diff --git a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml
index 278e649def..262adb08f9 100644
--- a/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml
+++ b/components/analytics-mgt/grafana-mgt/io.entgra.device.mgt.core.analytics.mgt.grafana.proxy.core/pom.xml
@@ -287,11 +287,11 @@
org.wso2.carbon.identity.oauth.stub
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml
index 80de344fbb..43e10f2ed6 100644
--- a/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml
+++ b/components/apimgt-extensions/io.entgra.device.mgt.core.apimgt.webapp.publisher/pom.xml
@@ -54,11 +54,11 @@
testng
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm/pom.xml b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm/pom.xml
index 6dabbcd530..30776534a2 100644
--- a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm/pom.xml
+++ b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.fcm/pom.xml
@@ -72,11 +72,11 @@
scannotation
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.http/pom.xml b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.http/pom.xml
index e61a6ac953..19064258e8 100644
--- a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.http/pom.xml
+++ b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.http/pom.xml
@@ -72,11 +72,11 @@
scannotation
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.mqtt/pom.xml b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.mqtt/pom.xml
index 170ecfad3d..c2e5ec68bb 100644
--- a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.mqtt/pom.xml
+++ b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.mqtt/pom.xml
@@ -72,11 +72,11 @@
scannotation
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.xmpp/pom.xml b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.xmpp/pom.xml
index 1a35ea1354..4487b32b4e 100644
--- a/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.xmpp/pom.xml
+++ b/components/device-mgt-extensions/io.entgra.device.mgt.core.device.mgt.extensions.push.notification.provider.xmpp/pom.xml
@@ -72,11 +72,11 @@
scannotation
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/pom.xml b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/pom.xml
index c0ae924f8e..6a1fcc1f2e 100644
--- a/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/pom.xml
+++ b/components/device-mgt/io.entgra.device.mgt.core.device.mgt.core/pom.xml
@@ -398,11 +398,11 @@
org.wso2.carbon.identity.oauth.stub
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/pom.xml b/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/pom.xml
index 71431a6af9..f6ebe690c0 100644
--- a/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/pom.xml
+++ b/components/identity-extensions/io.entgra.device.mgt.core.identity.jwt.client.extension/pom.xml
@@ -64,11 +64,11 @@
scannotation
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/pom.xml
index d4528765d0..91566b67f8 100644
--- a/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/pom.xml
+++ b/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/pom.xml
@@ -174,11 +174,11 @@
provided
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
diff --git a/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/src/main/java/io/entgra/device/mgt/core/webapp/authenticator/framework/authenticator/BSTAuthenticator.java b/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/src/main/java/io/entgra/device/mgt/core/webapp/authenticator/framework/authenticator/BSTAuthenticator.java
index 5d64bc5c25..9ea23cc7be 100644
--- a/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/src/main/java/io/entgra/device/mgt/core/webapp/authenticator/framework/authenticator/BSTAuthenticator.java
+++ b/components/webapp-authenticator-framework/io.entgra.device.mgt.core.webapp.authenticator.framework/src/main/java/io/entgra/device/mgt/core/webapp/authenticator/framework/authenticator/BSTAuthenticator.java
@@ -33,8 +33,6 @@ import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.coyote.InputBuffer;
-import org.apache.tomcat.util.buf.ByteChunk;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
@@ -42,7 +40,12 @@ import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Properties;
+import java.util.StringTokenizer;
public class BSTAuthenticator implements WebappAuthenticator {
@@ -146,30 +149,27 @@ public class BSTAuthenticator implements WebappAuthenticator {
private String getBSTHeader(Request request) throws IOException, XMLStreamException {
org.apache.coyote.Request coyoteReq = request.getCoyoteRequest();
- InputBuffer buf = coyoteReq.getInputBuffer();
- ByteChunk bc = new ByteChunk();
+ String securityHeader = coyoteReq.getHeader("Security");
- buf.doRead(bc, coyoteReq);
- try (InputStream is = new ByteArrayInputStream(getUTF8Bytes(bc.toString()))) {
+ if (securityHeader == null || securityHeader.isEmpty()) {
+ return null;
+ }
+
+ // Process the "Security" header value as needed
+ try (InputStream is = new ByteArrayInputStream(getUTF8Bytes(securityHeader))) {
XMLStreamReader reader = StAXUtils.createXMLStreamReader(is);
StAXBuilder builder = new StAXSOAPModelBuilder(reader);
SOAPEnvelope envelope = (SOAPEnvelope) builder.getDocumentElement();
envelope.build();
SOAPHeader header = envelope.getHeader();
- Iterator headerEls = header.getChildrenWithLocalName("Security");
+ Iterator headerEls = header.getChildrenWithLocalName("BinarySecurityToken");
if (!headerEls.hasNext()) {
return null;
}
- OMElement securityHeader = (OMElement) headerEls.next();
- Iterator securityHeaderEls = securityHeader.getChildrenWithLocalName("BinarySecurityToken");
- if (!securityHeaderEls.hasNext()) {
- return null;
- }
- OMElement bstHeader = (OMElement) securityHeaderEls.next();
+ OMElement bstHeader = (OMElement) headerEls.next();
bstHeader.build();
return bstHeader.getText();
}
}
-
}
diff --git a/pom.xml b/pom.xml
index 4b34fddaf4..3b7c0d99fd 100644
--- a/pom.xml
+++ b/pom.xml
@@ -930,8 +930,9 @@
+
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat
${orbit.version.tomcat}
@@ -961,6 +962,37 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
org.wso2.carbon
org.wso2.carbon.tomcat.ext
@@ -997,11 +1029,17 @@
jdbc-pool
${tomcat.jdbc.pooling.version}
+
- org.wso2.tomcat
+ org.wso2.orbit.org.apache.tomcat
tomcat-servlet-api
- ${orbit.version.tomcat.servlet.api}
+ 9.0.71.wso2v1
+
+
+
+
+
@@ -2014,7 +2052,7 @@
3.8.1.v20120830-144521
- 7.0.93.wso2v1
+ 9.0.71.wso2v1
7.0.93.wso2v1
7.0.34.wso2v2