aboutsummaryrefslogtreecommitdiff
path: root/spss/server/serverlib/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'spss/server/serverlib/src/main')
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java23
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java20
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java19
-rw-r--r--spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java3
4 files changed, 41 insertions, 24 deletions
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
index 3d2da8384..3c67ca3ca 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/config/ConfigurationPartsBuilder.java
@@ -23,17 +23,6 @@
package at.gv.egovernment.moa.spss.server.config;
-import iaik.asn1.structures.Name;
-import iaik.ixsil.exceptions.URIException;
-import iaik.ixsil.util.URI;
-import iaik.pki.pathvalidation.ChainingModes;
-import iaik.pki.revocation.RevocationSourceTypes;
-import iaik.server.modules.xml.BlackListEntry;
-import iaik.server.modules.xml.ExternalReferenceChecker;
-import iaik.server.modules.xml.WhiteListEntry;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
@@ -70,6 +59,16 @@ import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.egovernment.moa.util.XPathUtils;
+import iaik.asn1.structures.Name;
+import iaik.ixsil.exceptions.URIException;
+import iaik.ixsil.util.URI;
+import iaik.pki.pathvalidation.ChainingModes;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.server.modules.xml.BlackListEntry;
+import iaik.server.modules.xml.ExternalReferenceChecker;
+import iaik.server.modules.xml.WhiteListEntry;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
/**
* A class that builds configuration data from a DOM based representation.
@@ -1429,7 +1428,7 @@ public class ConfigurationPartsBuilder {
private static Element parseXml(InputStream inputStream)
throws ParserConfigurationException, SAXException, IOException {
return DOMUtils
- .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null)
+ .parseDocument(inputStream, true, Constants.ALL_SCHEMA_LOCATIONS, null, null)
.getDocumentElement();
}
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
index 148be664b..fd7ef8cb2 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactory.java
@@ -24,11 +24,6 @@
package at.gv.egovernment.moa.spss.server.invoke;
-import iaik.ixsil.util.URI;
-import iaik.ixsil.util.XPointerReferenceResolver;
-import iaik.server.modules.xml.DataObject;
-import iaik.server.modules.xml.XMLDataObject;
-
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -76,6 +71,10 @@ import at.gv.egovernment.moa.util.MOAErrorHandler;
import at.gv.egovernment.moa.util.StreamEntityResolver;
import at.gv.egovernment.moa.util.StreamUtils;
import at.gv.egovernment.moa.util.XPathUtils;
+import iaik.ixsil.util.URI;
+import iaik.ixsil.util.XPointerReferenceResolver;
+import iaik.server.modules.xml.DataObject;
+import iaik.server.modules.xml.XMLDataObject;
/**
* A class to create <code>DataObject</code>s contained in different
@@ -259,7 +258,8 @@ public class DataObjectFactory {
Constants.ALL_SCHEMA_LOCATIONS,
null,
entityResolver,
- new MOAErrorHandler());
+ new MOAErrorHandler(),
+ null);
Logger.trace("<<< parsed");
return new XMLDataObjectImpl(doc.getDocumentElement());
@@ -272,7 +272,7 @@ public class DataObjectFactory {
// try to parse non-validating
try {
ByteArrayInputStream is = new ByteArrayInputStream(contentBytes);
- Document doc = DOMUtils.parseDocument(is, false, null, null);
+ Document doc = DOMUtils.parseDocument(is, false, null, null, null);
// Since the parse tree will not contain any post schema validation information,
// we need to register any attributes known to be of type xsd:Id manually.
NodeList idAttributes = XPathUtils.selectNodeList(doc.getDocumentElement(), XPATH);
@@ -765,7 +765,7 @@ public class DataObjectFactory {
// try parsing non-validating: this has to succeed or we
// bail out by throwing an exception
is = resolver.resolve(uri);
- doc = DOMUtils.parseDocument(is, false, null, null);
+ doc = DOMUtils.parseDocument(is, false, null, null, null);
dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
} catch (ParserConfigurationException e) {
throw new MOASystemException("1106", null, e);
@@ -782,7 +782,7 @@ public class DataObjectFactory {
try {
// try parsing non-validating: need not succeed
is = resolver.resolve(uri);
- doc = DOMUtils.parseDocument(is, false, null, null);
+ doc = DOMUtils.parseDocument(is, false, null, null, null);
closeInputStream(is);
dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
} catch (Exception e) {
@@ -981,7 +981,7 @@ public class DataObjectFactory {
Document doc;
try {
- doc = DOMUtils.parseDocument(byteStream, false, null, null);
+ doc = DOMUtils.parseDocument(byteStream, false, null, null, null);
dataObject = new XMLDataObjectImpl(doc.getDocumentElement());
} catch (ParserConfigurationException e) {
throw new MOASystemException("1106", null, e);
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java
index 639a75ab1..b7ce0fa7d 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/AxisHandler.java
@@ -30,7 +30,10 @@ import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.HashMap;
import java.util.Iterator;
+import java.util.Map;
import javax.servlet.http.HttpServletRequest;
@@ -100,6 +103,15 @@ public class AxisHandler extends BasicHandler {
/** Simple string contains the post part of the enveloping SOAP wrapping */
private static final String SOAP_PART_POST = "</soapenv:Body></soapenv:Envelope>";
+ private static final Map<String, Object> parserFeatures =
+ Collections.unmodifiableMap(new HashMap<String, Object>() {
+ private static final long serialVersionUID = 1L;
+ {
+ put(DOMUtils.DISALLOW_DOCTYPE_FEATURE, true);
+
+ }
+ });
+
/**
* Handle an invocation of this handler.
*
@@ -146,7 +158,12 @@ public class AxisHandler extends BasicHandler {
Element xmlRequest = null;
//log.info(soapMessage.getSOAPPartAsString());
- Element soapPart = DOMUtils.parseDocument(new ByteArrayInputStream(soapMessage.getSOAPPartAsBytes()), false, null, null).getDocumentElement();
+ Element soapPart = DOMUtils.parseDocument(
+ new ByteArrayInputStream(soapMessage.getSOAPPartAsBytes()),
+ false,
+ null,
+ null,
+ parserFeatures).getDocumentElement();
if (soapPart!=null) {
//TODO: check if DOM Version is intolerant when white spaces are between tags (preceding normalization would be necessary)
NodeList soapBodies = soapPart.getElementsByTagNameNS(SOAP_NS_URI, "Body");
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java
index d986f7a1b..1114cb7b0 100644
--- a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java
+++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/server/service/ServiceUtils.java
@@ -85,7 +85,8 @@ public class ServiceUtils {
Constants.ALL_SCHEMA_LOCATIONS,
null,
new MOASPSSEntityResolver(),
- new MOAErrorHandler());
+ new MOAErrorHandler(),
+ null);
// DOMUtils.parseDocument(
// new ByteArrayInputStream(requestBytes),