Fixed some issues reported with FindBugs while security plugin is enabled.

components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.agent.impl/src/main/java/org/wso2/carbon/device/mgt/iot/virtualfirealarm/agent/communication/http/FireAlarmHTTPCommunicator.java

@@ -111,7 +111,7 @@ public class FireAlarmHTTPCommunicator extends HTTPTransportHandler {
 
                 AgentManager agentManager = AgentManager.getInstance();
                 String pathContext = request.getPathInfo();
-                String separator = File.separator;
+                String separator = File.separatorChar=='\\' ? "\\\\" : File.separator ;
 
                 if (pathContext.toUpperCase().contains(
                         separator + AgentConstants.TEMPERATURE_CONTROL)) {

components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin/pom.xml

@@ -83,6 +83,7 @@
 							org.wso2.carbon.event.input.adapter.core,
 							org.wso2.carbon.event.input.adapter.core.exception,
 							org.jivesoftware.smack.*,
+							javax.xml,
 							javax.xml.bind,
 							javax.xml.bind.annotation,
 							javax.xml.parsers; version="${javax.xml.parsers.import.pkg.version}",

components/device-types/virtual-fire-alarm-plugin/org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin/src/main/java/org/wso2/carbon/device/mgt/iot/virtualfirealarm/plugin/config/VirtualFirealarmConfig.java

@@ -6,6 +6,7 @@ import org.w3c.dom.Document;
 import org.wso2.carbon.device.mgt.iot.virtualfirealarm.plugin.config.exception.VirtualFirealarmConfigurationException;
 import org.wso2.carbon.utils.CarbonUtils;
 
+import javax.xml.XMLConstants;
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBException;
 import javax.xml.bind.Unmarshaller;
@@ -50,6 +51,7 @@ public class VirtualFirealarmConfig {
         DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
         factory.setNamespaceAware(true);
         try {
+            factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
             DocumentBuilder docBuilder = factory.newDocumentBuilder();
             return docBuilder.parse(file);
         } catch (Exception e) {

components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/pom.xml

@@ -134,6 +134,7 @@
                         </Export-Package>
                         <Import-Package>
                             org.wso2.carbon.event.output.adapter.core.*,
+                            javax.xml,
                             javax.xml.namespace; version=0.0.0,
                             org.apache.axis2,
                             org.apache.axis2.client,

components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/config/WebsocketConfig.java

@@ -75,7 +75,8 @@ public class WebsocketConfig {
         return websocketValidationConfigs;
     }
 
-    public void setWebsocketValidationConfigs(WebsocketValidationConfigs websocketValidationConfigs) {
+    public void setWebsocketValidationConfigs(WebsocketValidationConfigs websocketValidationConfigsTemp) {
-        websocketValidationConfigs = websocketValidationConfigs;
+        websocketValidationConfigs = websocketValidationConfigsTemp;
     }
+
 }

components/extensions/cdmf-transport-adapters/output/org.wso2.carbon.device.mgt.output.adapter.websocket/src/main/java/org/wso2/carbon/device/mgt/output/adapter/websocket/util/WebsocketUtils.java

@@ -21,6 +21,7 @@ package org.wso2.carbon.device.mgt.output.adapter.websocket.util;
 import org.w3c.dom.Document;
 import org.wso2.carbon.device.mgt.output.adapter.websocket.config.WebsocketValidationConfigurationFailedException;
 
+import javax.xml.XMLConstants;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import java.io.File;
@@ -34,6 +35,7 @@ public class WebsocketUtils {
         DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
         factory.setNamespaceAware(true);
         try {
+            factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
             DocumentBuilder docBuilder = factory.newDocumentBuilder();
             return docBuilder.parse(file);
         } catch (Exception e) {

components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/bean/wrapper/AndroidDeviceInfo.java

@@ -300,7 +300,7 @@ public class AndroidDeviceInfo extends DeviceInfo implements Serializable {
     }
 
     public Date getUpdatedTime() {
-        if(this.updatedTime.equals((Object)null)) {
+        if(this.updatedTime == null) {
             this.updatedTime = new Date();
         }
 

components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android.api/src/main/java/org/wso2/carbon/mdm/services/android/common/GsonMessageBodyHandler.java

