Author: dkulp
Date: Thu Oct 29 14:53:55 2009
New Revision: 830979
URL: http://svn.apache.org/viewvc?rev=830979&view=rev
Log:
Merged revisions 830967 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r830967 | dkulp | 2009-10-29 10:41:07 -0400 (Thu, 29 Oct 2009) | 1 line
[CXF-1791] Add an extra NPE and AIOOBE guard.
........
Modified:
cxf/branches/2.2.x-fixes/ (props changed)
cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified:
cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=830979&r1=830978&r2=830979&view=diff
==============================================================================
---
cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
(original)
+++
cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Thu Oct 29 14:53:55 2009
@@ -138,23 +138,25 @@
if (requestHeaders.containsKey("Authorization")) {
List<String> authorizationLines =
requestHeaders.get("Authorization");
String credentials = authorizationLines.get(0);
- String authType = credentials.split(" ")[0];
- if ("Basic".equals(authType)) {
- String authEncoded = credentials.split(" ")[1];
- try {
- String authDecoded = new
String(Base64Utility.decode(authEncoded));
- String authInfo[] = authDecoded.split(":");
- String username = (authInfo.length > 0) ? authInfo[0] : "";
- // Below line for systems that blank out password after
authentication;
- // see CXF-1495 for more info
- String password = (authInfo.length > 1) ? authInfo[1] : "";
- AuthorizationPolicy policy = new AuthorizationPolicy();
- policy.setUserName(username);
- policy.setPassword(password);
-
- message.put(AuthorizationPolicy.class, policy);
- } catch (Base64Exception ex) {
- //ignore, we'll leave things alone. They can try decoding
it themselves
+ if (credentials != null &&
!StringUtils.isEmpty(credentials.trim())) {
+ String authType = credentials.split(" ")[0];
+ if ("Basic".equals(authType)) {
+ String authEncoded = credentials.split(" ")[1];
+ try {
+ String authDecoded = new
String(Base64Utility.decode(authEncoded));
+ String authInfo[] = authDecoded.split(":");
+ String username = (authInfo.length > 0) ? authInfo[0]
: "";
+ // Below line for systems that blank out password
after authentication;
+ // see CXF-1495 for more info
+ String password = (authInfo.length > 1) ? authInfo[1]
: "";
+ AuthorizationPolicy policy = new AuthorizationPolicy();
+ policy.setUserName(username);
+ policy.setPassword(password);
+
+ message.put(AuthorizationPolicy.class, policy);
+ } catch (Base64Exception ex) {
+ //ignore, we'll leave things alone. They can try
decoding it themselves
+ }
}
}
}
