client should not get listing of existing EPRS when invalid EPR is specified
----------------------------------------------------------------------------
Key: MUSE-257
URL: https://issues.apache.org/jira/browse/MUSE-257
Project: Muse
Issue Type: Bug
Environment: Muse 2.2.0
Reporter: Vinh Nguyen
Assignee: Dan Jemiolo
When a client specifies an invalid EPR, Muse throws a SoapFault and lists the
current EPRs on the server. This is a possible security issue. Instead, Muse
should just say "invalid EPR", and then just internally log the error with the
list of existing EPRs to make it easier to debug on the server side.
The problem is in SimpleResourceRouter.getTargetResource(). This is where it
throws the fault.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
