diff --git a/.classpath b/.classpath
index 4214a97..c40c8e2 100644
--- a/.classpath
+++ b/.classpath
@@ -17,10 +17,11 @@
-
+
+
diff --git a/pom.xml b/pom.xml
index b8eb95a..5936649 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,14 +10,14 @@
org.gcube.portal
threadlocal-vars-cleaner
- 2.1.0-SNAPSHOT
+ 2.1.1-SNAPSHOT
jar
threadlocal-vars-cleaner
http://maven.apache.org
This component clean the Smartgears ThreadLocal variables each time a new Thread is assigned to a request from tomcat thread pool
- 1.7
+ 1.8
${project.basedir}/distro
${project.build.directory}/${project.build.finalName}
distro
diff --git a/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java b/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
index eb1422e..c916f06 100644
--- a/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
+++ b/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
@@ -18,6 +18,7 @@ import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
+import org.gcube.common.scope.impl.ScopeBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -46,7 +47,7 @@ public class SmartGearsPortalValve extends ValveBase {
PortalContext context = PortalContext.getConfiguration();
String scope = context.getCurrentScope(request);
String username = getCurrentUsername(request);
- if (scope != null && username != null) {
+ if (scope != null && username != null && validateContext(scope)) {
String userToken = null;
try {
ScopeProvider.instance.set(scope);
@@ -68,6 +69,21 @@ public class SmartGearsPortalValve extends ValveBase {
}
getNext().invoke(req, resp);
}
+
+ /**
+ *
+ * @param context
+ * @return true if is the context is syntactically valid
+ */
+ private static boolean validateContext(String context) {
+ String separator = "/";
+ if (!context.matches("\\S+"))
+ return false;
+ String[] components=context.split(separator);
+ if (components.length<2 || components.length>4)
+ return false;
+ return true;
+ }
/**
*