diff --git a/pom.xml b/pom.xml
index 4d22626..699584f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
org.gcube.common.portal
portal-manager
- 2.3.0-SNAPSHOT
+ 2.4.0-SNAPSHOT
jar
gCube Portal Manager
diff --git a/src/main/java/org/gcube/common/portal/PortalContext.java b/src/main/java/org/gcube/common/portal/PortalContext.java
index 5b2fbe5..e15f32c 100644
--- a/src/main/java/org/gcube/common/portal/PortalContext.java
+++ b/src/main/java/org/gcube/common/portal/PortalContext.java
@@ -13,6 +13,7 @@ import javax.portlet.RenderRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
+import org.apache.commons.codec.binary.StringUtils;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UserInfo;
@@ -57,6 +58,7 @@ public class PortalContext {
* Scope separators used in linear syntax.
*/
protected static final String SCOPE_SEPARATOR = "/";
+ private static final String REGEX_ISNUMBER = "\\d+";
private final static String DEFAULT_ROLE = "OrganizationMember";
public static final String CONFIGURATION_FOLDER = "conf";
@@ -152,7 +154,7 @@ public class PortalContext {
public GCubeUser getCurrentUser(HttpServletRequest httpServletRequest) {
String userIdNo = httpServletRequest.getHeader(USER_ID_ATTR_NAME);
long userId = -1;
- if (userIdNo != null) {
+ if (userIdNo != null && userIdNo.matches(REGEX_ISNUMBER)) {
try {
_log.debug("The userIdNo is " + userIdNo);
userId = Long.parseLong(userIdNo);
@@ -202,7 +204,7 @@ public class PortalContext {
* @return the scope (context)
*/
public String getCurrentScope(String scopeGroupId) {
- if (scopeGroupId != null) {
+ if (scopeGroupId != null && scopeGroupId.matches(REGEX_ISNUMBER)) {
long groupId = -1;
try {
groupId = Long.parseLong(scopeGroupId);
@@ -252,7 +254,7 @@ public class PortalContext {
*/
public String getCurrentGroupName(HttpServletRequest httpServletRequest) {
String groupIdNo = httpServletRequest.getHeader(VRE_ID_ATTR_NAME);
- if (groupIdNo != null) {
+ if (groupIdNo != null && groupIdNo.matches(REGEX_ISNUMBER)) {
long groupId = -1;
try {
groupId = Long.parseLong(groupIdNo);
@@ -285,7 +287,7 @@ public class PortalContext {
*/
public long getCurrentGroupId(HttpServletRequest httpServletRequest) {
String groupIdNo = httpServletRequest.getHeader(VRE_ID_ATTR_NAME);
- if (groupIdNo != null) {
+ if (groupIdNo != null && groupIdNo.matches(REGEX_ISNUMBER)) {
long groupId = -1;
try {
groupId = Long.parseLong(groupIdNo);
@@ -324,7 +326,7 @@ public class PortalContext {
}
else {
String toReturn = readTokenPropertyFile();
- _log.debug("getCurrentToken devMode into IDE detected, returning scope: " + toReturn.toString());
+ _log.debug("getCurrentToken devMode into IDE detected, returning token: " + toReturn.toString());
_log.debug("The PortalBeanLocatorUtil stacktrace (java.lang.Exception) is acceptable in dev");
return toReturn;
}
@@ -376,7 +378,7 @@ public class PortalContext {
public String getCurrentUserToken(HttpServletRequest httpServletRequest) {
String groupIdNo = httpServletRequest.getHeader(VRE_ID_ATTR_NAME);
String userToken = null;
- if (groupIdNo != null) {
+ if (groupIdNo != null && groupIdNo.matches(REGEX_ISNUMBER)) {
String scope = getCurrentScope(httpServletRequest);
String username = getCurrentUser(httpServletRequest).getUsername();
try {