@@ -83,13 +83,7 @@ public class GsonMessageBodyHandler implements MessageBodyWriter<Object>, Messag
 
         OutputStreamWriter writer = new OutputStreamWriter(entityStream, UTF_8);
         try {
-            Type jsonType;
+            getGson().toJson(object, type, writer);
-            if (type.equals(type)) {
-                jsonType = type;
-            } else {
-                jsonType = type;
-            }
-            getGson().toJson(object, jsonType, writer);
         } finally {
             writer.close();
         }

components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android/pom.xml

@@ -59,6 +59,7 @@
                             org.osgi.framework,
                             org.osgi.service.component,
                             org.apache.commons.logging,
+                            javax.xml,
                             javax.xml.bind.*,
                             javax.sql,
                             javax.xml.parsers; version=0.0.0,

components/mobile-plugins/android-plugin/org.wso2.carbon.device.mgt.mobile.android/src/main/java/org/wso2/carbon/device/mgt/mobile/android/impl/util/MobileDeviceManagementUtil.java

@@ -38,6 +38,7 @@ import org.wso2.carbon.registry.api.RegistryException;
 import org.wso2.carbon.registry.api.Resource;
 import org.wso2.carbon.registry.core.Registry;
 
+import javax.xml.XMLConstants;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import java.io.File;
@@ -66,6 +67,7 @@ public class MobileDeviceManagementUtil {
 		DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
 		factory.setNamespaceAware(true);
 		try {
+			factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 			DocumentBuilder docBuilder = factory.newDocumentBuilder();
 			return docBuilder.parse(file);
 		} catch (Exception e) {

components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/common/util/GsonMessageBodyHandler.java

@@ -82,13 +82,7 @@ public class GsonMessageBodyHandler implements MessageBodyWriter<Object>, Messag
 
         OutputStreamWriter writer = new OutputStreamWriter(entityStream, UTF_8);
         try {
-            Type jsonType;
+            getGson().toJson(object, type, writer);
-            if (type.equals(type)) {
-                jsonType = type;
-            } else {
-                jsonType = type;
-            }
-            getGson().toJson(object, jsonType, writer);
         } finally {
             writer.close();
         }

components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/common/util/WindowsAPIUtils.java

@@ -187,10 +187,10 @@ public class WindowsAPIUtils {
         PrivilegedCarbonContext ctx = PrivilegedCarbonContext.getThreadLocalCarbonContext();
         AuthenticatorConfigService authenticatorConfigService =
                 (AuthenticatorConfigService) ctx.getOSGiService(AuthenticatorConfigService.class, null);
-        AuthenticatorConfig authenticatorConfig = authenticatorConfigService.getAuthenticatorConfig("BST");
         if (authenticatorConfigService == null) {
             throw new IllegalStateException("AuthenticatorConfiguration service has not initialized.");
         }
+        AuthenticatorConfig authenticatorConfig = authenticatorConfigService.getAuthenticatorConfig("BST");
         if (authenticatorConfig == null) {
             throw new IllegalStateException("BST authenticatorConfig has not initialized.");
         }

components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/operations/util/OperationHandler.java

@@ -181,7 +181,7 @@ public class OperationHandler {
             if ((Constants.SyncMLResponseCodes.ACCEPTED.equals(status.getData()))) {
                 pendingDataOperations = WindowsAPIUtils.getPendingOperations(deviceIdentifier);
                 for (Operation operation : pendingDataOperations) {
-                    if ((OperationCode.Command.DEVICE_RING.equals(operation.getCode())) &&
+                    if ((OperationCode.Command.DEVICE_RING.getCode().equals(operation.getCode())) &&
                             (operation.getId() == status.getCommandReference())) {
                         operation.setStatus(Operation.Status.COMPLETED);
                         updateStatus(syncmlDocument.getHeader().getSource().getLocURI(),
@@ -213,7 +213,7 @@ public class OperationHandler {
             }
             for (Operation operation : pendingDataOperations) {
 
