geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

The CasaIdentityToken class has been updated to escape strings stored in

Browse Source 
CasaIdentityTokens which may contain XML reserved characters.
This commit is contained in:
Juan Carlos Luciani
2007-06-06 21:12:00 +00:00
parent cb1de1c2cc
commit f41b81a004
3 changed files with 46 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java
View File

@@ -46,6 +46,7 @@ import org.xml.sax.helpers.XMLReaderFactory;
import org.bandit.util.config.Realm;
import org.apache.log4j.Logger;
import org.apache.commons.lang.StringEscapeUtils;
/**
* CasaIdentityToken Class.
@@ -335,6 +336,9 @@ public final class CasaIdentityToken implements IdentityToken
// Verify that we are processing the expected tag
if (idElementName.equalsIgnoreCase(qName))
{
// Un-escape the identity id
m_casaIdentToken.m_identityId = StringEscapeUtils.unescapeXml(m_casaIdentToken.m_identityId);
// Advance to the next state
m_state = AWAITING_SOURCE_NAME_ELEMENT_START;
}
@@ -402,6 +406,40 @@ public final class CasaIdentityToken implements IdentityToken
break;
case AWAITING_ATTRIBUTE_END:
// If necessary, un-escape the attribute data.
if (!m_encryptedAttrs)
{
Attribute attrib = m_casaIdentToken.m_attributes.remove(m_currAttribute);
if (attrib != null)
{
try
{
String attribData = (String) attrib.get();
if (attribData != null)
{
m_casaIdentToken.m_attributes.put(m_currAttribute,
StringEscapeUtils.unescapeXml(attribData));
}
else
{
m_log.error("SAXHandler.endElement()- Attribute data not found");
throw new SAXException("Attribute data not found");
}
}
catch (NamingException e)
{
m_log.error("SAXHandler.endElement()- Attribute data not found");
throw new SAXException("Attribute data not found", e);
}
}
else
{
m_log.error("SAXHandler.endElement()- Attribute not found");
throw new SAXException("Attribute not found");
}
}
// Advance to the next state
m_state = AWAITING_ATTRIBUTE_START;
break;
@@ -746,7 +784,7 @@ public final class CasaIdentityToken implements IdentityToken
StringBuffer sb = new StringBuffer();
sb.append(ProtoDefs.xmlDeclaration); sb.append("\r\n");
sb.append("<"); sb.append(casaIdentTokElementName); sb.append(">"); sb.append("\r\n");
sb.append("<"); sb.append(idElementName); sb.append(">"); sb.append(identityId); sb.append("</"); sb.append(idElementName); sb.append(">\r\n");
sb.append("<"); sb.append(idElementName); sb.append(">"); sb.append(StringEscapeUtils.escapeXml(identityId)); sb.append("</"); sb.append(idElementName); sb.append(">\r\n");
sb.append("<"); sb.append(sourceNameElementName); sb.append(">"); sb.append(sourceName); sb.append("</"); sb.append(sourceNameElementName); sb.append(">\r\n");
sb.append("<"); sb.append(sourceUrlElementName); sb.append(">"); sb.append(m_sourceUrl); sb.append("</"); sb.append(sourceUrlElementName); sb.append(">\r\n");
sb.append("<"); sb.append(targetServiceElementName); sb.append(">"); sb.append(m_service); sb.append("</"); sb.append(targetServiceElementName); sb.append(">\r\n");
@@ -793,7 +831,7 @@ public final class CasaIdentityToken implements IdentityToken
else
{
// Assume the attribute value is of type String
sb.append("<"); sb.append(attr.getID()); sb.append(">"); sb.append(attrValue); sb.append("</"); sb.append(attr.getID()); sb.append(">\r\n");
sb.append("<"); sb.append(attr.getID()); sb.append(">"); sb.append(StringEscapeUtils.escapeXml((String) attrValue)); sb.append("</"); sb.append(attr.getID()); sb.append(">\r\n");
}
}
}