Uploaded image for project: 'Pluto'
  1. Pluto
  2. PLUTO-484

PortletURLImpl.setSecure() throws PortletSecurityException when PortletURLProvider.isSecureSupported() returns true

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.1.5, 2.0-refactoring, 2.0.0
    • Fix Version/s: 2.0-refactoring, 1.1.6, 2.0.0
    • Component/s: portlet container
    • Labels:
      None
    • Environment:
      Tomcat 5.5.26

      Description

      The method setSecure() on org.apache.pluto.internal.impl.PortletURLImpl is implemented as follows:

      public void setSecure(boolean secure) throws PortletSecurityException {
      PortletURLProvider urlProvider = container
      .getRequiredContainerServices()
      .getPortalCallbackService()
      .getPortletURLProvider(servletRequest, internalPortletWindow);
      if(urlProvider.isSecureSupported())

      { throw new PortletSecurityException("Secure URLs not supported."); }
      }

      The problem is that if the URL provider supports secure URLs, an exception is thrown. This code should be changed as follows:

      public void setSecure(boolean secure) throws PortletSecurityException {
      if(!secure) { return; }
      PortletURLProvider urlProvider = container
      .getRequiredContainerServices()
      .getPortalCallbackService()
      .getPortletURLProvider(servletRequest, internalPortletWindow);
      if(urlProvider.isSecureSupported()) { urlProvider.setSecure(); } else { throw new PortletSecurityException("Secure URLs not supported."); }

      }

        Attachments

          Activity

            People

            • Assignee:
              cdoremus Craig Doremus
              Reporter:
              nikd Nikita Dubrovsky
            • Votes:
              1 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: