[ https://issues.apache.org/jira/browse/SYNCOPE-418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Francesco Chicchiriccò resolved SYNCOPE-418. -------------------------------------------- Resolution: Fixed 1_1_X: http://svn.apache.org/r1524988 http://svn.apache.org/r1524998 trunk: http://svn.apache.org/r1525004 > Special chars break REST URLs > ----------------------------- > > Key: SYNCOPE-418 > URL: https://issues.apache.org/jira/browse/SYNCOPE-418 > Project: Syncope > Issue Type: Bug > Components: core > Affects Versions: 1.1.3 > Reporter: Francesco Chicchiriccò > Assignee: Francesco Chicchiriccò > Fix For: 1.1.4, 1.2.0 > > > Some entities have String keys that are currently accepted without any > specific bound (schema, resources, config parameters). > When, for example, a value like as an URL is provided, nothing special > happens during creation (because such value is embedded into a transfer > object); however, any subsequent read or delete, which would require passing > the entity key as part of the REST URL, will fail either with Spring MVC and > CXF. > For example, as reported in mailing list [1], a user schema with name > 'http://schemas.examples.org/security/authorization/organizationUnit' can be > created but will then be impossible to read or even delete since the REST URL > would be something like as > http://localhost:9080syncope/rest/schema/USER/read/http://schemas.examples.org/security/authorization/organizationUnit > After some search, it seems that it is neither Spring MVC nor CXF problem, > but instead the JEE container (like as Tomcat, for example) that needs some > special configuration for handling such URLs (see CXF-4207 for more details). > The most logical and straightforward solution seems to be just setting some > limits for the characters admitted; at a first glance, alphanumeric plus some > special characters (space, _, -, @, .) should be fine. > [1] > http://syncope-user.1051894.n5.nabble.com/Remove-attribute-in-user-schema-td5707312.html -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira