SEC-219: Support complex tokenization scenarios.
This commit is contained in:
parent
14683dcbc7
commit
948f79e2e2
|
@ -1,4 +1,4 @@
|
|||
/* Copyright 2004 Acegi Technology Pty Limited
|
||||
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
@ -18,11 +18,10 @@ package org.acegisecurity.intercept.web;
|
|||
import org.acegisecurity.ConfigAttributeDefinition;
|
||||
import org.acegisecurity.ConfigAttributeEditor;
|
||||
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import java.beans.PropertyEditorSupport;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
|
@ -116,13 +115,19 @@ public class FilterInvocationDefinitionSourceEditor
|
|||
continue;
|
||||
}
|
||||
|
||||
// Tokenize the line into its name/value tokens
|
||||
String[] nameValue = StringUtils.delimitedListToStringArray(line, "=");
|
||||
String name = nameValue[0];
|
||||
String value = nameValue[1];
|
||||
if (line.lastIndexOf("==") != -1) {
|
||||
throw new IllegalArgumentException(
|
||||
"Only single equals should be used in line " + line);
|
||||
}
|
||||
|
||||
if(!StringUtils.hasLength(name) || !StringUtils.hasLength(value)) {
|
||||
throw new IllegalArgumentException("Failed to parse a valid name/value pair from " + line);
|
||||
// Tokenize the line into its name/value tokens
|
||||
// As per SEC-219, use the LAST equals as the delimiter between LHS and RHS
|
||||
String name = StringUtils.substringBeforeLast(line, "=");
|
||||
String value = StringUtils.substringAfterLast(line, "=");
|
||||
|
||||
if (StringUtils.isBlank(name) || StringUtils.isBlank(value)) {
|
||||
throw new IllegalArgumentException(
|
||||
"Failed to parse a valid name/value pair from " + line);
|
||||
}
|
||||
|
||||
// Convert value to series of security configuration attributes
|
||||
|
|
Loading…
Reference in New Issue