[jira] [Created] (CXF-6769) Underscores in values of FIQL search expressions are incorrectly escaped
Torsten Römer created CXF-6769: -- Summary: Underscores in values of FIQL search expressions are incorrectly escaped Key: CXF-6769 URL: https://issues.apache.org/jira/browse/CXF-6769 Project: CXF Issue Type: Bug Components: JAX-RS Affects Versions: 3.1.2 Environment: Webapp deployed to WildFly 10 Reporter: Torsten Römer Priority: Minor We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL\_UE' If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (CXF-6769) Underscores in values of FIQL search expressions are incorrectly escaped
[ https://issues.apache.org/jira/browse/CXF-6769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Torsten Römer updated CXF-6769: --- Description: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL\\_UE' If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. was: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL\_UE' If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. > Underscores in values of FIQL search expressions are incorrectly escaped > > > Key: CXF-6769 > URL: https://issues.apache.org/jira/browse/CXF-6769 > Project: CXF > Issue Type: Bug > Components: JAX-RS >Affects Versions: 3.1.2 > Environment: Webapp deployed to WildFly 10 >Reporter: Torsten Römer >Priority: Minor > > We are basically "just" using FIQLParser and SQLPrinterVisitor like this: > final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); > final SearchCondition searchCondition = fiqlParser.parse(search); > final SQLPrinterVisitor visitor = new > SQLPrinterVisitor(table); > searchCondition.accept(visitor); > final String sql = visitor.getQuery(); > A search expression like this: > text==VAL_UE > yields an SQL query like this: > SELECT * FROM some_table WHERE text = 'VAL\\_UE' > If the table contains a row with text "VAL_UE", the query returns no results > because the underscore in the value was escaped. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (CXF-6769) Underscores in values of FIQL search expressions are incorrectly escaped
[ https://issues.apache.org/jira/browse/CXF-6769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Torsten Römer updated CXF-6769: --- Description: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. was: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL\\_UE' If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. > Underscores in values of FIQL search expressions are incorrectly escaped > > > Key: CXF-6769 > URL: https://issues.apache.org/jira/browse/CXF-6769 > Project: CXF > Issue Type: Bug > Components: JAX-RS >Affects Versions: 3.1.2 > Environment: Webapp deployed to WildFly 10 >Reporter: Torsten Römer >Priority: Minor > > We are basically "just" using FIQLParser and SQLPrinterVisitor like this: > final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); > final SearchCondition searchCondition = fiqlParser.parse(search); > final SQLPrinterVisitor visitor = new > SQLPrinterVisitor(table); > searchCondition.accept(visitor); > final String sql = visitor.getQuery(); > A search expression like this: > text==VAL_UE > yields an SQL query like this: > SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' > If the table contains a row with text "VAL_UE", the query returns no results > because the underscore in the value was escaped. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (CXF-6769) Underscores in values of FIQL search expressions are incorrectly escaped
[ https://issues.apache.org/jira/browse/CXF-6769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Torsten Römer updated CXF-6769: --- Description: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' (Note [backslash] is supposed to mean a literal "\" which is swallowed here) If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. was: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. > Underscores in values of FIQL search expressions are incorrectly escaped > > > Key: CXF-6769 > URL: https://issues.apache.org/jira/browse/CXF-6769 > Project: CXF > Issue Type: Bug > Components: JAX-RS >Affects Versions: 3.1.2 > Environment: Webapp deployed to WildFly 10 >Reporter: Torsten Römer >Priority: Minor > > We are basically "just" using FIQLParser and SQLPrinterVisitor like this: > final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); > final SearchCondition searchCondition = fiqlParser.parse(search); > final SQLPrinterVisitor visitor = new > SQLPrinterVisitor(table); > searchCondition.accept(visitor); > final String sql = visitor.getQuery(); > A search expression like this: > text==VAL_UE > yields an SQL query like this: > SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' > (Note [backslash] is supposed to mean a literal "\" which is swallowed here) > If the table contains a row with text "VAL_UE", the query returns no results > because the underscore in the value was escaped. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (CXF-6769) Underscores in values of FIQL search expressions are incorrectly escaped
