[jboss-cvs] Picketbox SVN: r331 - in trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox: util and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon May 28 10:44:08 EDT 2012
Author: pskopek at redhat.com
Date: 2012-05-28 10:44:08 -0400 (Mon, 28 May 2012)
New Revision: 331
Modified:
trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/StringUtil.java
Log:
[SECURITY-658] - fixed handling of backslash in propertie inserted to options using $\{..\}. \n- fix for handling default value separator in AS7 \(":" instead of "::" for PicketBox\).
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java 2012-05-02 22:26:01 UTC (rev 330)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/plugins/vault/PicketBoxSecurityVault.java 2012-05-28 14:44:08 UTC (rev 331)
@@ -136,7 +136,8 @@
String keystoreURL = (String) options.get(KEYSTORE_URL);
if(keystoreURL == null)
throw new SecurityVaultException(ErrorCodes.NULL_VALUE + "Null " + KEYSTORE_URL);
- keystoreURL = StringUtil.getSystemPropertyAsString(keystoreURL);
+ keystoreURL = StringUtil.getSystemPropertyAsString(keystoreURL.replaceAll(":",
+ StringUtil.PROPERTY_DEFAULT_SEPARATOR)); // replace single ":" with PL default
String maskedPassword = (String) options.get(KEYSTORE_PASSWORD);
if(maskedPassword == null)
@@ -172,7 +173,8 @@
ObjectInputStream mapIS = null;
try
{
- decodedEncFileDir = StringUtil.getSystemPropertyAsString(encFileDir);
+ decodedEncFileDir = StringUtil.getSystemPropertyAsString(encFileDir.replaceAll(":",
+ StringUtil.PROPERTY_DEFAULT_SEPARATOR)); // replace single ":" with PL default
if(directoryExists(decodedEncFileDir) == false)
throw new SecurityVaultException(ErrorCodes.PROCESSING_FAILED + decodedEncFileDir + " does not exist");
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/StringUtil.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/StringUtil.java 2012-05-02 22:26:01 UTC (rev 330)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/picketbox/util/StringUtil.java 2012-05-28 14:44:08 UTC (rev 331)
@@ -42,6 +42,8 @@
*/
public class StringUtil
{
+ public static final String PROPERTY_DEFAULT_SEPARATOR = "::";
+
/**
* Check whether the passed string is null or empty
* @param str
@@ -101,10 +103,10 @@
String defaultValue = "";
//Look for default value
- if (subString.contains("::"))
+ if (subString.contains(StringUtil.PROPERTY_DEFAULT_SEPARATOR))
{
- int index = subString.indexOf("::");
- defaultValue = subString.substring(index + 2);
+ int index = subString.indexOf(StringUtil.PROPERTY_DEFAULT_SEPARATOR);
+ defaultValue = subString.substring(index + StringUtil.PROPERTY_DEFAULT_SEPARATOR.length());
subString = subString.substring(0, index);
}
sysPropertyValue = SecurityActions.getSystemProperty(subString, defaultValue);
@@ -112,7 +114,8 @@
{
throw new IllegalArgumentException(ErrorCodes.NULL_VALUE + "System Property missing:" + matcher.group(1));
}
- matcher.appendReplacement(buffer, sysPropertyValue);
+ // in case of backslash on Win replace with double backslash
+ matcher.appendReplacement(buffer, sysPropertyValue.replace("\\", "\\\\"));
}
matcher.appendTail(buffer);
More information about the jboss-cvs-commits
mailing list