Repository: syncope Updated Branches: refs/heads/master 209459d0c -> ce0621c6a
Enabling secure processing on DBF + TF instances Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/ce0621c6 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/ce0621c6 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/ce0621c6 Branch: refs/heads/master Commit: ce0621c6ae7ce5ef77c69f30dcc1e6f8de5991e3 Parents: 209459d Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Jul 6 15:01:30 2016 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Jul 6 15:01:30 2016 +0100 ---------------------------------------------------------------------- .../java/org/apache/syncope/client/cli/util/XMLUtils.java | 10 ++++++++-- .../syncope/core/logic/report/ReportJobDelegate.java | 1 + .../core/persistence/jpa/content/XMLContentExporter.java | 1 + .../apache/syncope/core/logic/init/CamelRouteLoader.java | 2 ++ .../syncope/installer/utilities/FileSystemUtils.java | 1 + .../apache/syncope/installer/utilities/MavenUtils.java | 1 + 6 files changed, 14 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/ce0621c6/client/cli/src/main/java/org/apache/syncope/client/cli/util/XMLUtils.java ---------------------------------------------------------------------- diff --git a/client/cli/src/main/java/org/apache/syncope/client/cli/util/XMLUtils.java b/client/cli/src/main/java/org/apache/syncope/client/cli/util/XMLUtils.java index ba50431..ad3cf39 100644 --- a/client/cli/src/main/java/org/apache/syncope/client/cli/util/XMLUtils.java +++ b/client/cli/src/main/java/org/apache/syncope/client/cli/util/XMLUtils.java @@ -37,8 +37,14 @@ public final class XMLUtils { public static void createXMLFile(final InputStream sis, final String filePath) throws TransformerException, SAXException, IOException, ParserConfigurationException { - TransformerFactory.newInstance().newTransformer(). - transform(new DOMSource(DocumentBuilderFactory.newInstance().newDocumentBuilder(). + DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); + + TransformerFactory tf = TransformerFactory.newInstance(); + tf.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); + + tf.newTransformer(). + transform(new DOMSource(dbf.newDocumentBuilder(). parse(new InputSource(new StringReader(IOUtils.toString(sis))))), new StreamResult(new File(filePath))); } http://git-wip-us.apache.org/repos/asf/syncope/blob/ce0621c6/core/logic/src/main/java/org/apache/syncope/core/logic/report/ReportJobDelegate.java ---------------------------------------------------------------------- diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/report/ReportJobDelegate.java b/core/logic/src/main/java/org/apache/syncope/core/logic/report/ReportJobDelegate.java index 2d040d9..a87c1de 100644 --- a/core/logic/src/main/java/org/apache/syncope/core/logic/report/ReportJobDelegate.java +++ b/core/logic/src/main/java/org/apache/syncope/core/logic/report/ReportJobDelegate.java @@ -104,6 +104,7 @@ public class ReportJobDelegate { zos.setLevel(Deflater.BEST_COMPRESSION); try { SAXTransformerFactory tFactory = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); + tFactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); handler = tFactory.newTransformerHandler(); Transformer serializer = handler.getTransformer(); serializer.setOutputProperty(OutputKeys.ENCODING, SyncopeConstants.DEFAULT_ENCODING); http://git-wip-us.apache.org/repos/asf/syncope/blob/ce0621c6/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/content/XMLContentExporter.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/content/XMLContentExporter.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/content/XMLContentExporter.java index 0e7d059..4f7c3a4 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/content/XMLContentExporter.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/content/XMLContentExporter.java @@ -316,6 +316,7 @@ public class XMLContentExporter extends AbstractContentDealer implements Content StreamResult streamResult = new StreamResult(os); final SAXTransformerFactory transformerFactory = (SAXTransformerFactory) SAXTransformerFactory.newInstance(); + transformerFactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); TransformerHandler handler = transformerFactory.newTransformerHandler(); Transformer serializer = handler.getTransformer(); http://git-wip-us.apache.org/repos/asf/syncope/blob/ce0621c6/ext/camel/logic/src/main/java/org/apache/syncope/core/logic/init/CamelRouteLoader.java ---------------------------------------------------------------------- diff --git a/ext/camel/logic/src/main/java/org/apache/syncope/core/logic/init/CamelRouteLoader.java b/ext/camel/logic/src/main/java/org/apache/syncope/core/logic/init/CamelRouteLoader.java index 18d9ce7..f44a648 100644 --- a/ext/camel/logic/src/main/java/org/apache/syncope/core/logic/init/CamelRouteLoader.java +++ b/ext/camel/logic/src/main/java/org/apache/syncope/core/logic/init/CamelRouteLoader.java @@ -154,7 +154,9 @@ public class CamelRouteLoader implements SyncopeLoader { // When https://issues.jboss.org/browse/WFLY-4416 is resolved, this is not needed any more if (IS_JBOSS) { tf = TransformerFactory.newInstance(); + tf.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance(); + dbFactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); DocumentBuilder dBuilder = dbFactory.newDocumentBuilder(); Document doc = dBuilder.parse(resource.getInputStream()); http://git-wip-us.apache.org/repos/asf/syncope/blob/ce0621c6/installer/src/main/java/org/apache/syncope/installer/utilities/FileSystemUtils.java ---------------------------------------------------------------------- diff --git a/installer/src/main/java/org/apache/syncope/installer/utilities/FileSystemUtils.java b/installer/src/main/java/org/apache/syncope/installer/utilities/FileSystemUtils.java index b3ea05f..ab725c3 100644 --- a/installer/src/main/java/org/apache/syncope/installer/utilities/FileSystemUtils.java +++ b/installer/src/main/java/org/apache/syncope/installer/utilities/FileSystemUtils.java @@ -139,6 +139,7 @@ public class FileSystemUtils { TransformerException { try { final TransformerFactory factory = TransformerFactory.newInstance(); + factory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); final Transformer transformer = factory.newTransformer(); transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "no"); transformer.setOutputProperty(OutputKeys.METHOD, "xml"); http://git-wip-us.apache.org/repos/asf/syncope/blob/ce0621c6/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java ---------------------------------------------------------------------- diff --git a/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java b/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java index cb47f04..e2bc097 100644 --- a/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java +++ b/installer/src/main/java/org/apache/syncope/installer/utilities/MavenUtils.java @@ -165,6 +165,7 @@ public class MavenUtils { tempSettingsXML.createNewFile(); final DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); + dbf.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true); final DocumentBuilder builder = dbf.newDocumentBuilder(); // parse settings.xml final Document settings = builder.parse(settingsXML);