You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by sm...@apache.org on 2022/09/15 13:07:13 UTC
[knox] branch master updated: KNOX-2804 - Escaping values in generated XML before trying to parse that XML using SAX (#632)
This is an automated email from the ASF dual-hosted git repository.
smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new e46ec513a KNOX-2804 - Escaping values in generated XML before trying to parse that XML using SAX (#632)
e46ec513a is described below
commit e46ec513a2f1d8a14fd4e08cb8a868b05756c5bc
Author: Sandor Molnar <sm...@apache.org>
AuthorDate: Thu Sep 15 15:07:09 2022 +0200
KNOX-2804 - Escaping values in generated XML before trying to parse that XML using SAX (#632)
---
.../simple/SimpleDescriptorHandlerTest.java | 20 ++++++++++++++++++++
.../conf-full/conf/descriptors/test-topology.json | 8 ++++++++
.../conf/shared-providers/test-providers.json | 22 ++++++++++++++++++++++
gateway-topology-simple/pom.xml | 4 ++++
.../topology/simple/SimpleDescriptorHandler.java | 7 ++++---
5 files changed, 58 insertions(+), 3 deletions(-)
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java
index 462308920..49f4c3bc9 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java
@@ -19,6 +19,7 @@ package org.apache.knox.gateway.topology.simple;
import org.apache.commons.io.FileUtils;
import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.GatewayServices;
import org.apache.knox.gateway.topology.validation.TopologyValidator;
import org.apache.knox.gateway.util.XmlUtils;
import org.easymock.EasyMock;
@@ -857,6 +858,25 @@ public class SimpleDescriptorHandlerTest {
}
}
+ @Test
+ public void testJsonHandler() throws Exception {
+ File topologyFile = null;
+ try {
+ final File destDir = new File(System.getProperty("java.io.tmpdir")).getCanonicalFile();
+ final File descriptorFile = new File(SimpleDescriptorHandlerTest.class.getResource("/conf-full/conf/descriptors/test-topology.json").getFile());
+ final GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
+ final Map<String, File> handleResult = SimpleDescriptorHandler.handle(null, descriptorFile, destDir, gatewayServices);
+ topologyFile = handleResult.get(SimpleDescriptorHandler.RESULT_TOPOLOGY);
+ final Document topologyXml = XmlUtils.readXml(topologyFile);
+ assertThat(topologyXml, hasXPath("/topology/service/role", is(equalTo("KNOX"))));
+ assertThat(topologyXml, hasXPath("/topology/gateway/provider/name", is(equalTo("ShiroProvider"))));
+ } finally {
+ if (topologyFile != null) {
+ topologyFile.delete();
+ }
+ }
+ }
+
private File writeProviderConfig(String path, String content) throws IOException {
File f = new File(path);
FileUtils.write(f, content, StandardCharsets.UTF_8);
diff --git a/gateway-server/src/test/resources/conf-full/conf/descriptors/test-topology.json b/gateway-server/src/test/resources/conf-full/conf/descriptors/test-topology.json
new file mode 100644
index 000000000..a8c173f11
--- /dev/null
+++ b/gateway-server/src/test/resources/conf-full/conf/descriptors/test-topology.json
@@ -0,0 +1,8 @@
+{
+ "provider-config-ref": "test-providers",
+ "services": [
+ {
+ "name": "KNOX"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/gateway-server/src/test/resources/conf-full/conf/shared-providers/test-providers.json b/gateway-server/src/test/resources/conf-full/conf/shared-providers/test-providers.json
new file mode 100644
index 000000000..7139d1208
--- /dev/null
+++ b/gateway-server/src/test/resources/conf-full/conf/shared-providers/test-providers.json
@@ -0,0 +1,22 @@
+{
+ "providers" : [ {
+ "role" : "authentication",
+ "name" : "ShiroProvider",
+ "enabled" : true,
+ "params" : {
+ "main.ldapContextFactory" : "org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory",
+ "main.ldapRealm" : "org.apache.knox.gateway.shirorealm.KnoxLdapRealm",
+ "main.ldapRealm.authenticationCachingEnabled" : "false",
+ "main.ldapRealm.contextFactory" : "$ldapContextFactory",
+ "main.ldapRealm.contextFactory.authenticationMechanism" : "simple",
+ "main.ldapRealm.contextFactory.url" : "ldap://localhost:33389",
+ "main.ldapRealm.userDnTemplate" : "uid=0ou=people,dc=hadoop,dc=apache,dc=org",
+ "main.ldapRealm.userSearchFilter" : "(&(&(objectclass=person)(sAMAccountName={0}))(|(memberOf=CN=SecXX-users,OU=ManagedGroups,OU=Groups,OU=XX,OU=xx,DC=xx,DC=int)(memberOf=CN=SecXX-rls-serviceuser,OU=ManagedGroups,OU=Groups,OU=XX,OU=xx,DC=xx,DC=int)))",
+ "redirectToUrl" : "/${GATEWAY_PATH}/knoxsso/knoxauth/login.html",
+ "restrictedCookies" : "rememberme,WWW-Authenticate",
+ "sessionTimeout" : "30",
+ "urls./**" : "authcBasic"
+ }
+ } ],
+ "readOnly" : true
+}
\ No newline at end of file
diff --git a/gateway-topology-simple/pom.xml b/gateway-topology-simple/pom.xml
index 681d8b42a..358e5243b 100644
--- a/gateway-topology-simple/pom.xml
+++ b/gateway-topology-simple/pom.xml
@@ -66,6 +66,10 @@
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-text</artifactId>
+ </dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
diff --git a/gateway-topology-simple/src/main/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandler.java b/gateway-topology-simple/src/main/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandler.java
index 0b50cd015..7ef0c6adc 100644
--- a/gateway-topology-simple/src/main/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandler.java
+++ b/gateway-topology-simple/src/main/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandler.java
@@ -16,6 +16,7 @@
*/
package org.apache.knox.gateway.topology.simple;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.i18n.messages.MessagesFactory;
import org.apache.knox.gateway.services.ServiceType;
@@ -465,7 +466,7 @@ public class SimpleDescriptorHandler {
for (Map.Entry<String, String> param : provider.getParams().entrySet()) {
sw.write(" <param>\n");
sw.write(" <name>" + param.getKey() + "</name>\n");
- sw.write(" <value>" + param.getValue() + "</value>\n");
+ sw.write(" <value>" + StringEscapeUtils.escapeXml11(param.getValue()) + "</value>\n");
sw.write(" </param>\n");
}
@@ -559,7 +560,7 @@ public class SimpleDescriptorHandler {
if (!(svcParam.getKey().toLowerCase(Locale.ROOT)).startsWith(SimpleDescriptor.DISCOVERY_PARAM_PREFIX)) {
sw.write(" <param>\n");
sw.write(" <name>" + svcParam.getKey() + "</name>\n");
- sw.write(" <value>" + svcParam.getValue() + "</value>\n");
+ sw.write(" <value>" + StringEscapeUtils.escapeXml11(svcParam.getValue()) + "</value>\n");
sw.write(" </param>\n");
}
}
@@ -589,7 +590,7 @@ public class SimpleDescriptorHandler {
for (Entry<String, String> entry : appParams.entrySet()) {
sw.write(" <param>\n");
sw.write(" <name>" + entry.getKey() + "</name>\n");
- sw.write(" <value>" + entry.getValue() + "</value>\n");
+ sw.write(" <value>" + StringEscapeUtils.escapeXml11(entry.getValue()) + "</value>\n");
sw.write(" </param>\n");
}
}