[jira] [Resolved] (SYNCOPE-418) Special chars break REST URLs

Fri, 20 Sep 2013 06:57:17 -0700 

     [ 
https://issues.apache.org/jira/browse/SYNCOPE-418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Francesco Chicchiriccò resolved SYNCOPE-418.
--------------------------------------------

    Resolution: Fixed

1_1_X: http://svn.apache.org/r1524988 http://svn.apache.org/r1524998
trunk: http://svn.apache.org/r1525004
                
> Special chars break REST URLs
> -----------------------------
>
>                 Key: SYNCOPE-418
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-418
>             Project: Syncope
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.1.3
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>             Fix For: 1.1.4, 1.2.0
>
>
> Some entities have String keys that are currently accepted without any 
> specific bound (schema, resources, config parameters).
> When, for example, a value like as an URL is provided, nothing special 
> happens during creation (because such value is embedded into a transfer 
> object); however, any subsequent read or delete, which would require passing 
> the entity key as part of the REST URL, will fail either with Spring MVC and 
> CXF.
> For example, as reported in mailing list [1], a user schema with name 
> 'http://schemas.examples.org/security/authorization/organizationUnit' can be 
> created but will then be impossible to read or even delete since the REST URL 
> would be something like as
> http://localhost:9080syncope/rest/schema/USER/read/http://schemas.examples.org/security/authorization/organizationUnit
> After some search, it seems that it is neither Spring MVC nor CXF problem, 
> but instead the JEE container (like as Tomcat, for example) that needs some 
> special configuration for handling such URLs (see CXF-4207 for more details).
> The most logical and straightforward solution seems to be just setting some 
> limits for the characters admitted; at a first glance, alphanumeric plus some 
> special characters (space, _, -, @, .) should be fine.
> [1] 
> http://syncope-user.1051894.n5.nabble.com/Remove-attribute-in-user-schema-td5707312.html

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to