Author: klape
Date: 2013-04-05 19:00:54 -0400 (Fri, 05 Apr 2013)
New Revision: 17458
Modified:
stack/cxf/branches/jbossws-cxf-3.1.2.SP13-JBPAPP-10701/modules/server/src/main/java/org/jboss/wsf/stack/cxf/DescriptorDeploymentAspect.java
Log:
[JBPAPP-10701] Fix for ClassNotFoundException when enabling the fix for CVE-2012-2319
Modified:
stack/cxf/branches/jbossws-cxf-3.1.2.SP13-JBPAPP-10701/modules/server/src/main/java/org/jboss/wsf/stack/cxf/DescriptorDeploymentAspect.java
===================================================================
---
stack/cxf/branches/jbossws-cxf-3.1.2.SP13-JBPAPP-10701/modules/server/src/main/java/org/jboss/wsf/stack/cxf/DescriptorDeploymentAspect.java 2013-04-05
22:59:58 UTC (rev 17457)
+++
stack/cxf/branches/jbossws-cxf-3.1.2.SP13-JBPAPP-10701/modules/server/src/main/java/org/jboss/wsf/stack/cxf/DescriptorDeploymentAspect.java 2013-04-05
23:00:54 UTC (rev 17458)
@@ -234,26 +234,28 @@
}
for (String ep : endpoints)
{
- Class<?> clazz = cl.loadClass(ep);
- String wl = null;
- if (clazz.isAnnotationPresent(WebService.class)) {
- WebService wsa = clazz.getAnnotation(WebService.class);
- wl = wsa.wsdlLocation();
- String epIf = wsa.endpointInterface();
- if(epIf != null && !epIf.isEmpty()) {
- Class<?> epIfClass = cl.loadClass(epIf);
- WebService epIfWsa = epIfClass.getAnnotation(WebService.class);
- if (epIfWsa != null && epIfWsa.wsdlLocation() != null
&& !epIfWsa.wsdlLocation().isEmpty()) {
- wl = epIfWsa.wsdlLocation();
+ if (!ep.startsWith("#")) {
+ Class<?> clazz = cl.loadClass(ep);
+ String wl = null;
+ if (clazz.isAnnotationPresent(WebService.class)) {
+ WebService wsa = clazz.getAnnotation(WebService.class);
+ wl = wsa.wsdlLocation();
+ String epIf = wsa.endpointInterface();
+ if(epIf != null && !epIf.isEmpty()) {
+ Class<?> epIfClass = cl.loadClass(epIf);
+ WebService epIfWsa = epIfClass.getAnnotation(WebService.class);
+ if (epIfWsa != null && epIfWsa.wsdlLocation() != null
&& !epIfWsa.wsdlLocation().isEmpty()) {
+ wl = epIfWsa.wsdlLocation();
+ }
}
+ } else {
+ WebServiceProvider wsp =
clazz.getAnnotation(WebServiceProvider.class);
+ wl = wsp.wsdlLocation();
}
- } else {
- WebServiceProvider wsp = clazz.getAnnotation(WebServiceProvider.class);
- wl = wsp.wsdlLocation();
+ if (wl != null && !wl.trim().isEmpty()) {
+ wsdlLocations.add(wl);
+ }
}
- if (wl != null && !wl.trim().isEmpty()) {
- wsdlLocations.add(wl);
- }
}
//then check wsdl files for contract first endpoints
for (String w : wsdlLocations) {
@@ -297,6 +299,14 @@
{
endpoints.add(reader.getAttributeValue(null,
searchAttributeName).trim());
}
+
+ else if (search && StAXUtils.match(reader,
"http://www.springframework.org/schema/beans", "bean"))
+ {
+ if (reader.getAttributeValue(null, "id") != null)
+ {
+ endpoints.add(reader.getAttributeValue(null,
"class").trim());
+ }
+ }
}
}
}
Show replies by thread