[Yanel-commits] rev 50706 - in
public/yanel/trunk/src/contributions/resources/security-api/src:
build java/org/wyona/yanel/impl/resources/securityapi
michi at wyona.com
michi at wyona.com
Fri Jun 25 23:15:15 CEST 2010
Author: michi
Date: 2010-06-25 23:15:15 +0200 (Fri, 25 Jun 2010)
New Revision: 50706
Modified:
public/yanel/trunk/src/contributions/resources/security-api/src/build/dependencies.xml
public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java
Log:
escape names
Modified: public/yanel/trunk/src/contributions/resources/security-api/src/build/dependencies.xml
===================================================================
--- public/yanel/trunk/src/contributions/resources/security-api/src/build/dependencies.xml 2010-06-25 20:30:29 UTC (rev 50705)
+++ public/yanel/trunk/src/contributions/resources/security-api/src/build/dependencies.xml 2010-06-25 21:15:15 UTC (rev 50706)
@@ -10,6 +10,7 @@
<dependency groupId="wyona-org-yanel" artifactId="yanel-core" version="${yanel.source.version}"/>
<dependency groupId="wyona-org-yanel" artifactId="yanel-impl" version="${yanel.source.version}"/>
<dependency groupId="wyona-org-yanel" artifactId="yanel-webapp" version="${yanel.source.version}"/>
+ <dependency groupId="apache-jakarta-commons" artifactId="apache-jakarta-commons-lang" version="2.1"/>
</artifact:dependencies>
<artifact:dependencies pathId="maven2.resource.classpath" filesetId="maven2.resource.fileset">
Modified: public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java
===================================================================
--- public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java 2010-06-25 20:30:29 UTC (rev 50705)
+++ public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java 2010-06-25 21:15:15 UTC (rev 50706)
@@ -295,7 +295,7 @@
sb.append(" " + property.getKey() + "=\"" + org.wyona.commons.xml.XMLHelper.replaceEntities(property.getValue()) + "\""); //INFO: The name should be safe, so don't escape it
}
- sb.append(">" + groups[i].getName() + "</group>");
+ sb.append(">" + org.apache.commons.lang.StringEscapeUtils.escapeXml(groups[i].getName()) + "</group>");
}
sb.append("</groups>");
return sb;
@@ -343,8 +343,6 @@
* Get all users
*/
private StringBuilder getUsersAsXML() throws Exception {
- UserManager um = getRealm().getIdentityManager().getUserManager();
-
boolean refresh = true;
if (getResourceConfigProperty("refresh-users") != null) {
refresh = new Boolean(getResourceConfigProperty("refresh-users")).booleanValue();
@@ -352,6 +350,7 @@
log.warn("No refresh user property set within resource configuration '" + getConfiguration().getNode() + "', hence will use true as default.");
}
+ UserManager um = getRealm().getIdentityManager().getUserManager();
User[] users = um.getUsers(refresh);
Arrays.sort(users, new ItemIDComparator());
@@ -389,7 +388,7 @@
sb.append(" " + property.getKey() + "=\"" + org.wyona.commons.xml.XMLHelper.replaceEntities(property.getValue()) + "\""); //INFO: The name should be safe, so don't escape it
}
- sb.append(">" + users[i].getName() + "</user>");
+ sb.append(">" + org.apache.commons.lang.StringEscapeUtils.escapeXml(users[i].getName()) + "</user>");
}
sb.append("</users>");
return sb;
More information about the Yanel-commits
mailing list