diff --git a/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/ResetPasswordServlet.java b/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/ResetPasswordServlet.java
index 2df6cae42703acb5ed5404183fbd2c4242bbdbc3..95a46b309b945168b92b697052320803326dda54 100644
--- a/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/ResetPasswordServlet.java
+++ b/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/ResetPasswordServlet.java
@@ -130,25 +130,22 @@ public class ResetPasswordServlet extends HttpServlet
* using input parameters read from it. Users who do augment
* subject calls are constructed by taking the principals out of the ServletConfig
* input parameter.
- * </p>
*
* <p>
* The ResetPasswordServlet configuration in the web deployment descriptor file
* <code>web.xml</code> must have two input parameters:
* <ul>
* <li><code>ca.nrc.cadc.ac.server.web.ResetPasswordServlet.PrivilegedX500Principals</code>
- * is a list of trusted administrators DNs. It is a multi-line list with
- * line breaks between the trusted DNs and each DN eclosed in double quotes.</li>
+ * is a list of trusted administrators DNs. Each DN must be enclosed in double quotes.
+ * The list can be multi-line for readability.</li>
* <li><code>ca.nrc.cadc.ac.server.web.ResetPasswordServlet.PrivilegedHttpPrincipals</code>
- * is a list of space separated userids (HTTP identities) corresponding
- * to the previous DNs.</li>
+ * is a list of space separated userids (HTTP identities), enclosed in double quotes,
+ * corresponding to the previous DNs.</li>
* </ul>
* The two lists of principal names must be of the same
* length and correspond to each other in order.
- * </p>
*
* @param config The servlet configuration object.
- * @param response The HTTP Response.
*
* @throws javax.servlet.ServletException For general Servlet exceptions.
*/
@@ -164,7 +161,7 @@ public class ResetPasswordServlet extends HttpServlet
String httpUsers = config.getInitParameter(ResetPasswordServlet.class.getName() + ".PrivilegedHttpPrincipals");
log.debug("privilegedHttpUsers: " + httpUsers);
-
+
List<String> x500List = new ArrayList<String>();
List<String> httpList = new ArrayList<String>();
if (x500Users != null && httpUsers != null)
@@ -172,13 +169,13 @@ public class ResetPasswordServlet extends HttpServlet
Pattern pattern = Pattern.compile("([^\"]\\S*|\".+?\")\\s*");
Matcher x500Matcher = pattern.matcher(x500Users);
Matcher httpMatcher = pattern.matcher(httpUsers);
-
+
while (x500Matcher.find())
{
- String next = x500Matcher.group(1);
+ String next = x500Matcher.group(1);
x500List.add(next.replace("\"", ""));
}
-
+
while (httpMatcher.find())
{
String next = httpMatcher.group(1);
@@ -205,7 +202,7 @@ public class ResetPasswordServlet extends HttpServlet
log.warn("No Privileged users configured.");
}
- PluginFactory pluginFactory = new PluginFactory();
+ PluginFactory pluginFactory = getPluginFactory();
userPersistence = pluginFactory.createUserPersistence();
}
catch (Throwable t)
@@ -214,7 +211,14 @@ public class ResetPasswordServlet extends HttpServlet
throw new ExceptionInInitializerError(t);
}
}
+
+
+ protected PluginFactory getPluginFactory()
+ {
+ return new PluginFactory();
+ }
+
protected boolean isPrivilegedSubject(final HttpServletRequest request)
{
if (privilegedSubjects == null || privilegedSubjects.isEmpty())
diff --git a/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserRequestServlet.java b/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserRequestServlet.java
index 4772667db8198756aeffbf567b1d7adc4edd0b8b..0a7443be19272949e91170b880ba5065e4f06f4b 100644
--- a/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserRequestServlet.java
+++ b/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserRequestServlet.java
@@ -118,25 +118,22 @@ public class UserRequestServlet extends HttpServlet
* using input parameters read from it. Users who do augment
* subject calls are constructed by taking the principals out of the ServletConfig
* input parameter.
