This commit is contained in:
Massimiliano Assante 2020-03-26 08:52:37 +00:00
parent d70a28c845
commit efdc5eb4b1
3 changed files with 21 additions and 4 deletions

View File

@ -17,10 +17,11 @@
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.junit.JUNIT_CONTAINER/4"/>
<classpathentry kind="output" path="target/classes"/>
</classpath>

View File

@ -10,14 +10,14 @@
<groupId>org.gcube.portal</groupId>
<artifactId>threadlocal-vars-cleaner</artifactId>
<version>2.1.0-SNAPSHOT</version>
<version>2.1.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>threadlocal-vars-cleaner</name>
<url>http://maven.apache.org</url>
<description>This component clean the Smartgears ThreadLocal variables each time a new Thread is assigned to a request from tomcat thread pool</description>
<properties>
<java-version>1.7</java-version>
<java-version>1.8</java-version>
<distroDirectory>${project.basedir}/distro</distroDirectory>
<webappDirectory>${project.build.directory}/${project.build.finalName}</webappDirectory>
<distroDirectory>distro</distroDirectory>

View File

@ -18,6 +18,7 @@ import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.scope.impl.ScopeBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -46,7 +47,7 @@ public class SmartGearsPortalValve extends ValveBase {
PortalContext context = PortalContext.getConfiguration();
String scope = context.getCurrentScope(request);
String username = getCurrentUsername(request);
if (scope != null && username != null) {
if (scope != null && username != null && validateContext(scope)) {
String userToken = null;
try {
ScopeProvider.instance.set(scope);
@ -69,6 +70,21 @@ public class SmartGearsPortalValve extends ValveBase {
getNext().invoke(req, resp);
}
/**
*
* @param context
* @return true if is the context is syntactically valid
*/
private static boolean validateContext(String context) {
String separator = "/";
if (!context.matches("\\S+"))
return false;
String[] components=context.split(separator);
if (components.length<2 || components.length>4)
return false;
return true;
}
/**
*
* @param username