[
https://issues.apache.org/jira/browse/CXF-9112?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Freeman Yue Fang updated CXF-9112:
----------------------------------
Fix Version/s: 4.1.1
> OAuthRequestFilter: Better to use CXF StringUtils to check if
> servletPath|pathInfo isEmpty or not
> -------------------------------------------------------------------------------------------------
>
> Key: CXF-9112
> URL: https://issues.apache.org/jira/browse/CXF-9112
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Affects Versions: 4.1.0
> Reporter: Freeman Yue Fang
> Assignee: Freeman Yue Fang
> Priority: Major
> Fix For: 4.1.1
>
>
> Changes like
> {code}
> ---
> a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
> +++
> b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
> @@ -204,14 +204,14 @@ public class OAuthRequestFilter extends
> AbstractAccessTokenValidator
> }
> String servletPath = request.getServletPath();
> String pathInfo = request.getPathInfo();
> - if (pathInfo == null) {
> + if (StringUtils.isEmpty(pathInfo)) {
> if (servletPath != null) {
> servletPath += "";
> }
> } else {
> servletPath += pathInfo;
> }
> - if (servletPath == null) {
> + if (StringUtils.isEmpty(servletPath)) {
> servletPath = (String)m.get(Message.PATH_INFO);
> }
> {code}
> can honour both Jetty and Undertow as HTTP server engine
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