- * </p>
*
* <p>
- * The UserRequestServlet in the web deployment descriptor file
+ * The UserRequestServlet configuration in the web deployment descriptor file
* <code>web.xml</code> must have two input parameters:
* <ul>
* <li><code>ca.nrc.cadc.ac.server.web.UserRequestServlet.PrivilegedX500Principals</code>
- * is a list of trusted administrators DNs. It is a multi-line list with
- * line breaks between the trusted DNs and each DN eclosed in double quotes.</li>
+ * is a list of trusted administrators DNs. Each DN must be enclosed in double quotes.
+ * The list can be multi-line for readability.</li>
* <li><code>ca.nrc.cadc.ac.server.web.UserRequestServlet.PrivilegedHttpPrincipals</code>
- * is a list of space separated userids (HTTP identities) corresponding
- * to the previous DNs.</li>
+ * is a list of space separated userids (HTTP identities), enclosed in double quotes,
+ * corresponding to the previous DNs.</li>
* </ul>
* The two lists of principal names must be of the same
* length and correspond to each other in order.
- * </p>
*
* @param config The servlet configuration object.
- * @param response The HTTP Response.
*
* @throws javax.servlet.ServletException For general Servlet exceptions.
*/
@@ -160,7 +157,6 @@ public class UserRequestServlet extends HttpServlet
Pattern pattern = Pattern.compile("([^\"]\\S*|\".+?\")\\s*");
Matcher x500Matcher = pattern.matcher(x500Users);
Matcher httpMatcher = pattern.matcher(httpUsers);
-
while (x500Matcher.find())
{
String next = x500Matcher.group(1);
@@ -193,7 +189,7 @@ public class UserRequestServlet extends HttpServlet
log.warn("No Privileged users configured.");
}
- PluginFactory pluginFactory = new PluginFactory();
+ PluginFactory pluginFactory = getPluginFactory();
userPersistence = pluginFactory.createUserPersistence();
}
catch (Throwable t)
@@ -202,6 +198,12 @@ public class UserRequestServlet extends HttpServlet
throw new ExceptionInInitializerError(t);
}
}
+
+
+ protected PluginFactory getPluginFactory()
+ {
+ return new PluginFactory();
+ }
/**
* Create a UserAction and run the action safely.
diff --git a/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserServlet.java b/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserServlet.java
index 72d1bdbcc9cf0c36c75e9463f3f5ccddf491d9ab..60c43f2996b3a268dbb82e67c036e7454ef95e5d 100644
--- a/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserServlet.java
+++ b/cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserServlet.java
@@ -118,25 +118,22 @@ public class UserServlet extends HttpServlet
* using input parameters read from it. Users who do augment
* subject calls are constructed by taking the principals out of the ServletConfig
* input parameter.
- * </p>
*
* <p>
* The UserServlet configuration in the web deployment descriptor file
* <code>web.xml</code> must have two input parameters:
* <ul>
* <li><code>ca.nrc.cadc.ac.server.web.UserServlet.PrivilegedX500Principals</code>
- * is a list of trusted administrators DNs. It is a multi-line list with
- * line breaks between the trusted DNs and each DN eclosed in double quotes.</li>
+ * is a list of trusted administrators DNs. Each DN must be enclosed in double quotes.
+ * The list can be multi-line for readability.</li>
* <li><code>ca.nrc.cadc.ac.server.web.UserServlet.PrivilegedHttpPrincipals</code>
- * is a list of space separated userids (HTTP identities) corresponding
- * to the previous DNs.</li>
+ * is a list of space separated userids (HTTP identities), enclosed in double quotes,
+ * corresponding to the previous DNs.</li>
* </ul>
* The two lists of principal names must be of the same
* length and correspond to each other in order.
- * </p>
*
* @param config The servlet configuration object.
- * @param response The HTTP Response.
*
* @throws javax.servlet.ServletException For general Servlet exceptions.
*/