Final.jar:2.0.6.Final]
at org.jboss.security.xacml.core.JBossPDP.addPolicySets(JBossPDP.java:466)
[jbossxacml-2.0.6.Final.jar:2.0.6.Final]
at org.jboss.security.xacml.core.JBossPDP.bootstrap(JBossPDP.java:344)
[jbossxacml-2.0.6.Final.jar:2.0.6.Final]
at org.jboss.security.xacml.core.JBossPDP.<init>(JBossPDP.java:157)
[jbossxacml-2.0.6.Final.jar:2.0.6.Final]
at
org.picketlink.identity.federation.core.pdp.SOAPSAMLXACMLPDP.getPDP(SOAPSAMLXACMLPDP.java:126)
[picketlink-fed-2.0.2.Final.jar:2.0.2.Final]
at
org.picketlink.identity.federation.core.pdp.SOAPSAMLXACMLPDP.<init>(SOAPSAMLXACMLPDP.java:75)
[picketlink-fed-2.0.2.Final.jar:2.0.2.Final]
==========================
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira