|summary:||Fix for GLASSFISH-20510 URISyntaxException getting monitoring data|
|date:||2013-05-14 14:55:27 UTC (3 years)|
|message:||Fix for GLASSFISH-20510 URISyntaxException getting monitoring data
The "get" command, as some other asadmin commands, must compute the admin security access checks dynamically based on exactly which resources that invocation of the command accesses. The CommandSecurityChecker class then submits each individual resource separately to the authorization service, passing each resource as a URI. In the case of "get" the resource names come from the dotted names for the items reported.
Some EJB monitoring probes (reported using 'get -m "*"' for example) contain characters that are not legal in a URI, but CommandSecurityChecker did not encode such names.
With this fix, such encoding takes place using the standard SE URLEncoding class. The effect is a no-op if the resource name already conforms to URI/URL rules and encodes the resource name otherwise.
Approved for 4.0: Tom
Test: Passed QL tests, the sequence of commands identified by Marina in the issue