Author: dkulp Date: Thu Oct 29 14:59:43 2009 New Revision: 830986 URL: http://svn.apache.org/viewvc?rev=830986&view=rev Log: Merged revisions 830979 via svnmerge from https://svn.apache.org/repos/asf/cxf/branches/2.2.x-fixes
................ r830979 | dkulp | 2009-10-29 10:53:55 -0400 (Thu, 29 Oct 2009) | 9 lines Merged revisions 830967 via svnmerge from https://svn.apache.org/repos/asf/cxf/trunk ........ r830967 | dkulp | 2009-10-29 10:41:07 -0400 (Thu, 29 Oct 2009) | 1 line [CXF-1791] Add an extra NPE and AIOOBE guard. ........ ................ Modified: cxf/branches/2.1.x-fixes/ (props changed) cxf/branches/2.1.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java Propchange: cxf/branches/2.1.x-fixes/ ------------------------------------------------------------------------------ Binary property 'svnmerge-integrated' - no diff available. Modified: cxf/branches/2.1.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java URL: http://svn.apache.org/viewvc/cxf/branches/2.1.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=830986&r1=830985&r2=830986&view=diff ============================================================================== --- cxf/branches/2.1.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java (original) +++ cxf/branches/2.1.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java Thu Oct 29 14:59:43 2009 @@ -131,23 +131,25 @@ if (requestHeaders.containsKey("Authorization")) { List<String> authorizationLines = requestHeaders.get("Authorization"); String credentials = authorizationLines.get(0); - String authType = credentials.split(" ")[0]; - if ("Basic".equals(authType)) { - String authEncoded = credentials.split(" ")[1]; - try { - String authDecoded = new String(Base64Utility.decode(authEncoded)); - String authInfo[] = authDecoded.split(":"); - String username = (authInfo.length > 0) ? authInfo[0] : ""; - // Below line for systems that blank out password after authentication; - // see CXF-1495 for more info - String password = (authInfo.length > 1) ? authInfo[1] : ""; - AuthorizationPolicy policy = new AuthorizationPolicy(); - policy.setUserName(username); - policy.setPassword(password); - - message.put(AuthorizationPolicy.class, policy); - } catch (Base64Exception ex) { - //ignore, we'll leave things alone. They can try decoding it themselves + if (credentials != null && !StringUtils.isEmpty(credentials.trim())) { + String authType = credentials.split(" ")[0]; + if ("Basic".equals(authType)) { + String authEncoded = credentials.split(" ")[1]; + try { + String authDecoded = new String(Base64Utility.decode(authEncoded)); + String authInfo[] = authDecoded.split(":"); + String username = (authInfo.length > 0) ? authInfo[0] : ""; + // Below line for systems that blank out password after authentication; + // see CXF-1495 for more info + String password = (authInfo.length > 1) ? authInfo[1] : ""; + AuthorizationPolicy policy = new AuthorizationPolicy(); + policy.setUserName(username); + policy.setPassword(password); + + message.put(AuthorizationPolicy.class, policy); + } catch (Base64Exception ex) { + //ignore, we'll leave things alone. They can try decoding it themselves + } } } }
