Francesco Chicchiriccò created SYNCOPE-418:
----------------------------------------------
Summary: Special chars break REST URLs
Key: SYNCOPE-418
URL: https://issues.apache.org/jira/browse/SYNCOPE-418
Project: Syncope
Issue Type: Bug
Components: core
Affects Versions: 1.1.3
Reporter: Francesco Chicchiriccò
Assignee: Francesco Chicchiriccò
Fix For: 1.1.4, 1.2.0
Some entities have String keys that are currently accepted without any specific
bound (schema, resources, config parameters).
When, for example, a value like as an URL is provided, nothing special happens
during creation (because such value is embedded into a transfer object);
however, any subsequent read or delete, which would require passing the entity
key as part of the REST URL, will fail either with Spring MVC and CXF.
For example, as [reported in mailing
list|http://syncope-user.1051894.n5.nabble.com/Remove-attribute-in-user-schema-td5707312.html],
a user schema with name
'http://schemas.examples.org/security/authorization/organizationUnit' can be
created but will then be impossible to read or even delete since the REST URL
would be something like as
http://localhost:9080syncope/rest/schema/USER/read/http://schemas.examples.org/security/authorization/organizationUnit
After some search, it seems that it is neither Spring MVC nor CXF problem, but
instead the JEE container (like as Tomcat, for example) that needs some special
configuration for handling such URLs (see CXF-4207 for more details).
The most logical and straightforward solution seems to be just setting some
limits for the characters admitted; at a first glance, alphanumeric plus some
special characters (space, _, -, @, .) should be fine.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
