[jboss-jira] [JBoss JIRA] Commented: (JBREM-809) Verify that the behavior of the HTTPUnMarshaller re stripping CR and LF characters is correct

Ron Sigal (JIRA) jira-events at lists.jboss.org
Fri Feb 8 05:14:03 EST 2008 

    [ http://jira.jboss.com/jira/browse/JBREM-809?page=comments#action_12398876 ] 
            
Ron Sigal commented on JBREM-809:
---------------------------------

org.jboss.remoting.marshal.http.HTTPUnMarshaller can optionally preserve line feed / carriage return characters. 

To do so, the configuration parameter HTTPUnMarshaller.PRESERVE_LINES (actual value "preserveLines") must have a value of "true" in the metadata map passed to HTTPUnMarshaller.read().  

On the server side, org.jboss.remoting.transport.coyote.CoyoteInvoker may be configured with the PRESERVE_LINES parameter by

1. putting it in the org.jboss.remoting.ServerConfiguration object to be injected by the Microcontainer (when running in the Application Server)
2. putting it in the configuration map passed to the org.jboss.remoting.transport.Connector
3. adding it to the org.jboss.remoting.InvokerLocator

CoyoteInvoker will then pass the configured value to the HTTPUnMarshaller.

On the client side, org.jboss.remoting.transport.http.HTTPClientInvoker may be configured with the PRESERVE_LINES parameter by

1. putting it in the configuration map passed to the org.jboss.remoting.Client constructor
2. adding it to the org.jboss.remoting.InvokerLocator
3. putting it in the metadata map passed to org.jboss.remoting.Client.invoke().

HTTPClientInvoker will then pass the configured value to the HTTPUnMarshaller.

Unit tests:

org.jboss.test.remoting.transport.http.lines.HttpLinePreservationTestCase
org.jboss.test.remoting.transport.http.ssl.lines.HttpsLinePreservationTestCase

Waiting for hudson results.


> Verify that the behavior of the HTTPUnMarshaller re stripping CR and LF characters is correct
> ---------------------------------------------------------------------------------------------
>
>                 Key: JBREM-809
>                 URL: http://jira.jboss.com/jira/browse/JBREM-809
>             Project: JBoss Remoting
>          Issue Type: Task
>      Security Level: Public(Everyone can see) 
>          Components: marshall
>    Affects Versions: 2.4.0.Beta1 (Pinto), 2.2.2.SP1
>            Reporter: Tom Fennelly
>         Assigned To: Ron Sigal
>             Fix For: 2.4.0.CR1 (Pinto)
>
>
> At the moment, the HTTPUnMarshaller uses a BufferedReader to read a HTTP char stream.  This causes it to modify the message payload by removing the CR and LF characters.  This causes a problem for us on the ESB because it means that signature checks fail on signed SOAP messages since the sig was generated from the message containing the CR and LF chars.  It's even worse than that... it actually corrupts the signature within the message because the canonical form of the sig contains CRLF chars.
> We got around this in the ESB (in the short term) by setting our own modified version of the HTTPUnMarshaller - one that doesn't use a BufferedReader.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list