diff options
Diffstat (limited to 'src/main')
-rw-r--r-- | src/main/java/org/onap/clamp/clds/util/CryptoUtils.java | 2 | ||||
-rw-r--r-- | src/main/java/org/onap/clamp/clds/util/XmlTools.java | 8 | ||||
-rw-r--r-- | src/main/java/org/onap/clamp/util/PrincipalUtils.java | 6 |
3 files changed, 15 insertions, 1 deletions
diff --git a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java index f08bf7b28..85aae0a5d 100644 --- a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java +++ b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java @@ -162,7 +162,7 @@ public final class CryptoUtils { private static SecretKeySpec readSecretKeySpec(String propertiesFileName) { Properties props = new Properties(); try { - //Workaround fix to make encryption key configurable + // Workaround fix to make encryption key configurable // System environment variable takes precedence for over clds/key.properties String encryptionKey = System.getenv(AES_ENCRYPTION_KEY); if(encryptionKey != null && encryptionKey.trim().length() > 0) { diff --git a/src/main/java/org/onap/clamp/clds/util/XmlTools.java b/src/main/java/org/onap/clamp/clds/util/XmlTools.java index a812fa127..a7d4ed9fb 100644 --- a/src/main/java/org/onap/clamp/clds/util/XmlTools.java +++ b/src/main/java/org/onap/clamp/clds/util/XmlTools.java @@ -24,6 +24,7 @@ package org.onap.clamp.clds.util; import java.io.StringWriter; +import javax.xml.XMLConstants; import javax.xml.transform.OutputKeys; import javax.xml.transform.Transformer; import javax.xml.transform.TransformerException; @@ -39,6 +40,12 @@ import org.w3c.dom.Document; public class XmlTools { /** + * Private constructor to avoid creating instances of util class. + */ + private XmlTools(){ + } + + /** * Transforms document to XML string. * * @param doc XML document @@ -47,6 +54,7 @@ public class XmlTools { public static String exportXmlDocumentAsString(Document doc) { try { TransformerFactory tf = TransformerFactory.newInstance(); + tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); Transformer transformer = tf.newTransformer(); transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); StringWriter writer = new StringWriter(); diff --git a/src/main/java/org/onap/clamp/util/PrincipalUtils.java b/src/main/java/org/onap/clamp/util/PrincipalUtils.java index d6b20f30b..d6dfacbdb 100644 --- a/src/main/java/org/onap/clamp/util/PrincipalUtils.java +++ b/src/main/java/org/onap/clamp/util/PrincipalUtils.java @@ -38,6 +38,12 @@ public class PrincipalUtils { private static SecurityContext securityContext = SecurityContextHolder.getContext(); /** + * Private constructor to avoid creating instances of util class. + */ + private PrincipalUtils(){ + } + + /** * Get the Full name. * * @return The user name |