diff options
5 files changed, 10 insertions, 119 deletions
diff --git a/eaaf_core/pom.xml b/eaaf_core/pom.xml index 15628054..a14c107b 100644 --- a/eaaf_core/pom.xml +++ b/eaaf_core/pom.xml @@ -73,7 +73,7 @@ </dependency> <dependency> <groupId>org.apache.velocity</groupId> - <artifactId>velocity</artifactId> + <artifactId>velocity-engine-core</artifactId> </dependency> <dependency> <groupId>commons-collections</groupId> diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityLogAdapter.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityLogAdapter.java deleted file mode 100644 index bf8e75a9..00000000 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityLogAdapter.java +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a - * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: - * https://joinup.ec.europa.eu/news/understanding-eupl-v12 - * - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text file for details on the - * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative - * works that you distribute must include a readable copy of the "NOTICE" text file. -*/ - -package at.gv.egiz.eaaf.core.impl.gui.velocity; - -import org.apache.velocity.app.Velocity; -import org.apache.velocity.runtime.RuntimeConstants; -import org.apache.velocity.runtime.RuntimeServices; -import org.apache.velocity.runtime.log.LogChute; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class VelocityLogAdapter implements LogChute { - - private static final Logger log = LoggerFactory.getLogger(VelocityLogAdapter.class); - - /** - * VeloCity Logging adapter. - * - */ - public VelocityLogAdapter() { - try { - /* - * register this class as a logger with the Velocity singleton (NOTE: this would - * not work for the non-singleton method.) - */ - Velocity.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM, this); - Velocity.init(); - } catch (final Exception e) { - log.error("Failed to register Velocity logger"); - } - } - - @Override - public void init(final RuntimeServices arg0) throws Exception { - - } - - @Override - public boolean isLevelEnabled(final int arg0) { - switch (arg0) { - case LogChute.DEBUG_ID: - return log.isDebugEnabled(); - case LogChute.TRACE_ID: - return log.isTraceEnabled(); - default: - return true; - } - } - - @Override - public void log(final int arg0, final String arg1) { - switch (arg0) { - case LogChute.DEBUG_ID: - log.debug(arg1); - break; - case LogChute.TRACE_ID: - log.trace(arg1); - break; - case LogChute.INFO_ID: - log.info(arg1); - break; - case LogChute.WARN_ID: - log.warn(arg1); - break; - case LogChute.ERROR_ID: - default: - log.error(arg1); - break; - } - } - - @Override - public void log(final int arg0, final String arg1, final Throwable arg2) { - switch (arg0) { - case LogChute.DEBUG_ID: - case LogChute.TRACE_ID: - case LogChute.INFO_ID: - case LogChute.WARN_ID: - log.warn(arg1, arg2); - break; - case LogChute.ERROR_ID: - default: - log.error(arg1, arg2); - break; - } - } - -} diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityProvider.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityProvider.java index 18594985..3aca836e 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityProvider.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/gui/velocity/VelocityProvider.java @@ -80,12 +80,8 @@ public class VelocityProvider { private static VelocityEngine getBaseVelocityEngine() { final VelocityEngine velocityEngine = new VelocityEngine(); velocityEngine.setProperty(RuntimeConstants.INPUT_ENCODING, "UTF-8"); - velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); - // velocityEngine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, - // "org.apache.velocity.runtime.log.SimpleLog4JLogSystem"); - velocityEngine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM, new VelocityLogAdapter()); - return velocityEngine; + } } diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java index 2e30dcd9..63c8c99a 100644 --- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java +++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java @@ -27,8 +27,8 @@ import javax.annotation.PostConstruct; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang3.StringUtils; +import org.apache.commons.text.StringEscapeUtils; import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.core.AuthnRequest; import org.opensaml.saml.saml2.core.Issuer; @@ -134,11 +134,11 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement if (e instanceof NoPassivAuthenticationException) { statusCode.setValue(StatusCode.NO_PASSIVE); - statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage())); } else if (e instanceof NameIdFormatNotSupportedException) { statusCode.setValue(StatusCode.INVALID_NAMEID_POLICY); - statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage())); } else if (e instanceof SloException) { // SLOExecpetions only occurs if session information is lost @@ -149,7 +149,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement statusCode.setValue(ex.getStatusCodeValue()); final String statusMessageValue = ex.getStatusMessageValue(); if (statusMessageValue != null) { - statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue)); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(statusMessageValue)); } @@ -157,7 +157,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement } else { statusCode.setValue(StatusCode.RESPONDER); - statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage())); + statusMessage.setMessage(StringEscapeUtils.escapeXml11(e.getLocalizedMessage())); internalErrorCode = statusMessager.getResponseErrorCode(e); } @@ -531,7 +531,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement log.info( "Dispatch PVP2 AuthnRequest: OAURL=" + oaUrl + " Binding=" + consumerService.getBinding()); - pendingReq.setSpEntityId(StringEscapeUtils.escapeHtml(oaUrl)); + pendingReq.setSpEntityId(StringEscapeUtils.escapeHtml4(oaUrl)); pendingReq.setOnlineApplicationConfiguration( authConfig.getServiceProviderConfiguration(pendingReq.getSpEntityId())); pendingReq.setBinding(consumerService.getBinding()); @@ -69,7 +69,7 @@ <javax.servlet-api>3.0.1</javax.servlet-api> - <org.apache.velocity.version>1.7</org.apache.velocity.version> + <org.apache.velocity.version>2.3</org.apache.velocity.version> <javax.annotation-api>1.3.2</javax.annotation-api> <joda-time.version>2.10.13</joda-time.version> <jsr305.version>3.0.2</jsr305.version> @@ -553,7 +553,7 @@ </dependency> <dependency> <groupId>org.apache.velocity</groupId> - <artifactId>velocity</artifactId> + <artifactId>velocity-engine-core</artifactId> <version>${org.apache.velocity.version}</version> </dependency> <dependency> |