summaryrefslogtreecommitdiffstats
path: root/openecomp-be/api/openecomp-sdc-rest-webapp
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2022-10-14 13:35:39 +0100
committerMichael Morris <michael.morris@est.tech>2022-10-18 08:27:16 +0000
commitddb9d5a7637b382be9ac7a96ad023a983c41c342 (patch)
tree4e551d6ce4348aed56f42b021bbe4fcfccc3cd15 /openecomp-be/api/openecomp-sdc-rest-webapp
parentccab3629426bdc6a87ca6102db3fdb23d4419b3e (diff)
Fix security risk 'Improper Input Validation'
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I6a52148aec3b567db43ec57109214e52d106f73c Issue-ID: SDC-4189
Diffstat (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp')
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml28
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml2
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml52
3 files changed, 51 insertions, 31 deletions
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml
index b51399ca54..f0291cb060 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml
@@ -15,6 +15,15 @@
</listener>
<filter>
+ <filter-name>dataValidatorFilter</filter-name>
+ <filter-class>org.openecomp.sdc.common.filters.DataValidatorFilter</filter-class>
+ </filter>
+ <filter-mapping>
+ <filter-name>dataValidatorFilter</filter-name>
+ <url-pattern>/v1.0/*</url-pattern>
+ </filter-mapping>
+
+ <filter>
<filter-name>contentSecurityPolicyHeaderFilter</filter-name>
<filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter</filter-class>
<async-supported>true</async-supported>
@@ -54,6 +63,7 @@
<filter-name>RestrictionAccessFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
+
<!-- Spring WS Mapping -->
<servlet>
<servlet-name>spring-mapper</servlet-name>
@@ -62,10 +72,13 @@
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
+ <servlet-mapping>
+ <servlet-name>spring-mapper</servlet-name>
+ <url-pattern>/ws/*</url-pattern>
+ </servlet-mapping>
<!-- CXF -->
<servlet>
<servlet-name>CXFServlet</servlet-name>
- <display-name>CXF Servlet</display-name>
<servlet-class>
org.apache.cxf.transport.servlet.CXFServlet
</servlet-class>
@@ -87,19 +100,14 @@
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
+ <servlet-mapping>
+ <servlet-name>CXFServlet</servlet-name>
+ <url-pattern>/*</url-pattern>
+ </servlet-mapping>
<context-param>
<param-name>org.eclipse.jetty.servlet.Default.dirAllowed</param-name>
<param-value>false</param-value>
</context-param>
- <servlet-mapping>
- <servlet-name>spring-mapper</servlet-name>
- <url-pattern>/ws/*</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>CXFServlet</servlet-name>
- <url-pattern>/*</url-pattern>
- </servlet-mapping>
-
</web-app>
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml
index 9c2aa51a28..15251436d6 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml
@@ -104,4 +104,4 @@
</jaxrs:outInterceptors>
</jaxrs:server>
-</beans> \ No newline at end of file
+</beans>
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml
index eb8bd9e93f..31400f878e 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml
@@ -25,8 +25,18 @@
</listener>
<filter>
+ <filter-name>dataValidatorFilter</filter-name>
+ <filter-class>org.openecomp.sdc.common.filters.DataValidatorFilter</filter-class>
+ </filter>
+ <filter-mapping>
+ <filter-name>dataValidatorFilter</filter-name>
+ <url-pattern>/v1.0/*</url-pattern>
+ </filter-mapping>
+
+ <filter>
<filter-name>contentSecurityPolicyHeaderFilter</filter-name>
- <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter</filter-class>
+ <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter
+ </filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
@@ -41,9 +51,6 @@
<filter-mapping>
<filter-name>PermissionsFilter</filter-name>
<url-pattern>/v1.0/vendor-license-models/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>PermissionsFilter</filter-name>
<url-pattern>/v1.0/vendor-software-products/*</url-pattern>
</filter-mapping>
@@ -63,6 +70,10 @@
<param-value>*</param-value>
</init-param>
</filter>
+ <filter-mapping>
+ <filter-name>cross-origin</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
<filter>
<filter-name>RestrictionAccessFilter</filter-name>
@@ -73,34 +84,34 @@
<filter-name>RestrictionAccessFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
+
<filter>
<filter-name>BasicAuth</filter-name>
<filter-class>org.openecomp.server.filters.BasicAuthenticationFilter</filter-class>
</filter>
- <filter>
- <filter-name>AuthN</filter-name>
- <filter-class>org.openecomp.server.filters.ActionAuthenticationFilter</filter-class>
- </filter>
- <filter>
- <filter-name>AuthZ</filter-name>
- <filter-class>org.openecomp.server.filters.ActionAuthorizationFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>cross-origin</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
<filter-mapping>
<filter-name>BasicAuth</filter-name>
<url-pattern>/1.0/*</url-pattern>
</filter-mapping>
+
+ <filter>
+ <filter-name>AuthN</filter-name>
+ <filter-class>org.openecomp.server.filters.ActionAuthenticationFilter</filter-class>
+ </filter>
<filter-mapping>
<filter-name>AuthN</filter-name>
<url-pattern>/workflow/v1.0/actions/*</url-pattern>
</filter-mapping>
+
+ <filter>
+ <filter-name>AuthZ</filter-name>
+ <filter-class>org.openecomp.server.filters.ActionAuthorizationFilter</filter-class>
+ </filter>
<filter-mapping>
<filter-name>AuthZ</filter-name>
<url-pattern>/workflow/v1.0/actions/*</url-pattern>
</filter-mapping>
+
<filter>
<filter-name>SessionContextFilter</filter-name>
<filter-class>org.openecomp.server.filters.OnboardingSessionContextFilter</filter-class>
@@ -109,6 +120,7 @@
<filter-name>SessionContextFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
+
<!-- Spring WS Mapping -->
<servlet>
<servlet-name>spring-mapper</servlet-name>
@@ -117,6 +129,10 @@
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
+ <servlet-mapping>
+ <servlet-name>spring-mapper</servlet-name>
+ <url-pattern>/ws/*</url-pattern>
+ </servlet-mapping>
<!-- CXF -->
<servlet>
<servlet-name>CXFServlet</servlet-name>
@@ -142,10 +158,6 @@
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
- <servlet-name>spring-mapper</servlet-name>
- <url-pattern>/ws/*</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>