<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
</parent>
<!-- GroupId is inherited from parent -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<!-- Raptor required Libraries -->
<!-- for static charts -->
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml</artifactId>
- <version>3.5-FINAL</version>
+ <version>3.15</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
} else {
rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%%') ";
}
- sql = sql.replace("[fReportName]",rep_name_sql);
+ sql = sql.replace("[fReportName]", ESAPI.encoder().canonicalize(rep_name_sql));
if (menuId.length() > 0){
/*sql += "AND INSTR('|'||cr.menu_id||'|', '|'||'" + menuId + "'||'|') > 0 "
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
</parent>
<!-- GroupId is inherited from parent -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>2.2.0</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.lucene</groupId>
+ <artifactId>lucene-queryparser</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.json</groupId>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.1.0</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils-core</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- Jacoco for offline instrumentation -->
<dependency>
<version>${jacoco.version}</version>
<classifier>runtime</classifier>
</dependency>
+ <dependency>
+ <groupId>com.thoughtworks.xstream</groupId>
+ <artifactId>xstream</artifactId>
+ <version>1.4.10</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.wicket</groupId>
+ <artifactId>wicket-core</artifactId>
+ <version>1.5.16</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-core</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-fileupload</groupId>
+ <artifactId>commons-fileupload</artifactId>
+ <version>1.3.3</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.3</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>4.5.3</version>
+ </dependency>
+ <dependency>
+ <groupId>xalan</groupId>
+ <artifactId>xalan</artifactId>
+ <version>2.7.2</version>
+ </dependency>
+ <dependency>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <version>2.11.0.SP5</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>3.2.2</version>
+ </dependency>
</dependencies>
</project>
- PORTAL 160 Refer epsdk-app-common
- PORTAL 159 Refer epsdk-app-common
- PORTAL 136 Junits for SDK
+- PORTAL 155 Review security issues: portal
Version 1.4.0
- PORTAL-19 Rename Java package base to org.onap
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
</parent>
<!-- GroupId is inherited from parent -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>2.2.0</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.lucene</groupId>
+ <artifactId>lucene-queryparser</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.json</groupId>
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ReadListener;
public class RequestWrapper extends HttpServletRequestWrapper {
private ByteArrayOutputStream cachedBytes;
+
+ private Map parameter = new HashMap();
+
+ @SuppressWarnings("unchecked")
public RequestWrapper(HttpServletRequest request) {
super(request);
+ Enumeration<String> parameterNames = request.getParameterNames();
+ while (parameterNames.hasMoreElements()) {
+ String paramName = parameterNames.nextElement();
+ String paramValue = request.getParameter(paramName);
+ parameter.put(paramName,paramValue);
+ }
+ }
+
+ @Override
+ public String getParameter(String name) {
+ if (parameter != null) {
+ return (String) parameter.get(name);
+ }
+ return null;
}
@Override
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
</parent>
<!-- GroupId is inherited from parent -->
<version>3.1.0</version>
</dependency>
<dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>jstl</artifactId>
- <version>1.2</version>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-spec</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-impl</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-spec</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-impl</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-jstlel</artifactId>
+ <version>1.2.5</version>
</dependency>
</dependencies>
requires Hibernate and Spring, and provides many features
such as data access, session management, logging, on-boarding
and more. Most of these features are demonstrated in the
-ONAP SDK web application.
+ECOMP SDK web application.
## Release Notes
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
</parent>
<!-- GroupId is inherited from parent -->
<groupId>org.slf4j</groupId>
<artifactId>log4j-over-slf4j</artifactId>
</exclusion>
- <exclusion>
- <groupId>ch.qos.logback</groupId>
- <artifactId>logback-classic</artifactId>
- </exclusion>
</exclusions>
</dependency>
<version>2.3.1</version>
</dependency>
<dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>jstl</artifactId>
- <version>1.2</version>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-spec</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-impl</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-spec</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-impl</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.taglibs</groupId>
+ <artifactId>taglibs-standard-jstlel</artifactId>
+ <version>1.2.5</version>
</dependency>
<!-- bridge to implement commons-logging using slf4j -->
<dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<!-- Use Mariadb connector -->
<dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk16</artifactId>
- <version>1.45</version>
+ <artifactId>bcprov-jdk15on</artifactId>
+ <version>1.59</version>
</dependency>
<!-- Elastic Search -->
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>2.2.0</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.lucene</groupId>
+ <artifactId>lucene-queryparser</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>io.searchbox</groupId>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>2.1.0.1</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils-core</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- UEB was originally named Cambria -->
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<!-- Jacoco for offline instrumentation -->
<version>${jacoco.version}</version>
<classifier>runtime</classifier>
</dependency>
+ <dependency>
+ <groupId>com.thoughtworks.xstream</groupId>
+ <artifactId>xstream</artifactId>
+ <version>1.4.10</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.wicket</groupId>
+ <artifactId>wicket-core</artifactId>
+ <version>1.5.16</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-core</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-fileupload</groupId>
+ <artifactId>commons-fileupload</artifactId>
+ <version>1.3.3</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.3</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>4.5.3</version>
+ </dependency>
+ <dependency>
+ <groupId>xalan</groupId>
+ <artifactId>xalan</artifactId>
+ <version>2.7.2</version>
+ </dependency>
+ <dependency>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <version>2.11.0.SP5</version>
+ </dependency>
</dependencies>
</project>
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
</parent>
<!-- GroupId is inherited from parent -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>org.owasp.esapi</groupId>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xalan</groupId>
+ <artifactId>xalan</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
- <version>1.1.1</version>
+ <version>1.2.3</version>
<scope>test</scope>
</dependency>
<dependency>
<artifactId>resteasy-spring</artifactId>
<version>${resteasy.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<classifier>runtime</classifier>
<scope>test</scope>
<version>${jacoco.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-fileupload</groupId>
+ <artifactId>commons-fileupload</artifactId>
+ <version>1.3.3</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-beanutils</groupId>
+ <artifactId>commons-beanutils</artifactId>
+ <version>1.9.3</version>
</dependency>
</dependencies>
return CipherUtil.decryptPKC(encryptedText, keyString);
}
- public static void main(String[] args) throws CipherUtilException {
+/* public static void main(String[] args) throws CipherUtilException {
String testValue = "Welcome123";
String encrypted;
System.out.println("Encrypted Text" + encrypted);
}
}
- }
+ }*/
}
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
</parent>
<!-- GroupId is inherited from parent -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.8.10</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<!-- Portal SDK Maven parent project -->
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>2.1.0</version>
+ <version>2.1.1</version>
<packaging>pom</packaging>
<name>portal-sdk</name>
<url>https://wiki.onap.org/display/DW/Portal</url>
<properties>
<encoding>UTF-8</encoding>
- <springframework.version>4.2.0.RELEASE</springframework.version>
+ <springframework.version>4.2.3.RELEASE</springframework.version>
<hibernate.version>4.3.11.Final</hibernate.version>
<skiptests>false</skiptests>
<nexusproxy>https://nexus.onap.org</nexusproxy>
Code Review / portal / sdk.git / commitdiff