-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.10
-
Fix Version/s: 2.10.1
-
Component/s: Authentication & Authorization
-
Labels:None
-
Environment:
JSPWiki v2.10.0 and Tomcat 7.0.43 under Windows Server 2008 R2
After adding this line
jspwiki.policy.file=jspwiki-custom.policy
to jspwiki-custom.properties I experienced strange problems.
Thus I checked the log file and found two lines about creating a temp policy file. I located this temp policy file in the tomcat temp directory and found, that
it was too long and filled with bytes, which appeared earlier in the file.
I have appended the temp file and the original jspwiki-custom.policy.
So I debugged jspwiki (/tags/jspwiki_2_10_0) and found this code in
AuthenticationManager.java, line 647
byte[] buff = new byte[1024];
while( is.read(buff) != -1 )
which is wrong, as it always writes 1024 bytes, even at the end of the file.
Thus I am suggesting this alternative:
byte[] buff = new byte[1024];
int bytes = 0;
while( (bytes = is.read(buff)) != -1 )