[ https://issues.apache.org/jira/browse/CXF-6769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Torsten Römer updated CXF-6769: --- Description: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' (Note [backslash] is supposed to mean a literal "\" which is swallowed here) If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was preceded with a backslash. was: We are basically "just" using FIQLParser and SQLPrinterVisitor like this: final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); final SearchCondition searchCondition = fiqlParser.parse(search); final SQLPrinterVisitor visitor = new SQLPrinterVisitor(table); searchCondition.accept(visitor); final String sql = visitor.getQuery(); A search expression like this: text==VAL_UE yields an SQL query like this: SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' (Note [backslash] is supposed to mean a literal "\" which is swallowed here) If the table contains a row with text "VAL_UE", the query returns no results because the underscore in the value was escaped. > Underscores in values of FIQL search expressions are incorrectly escaped > > > Key: CXF-6769 > URL: https://issues.apache.org/jira/browse/CXF-6769 > Project: CXF > Issue Type: Bug > Components: JAX-RS >Affects Versions: 3.1.2 > Environment: Webapp deployed to WildFly 10 >Reporter: Torsten Römer >Priority: Minor > > We are basically "just" using FIQLParser and SQLPrinterVisitor like this: > final FiqlParser fiqlParser = new FiqlParser<>(SearchBean.class); > final SearchCondition searchCondition = fiqlParser.parse(search); > final SQLPrinterVisitor visitor = new > SQLPrinterVisitor(table); > searchCondition.accept(visitor); > final String sql = visitor.getQuery(); > A search expression like this: > text==VAL_UE > yields an SQL query like this: > SELECT * FROM some_table WHERE text = 'VAL[backslash]_UE' > (Note [backslash] is supposed to mean a literal "\" which is swallowed here) > If the table contains a row with text "VAL_UE", the query returns no results > because the underscore in the value was preceded with a backslash. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (CXF-6631) WADL JavaDocProvider does not handle methods with generic first argument
[ https://issues.apache.org/jira/browse/CXF-6631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergey Beryozkin updated CXF-6631: -- Fix Version/s: 3.1.6 3.2.0 > WADL JavaDocProvider does not handle methods with generic first argument > > > Key: CXF-6631 > URL: https://issues.apache.org/jira/browse/CXF-6631 > Project: CXF > Issue Type: Bug > Components: JAX-RS >Affects Versions: 3.1.3 >Reporter: Francesco Chicchiriccò > Fix For: 3.2.0, 3.1.6 > > Attachments: AnyService.html > > > When first method's argument is generic, WADL JavaDocProvider reports no > information about it. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (FEDIZ-152) Disable URL rewrites with SessionID to avoid session hijacking
[ https://issues.apache.org/jira/browse/FEDIZ-152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jan Bernhardt updated FEDIZ-152: Fix Version/s: 1.2.2 > Disable URL rewrites with SessionID to avoid session hijacking > -- > > Key: FEDIZ-152 > URL: https://issues.apache.org/jira/browse/FEDIZ-152 > Project: CXF-Fediz > Issue Type: Improvement > Components: IDP, OIDC >Reporter: Jan Bernhardt >Assignee: Jan Bernhardt > Fix For: 1.3.0, 1.2.2 > > > if Cookies are disabled within the Browser the servlet container (like > Tomcat) will usually switch to URL rewriting, by adding the JSessionID to the > URL. > This is dangerous because users tend to copy URLs from their browser and post > them in chat or public forums, thus allowing someone else to hijack their > session. > Therefor it is best practice to ensure that a sessionID will not be included > within the URL. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (FEDIZ-147) IDP will be listed in HomeRealm Selection view, even if it should not be used directly
[
https://issues.apache.org/jira/browse/FEDIZ-147?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Bernhardt updated FEDIZ-147:
Fix Version/s: 1.2.2
> IDP will be listed in HomeRealm Selection view, even if it should not be used
> directly
> --
>
> Key: FEDIZ-147
> URL: https://issues.apache.org/jira/browse/FEDIZ-147
> Project: CXF-Fediz
> Issue Type: Bug
> Components: IDP
>Reporter: Jan Bernhardt
>Assignee: Jan Bernhardt
>Priority: Minor
> Fix For: 1.3.0, 1.2.2
>
>
> If Fediz IDP should be used only as a RP-IDP with no direct login, I would
> set {{useCurrentIdp}} of IDP configuration to {{false}}.
> In this case I the IDP should not be listed within the home realm selection
> view. But instead only trusted 3rd Party IDPs should be listed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (FEDIZ-146) wtrealm should not be mandatory for 3rd party signin response
[ https://issues.apache.org/jira/browse/FEDIZ-146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jan Bernhardt updated FEDIZ-146: Fix Version/s: 1.2.2 > wtrealm should not be mandatory for 3rd party signin response > - > > Key: FEDIZ-146 > URL: https://issues.apache.org/jira/browse/FEDIZ-146 > Project: CXF-Fediz > Issue Type: Bug > Components: IDP >Affects Versions: 1.1.3, 1.2.1 >Reporter: Jan Bernhardt >Assignee: Jan Bernhardt > Fix For: 1.3.0, 1.2.2 > > > Fediz-IDP expects a wtrealm parameter within the token response from 3rd > party IDP. If this parameter is not provided Fediz will show an error page. > According to the WS-Federation standard this attribute should not be part of > the response and thus should not be mandatory. > http://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html#_Toc223175014 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (FEDIZ-144) HomeRealm Discovery Service based on Spring EL
[
https://issues.apache.org/jira/browse/FEDIZ-144?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Bernhardt updated FEDIZ-144:
Fix Version/s: 1.2.2
> HomeRealm Discovery Service based on Spring EL
> --
>
> Key: FEDIZ-144
> URL: https://issues.apache.org/jira/browse/FEDIZ-144
> Project: CXF-Fediz
> Issue Type: New Feature
> Components: IDP
>Reporter: Jan Bernhardt
>Assignee: Jan Bernhardt
> Fix For: 1.3.0, 1.2.2
>
>
> HomeRealm Discovery can be based on various criteria. With Spring EL user
> will be able to provide custom handling based on their needs.
> This can also be useful to perform a home realm mapping. Here is an example
> for that:
> {code} value="{'mydomain.com':'urn:org:apache:cxf:fediz:idp:realm-A',
> 'another-domain.com':'urn:org:apache:cxf:fediz:idp:realm-B'}[flowScope.get('whr')]"
> />{code}
> In the above sample the provided whr parameter within a request would be
> mapped to {{urn:org:apache:cxf:fediz:idp:realm-A}} if the value is
> {{mydomain.com}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
