summaryrefslogtreecommitdiffstats
path: root/auth/auth-locate
diff options
context:
space:
mode:
authorRaviteja Cherughattu <rc835m@att.com>2020-07-29 11:49:13 -0500
committerRaviteja Cherughattu <rc835m@att.com>2020-07-29 11:49:13 -0500
commitde75a11f03d87b53f7a2b5525c8fc66f6053aef2 (patch)
treeacf289a3bcccb20f15ef286b25241d2a65ce90b5 /auth/auth-locate
parent68a9a8d828dbc9ceea8f712a71e1e45866676037 (diff)
Medium Vulnerabilities: Reverting the changes done towards Locate & FS
Issue-ID: AAF-1115 Change-Id: Ia26cb13d5105d6bad97503c8a85607f01e956478 Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
Diffstat (limited to 'auth/auth-locate')
-rw-r--r--auth/auth-locate/pom.xml5
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java10
2 files changed, 3 insertions, 12 deletions
diff --git a/auth/auth-locate/pom.xml b/auth/auth-locate/pom.xml
index 36585989..71fcfa98 100644
--- a/auth/auth-locate/pom.xml
+++ b/auth/auth-locate/pom.xml
@@ -83,11 +83,6 @@
<artifactId>encoder</artifactId>
<version>1.2.1</version>
</dependency>
- <dependency>
- <groupId>org.owasp.esapi</groupId>
- <artifactId>esapi</artifactId>
- <version>2.0.1</version>
- </dependency>
</dependencies>
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
index 7b23c89c..2bb497a0 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
@@ -53,8 +53,6 @@ import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
-import org.owasp.esapi.errors.AccessControlException;
-import org.owasp.esapi.reference.DefaultHTTPUtilities;
import org.owasp.encoder.Encode;
public class API_AAFAccess {
@@ -259,7 +257,7 @@ public class API_AAFAccess {
});
}
- private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, LocateFacade context, Locator<URI> loc, String path) throws IOException, AccessControlException {
+ private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, LocateFacade context, Locator<URI> loc, String path) throws IOException {
try {
if (loc.hasItems()) {
Item item = loc.best();
@@ -272,10 +270,8 @@ public class API_AAFAccess {
redirectURL.append('?');
redirectURL.append(str);
}
- trans.info().log("Redirect to",redirectURL);
- DefaultHTTPUtilities util = new DefaultHTTPUtilities();
- util.sendRedirect(redirectURL.toString());
- //resp.sendRedirect(redirectURL.toString());
+ trans.info().log("Redirect to",redirectURL);
+ resp.sendRedirect(redirectURL.toString());
} else {
context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Locations found for redirection"));
}