You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2009/10/29 15:53:56 UTC
svn commit: r830979 - in /cxf/branches/2.2.x-fixes: ./
rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Author: dkulp
Date: Thu Oct 29 14:53:55 2009
New Revision: 830979
URL: http://svn.apache.org/viewvc?rev=830979&view=rev
Log:
Merged revisions 830967 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r830967 | dkulp | 2009-10-29 10:41:07 -0400 (Thu, 29 Oct 2009) | 1 line
[CXF-1791] Add an extra NPE and AIOOBE guard.
........
Modified:
cxf/branches/2.2.x-fixes/ (props changed)
cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=830979&r1=830978&r2=830979&view=diff
==============================================================================
--- cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java (original)
+++ cxf/branches/2.2.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java Thu Oct 29 14:53:55 2009
@@ -138,23 +138,25 @@
if (requestHeaders.containsKey("Authorization")) {
List<String> authorizationLines = requestHeaders.get("Authorization");
String credentials = authorizationLines.get(0);
- String authType = credentials.split(" ")[0];
- if ("Basic".equals(authType)) {
- String authEncoded = credentials.split(" ")[1];
- try {
- String authDecoded = new String(Base64Utility.decode(authEncoded));
- String authInfo[] = authDecoded.split(":");
- String username = (authInfo.length > 0) ? authInfo[0] : "";
- // Below line for systems that blank out password after authentication;
- // see CXF-1495 for more info
- String password = (authInfo.length > 1) ? authInfo[1] : "";
- AuthorizationPolicy policy = new AuthorizationPolicy();
- policy.setUserName(username);
- policy.setPassword(password);
-
- message.put(AuthorizationPolicy.class, policy);
- } catch (Base64Exception ex) {
- //ignore, we'll leave things alone. They can try decoding it themselves
+ if (credentials != null && !StringUtils.isEmpty(credentials.trim())) {
+ String authType = credentials.split(" ")[0];
+ if ("Basic".equals(authType)) {
+ String authEncoded = credentials.split(" ")[1];
+ try {
+ String authDecoded = new String(Base64Utility.decode(authEncoded));
+ String authInfo[] = authDecoded.split(":");
+ String username = (authInfo.length > 0) ? authInfo[0] : "";
+ // Below line for systems that blank out password after authentication;
+ // see CXF-1495 for more info
+ String password = (authInfo.length > 1) ? authInfo[1] : "";
+ AuthorizationPolicy policy = new AuthorizationPolicy();
+ policy.setUserName(username);
+ policy.setPassword(password);
+
+ message.put(AuthorizationPolicy.class, policy);
+ } catch (Base64Exception ex) {
+ //ignore, we'll leave things alone. They can try decoding it themselves
+ }
}
}
}