-                if ((OperationCode.Command.WIPE_DATA.equals(operation.getCode())) &&
+                if ((OperationCode.Command.WIPE_DATA.getCode().equals(operation.getCode())) &&
                         (operation.getId() == status.getCommandReference())) {
                     operation.setStatus(Operation.Status.COMPLETED);
                     updateStatus(syncmlDocument.getHeader().getSource().getLocURI(),
@@ -306,13 +306,13 @@ public class OperationHandler {
                 if (status.getTargetReference() == null) {
                     updateDeviceOperations(status, syncmlDocument, deviceIdentifier);
                 } else {
-                    if ((OperationCode.Command.DEVICE_LOCK.equals(status.getTargetReference()))) {
+                    if ((OperationCode.Command.DEVICE_LOCK.getCode().equals(status.getTargetReference()))) {
                         updateLockOperation(status, syncmlDocument, deviceIdentifier);
                     }
-                    if ((OperationCode.Command.DEVICE_RING.equals(status.getTargetReference()))) {
+                    if ((OperationCode.Command.DEVICE_RING.getCode().equals(status.getTargetReference()))) {
                         ring(status, syncmlDocument, deviceIdentifier);
                     }
-                    if (equals(OperationCode.Command.WIPE_DATA.equals(status.getTargetReference()))) {
+                    if ((OperationCode.Command.WIPE_DATA.getCode().equals(status.getTargetReference()))) {
                         dataWipe(status, syncmlDocument, deviceIdentifier);
                     }
                 }

components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/services/enrollment/impl/EnrollmentServiceImpl.java

@@ -51,6 +51,7 @@ import org.xml.sax.SAXException;
 import javax.annotation.Resource;
 import javax.jws.WebService;
 import javax.servlet.ServletContext;
+import javax.xml.XMLConstants;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
@@ -102,7 +103,7 @@ public class EnrollmentServiceImpl implements EnrollmentService {
         String headerTo = null;
         String encodedWap;
         List<Header> headers = getHeaders();
-        for (Header headerElement : headers != null ? headers : null) {
+        for (Header headerElement : headers) {
             String nodeName = headerElement.getName().getLocalPart();
             if (PluginConstants.SECURITY.equals(nodeName)) {
                 Element element = (Element) headerElement.getObject();
@@ -231,6 +232,7 @@ public class EnrollmentServiceImpl implements EnrollmentService {
             signedCertEncodedString = base64Encoder.encodeAsString(signedCertificate.getEncoded());
 
             DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance();
+            domFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
             DocumentBuilder builder;
 
             builder = domFactory.newDocumentBuilder();

components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows.api/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/api/services/wstep/impl/CertificateEnrollmentServiceImpl.java

@@ -112,7 +112,7 @@ public class CertificateEnrollmentServiceImpl implements CertificateEnrollmentSe
         String headerTo = null;
         String encodedWap;
         List<Header> headers = getHeaders();
-        for (Header headerElement : headers != null ? headers : null) {
+        for (Header headerElement : headers) {
             String nodeName = headerElement.getName().getLocalPart();
             if (PluginConstants.SECURITY.equals(nodeName)) {
                 Element element = (Element) headerElement.getObject();

components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows/pom.xml

@@ -55,6 +55,7 @@
                             org.osgi.framework,
                             org.osgi.service.component,
                             org.apache.commons.logging,
+                            javax.xml,
                             javax.xml.bind.*,
                             javax.sql,
                             javax.naming,

components/mobile-plugins/windows-plugin/org.wso2.carbon.device.mgt.mobile.windows/src/main/java/org/wso2/carbon/device/mgt/mobile/windows/impl/util/MobileDeviceManagementUtil.java

@@ -38,6 +38,7 @@ import org.wso2.carbon.registry.api.RegistryException;
 import org.wso2.carbon.registry.api.Resource;
 import org.wso2.carbon.registry.core.Registry;
 
+import javax.xml.XMLConstants;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 import java.io.File;
@@ -66,6 +67,7 @@ public class MobileDeviceManagementUtil {
 		DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
 		factory.setNamespaceAware(true);
 		try {
+			factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 			DocumentBuilder docBuilder = factory.newDocumentBuilder();
 			return docBuilder.parse(file);
 		} catch (Exception e) {