[jboss-cvs] Picketbox SVN: r229 - trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Jun 21 10:55:05 EDT 2011
Author: mmoyses
Date: 2011-06-21 10:55:05 -0400 (Tue, 21 Jun 2011)
New Revision: 229
Added:
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/SecurityActions.java
Modified:
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/LdapAttributeMappingProvider.java
Log:
SECURITY-438: fixing NPE when attribute list is null
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/LdapAttributeMappingProvider.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/LdapAttributeMappingProvider.java 2011-06-15 15:43:12 UTC (rev 228)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/LdapAttributeMappingProvider.java 2011-06-21 14:55:05 UTC (rev 229)
@@ -120,7 +120,6 @@
this.options = options;
}
- @SuppressWarnings("unchecked")
public void performMapping(Map<String, Object> map, List<Attribute<String>> mappedObject)
{
List<Attribute<String>> attributeList = new ArrayList<Attribute<String>>();
@@ -165,8 +164,11 @@
}
InitialLdapContext ctx;
+ ClassLoader currentTCCL = SecurityActions.getContextClassLoader();
try
{
+ if (currentTCCL != null)
+ SecurityActions.setContextClassLoader(null);
ctx = this.constructInitialLdapContext(bindDN, bindCredential);
}
catch (NamingException e)
@@ -205,7 +207,7 @@
constraints.setReturningAttributes(neededAttributes);
- NamingEnumeration results = null;
+ NamingEnumeration<SearchResult> results = null;
Object[] filterArgs = {user};
try
@@ -218,7 +220,7 @@
results.close();
throw new NamingException("Search of baseDN(" + baseDN + ") found no matches");
}
- SearchResult sr = (SearchResult) results.next();
+ SearchResult sr = results.next();
String name = sr.getName();
String userDN = null;
if (sr.isRelative() == true)
@@ -256,6 +258,10 @@
{
if (results != null)
results.close();
+ if (ctx != null)
+ ctx.close();
+ if (currentTCCL != null)
+ SecurityActions.setContextClassLoader(currentTCCL);
}
}catch(NamingException ne)
{
@@ -283,14 +289,13 @@
}
- @SuppressWarnings("unchecked")
private InitialLdapContext constructInitialLdapContext(String dn, Object credential) throws NamingException
{
Properties env = new Properties();
- Iterator iter = options.entrySet().iterator();
+ Iterator<Entry<String, Object>> iter = options.entrySet().iterator();
while (iter.hasNext())
{
- Entry entry = (Entry) iter.next();
+ Entry<String, Object> entry = iter.next();
env.put(entry.getKey(), entry.getValue());
}
@@ -333,10 +338,13 @@
private String[] getNeededAttributes(String commaSeparatedList)
{
ArrayList<String> arrayList = new ArrayList<String>();
- StringTokenizer st = new StringTokenizer(commaSeparatedList,",");
- while(st.hasMoreTokens())
+ if (commaSeparatedList != null)
{
- arrayList.add(st.nextToken());
+ StringTokenizer st = new StringTokenizer(commaSeparatedList,",");
+ while(st.hasMoreTokens())
+ {
+ arrayList.add(st.nextToken());
+ }
}
String[] strArr = new String[arrayList.size()];
return arrayList.toArray(strArr);
Added: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/SecurityActions.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/SecurityActions.java (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/mapping/providers/attribute/SecurityActions.java 2011-06-21 14:55:05 UTC (rev 229)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.mapping.providers.attribute;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 26, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ static Void setContextClassLoader(final ClassLoader cl)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<Void>()
+ {
+ public Void run()
+ {
+ Thread.currentThread().setContextClassLoader(cl);
+ return null;
+ }
+ });
+ }
+
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list