Index: core-module/pom.xml =================================================================== diff -u -raba7a5f98828cea5801bebaeeddb6da8d964dc9b -r6aec597bbfd6e939a288f9f176bf1018f939cb6c --- core-module/pom.xml (.../pom.xml) (revision aba7a5f98828cea5801bebaeeddb6da8d964dc9b) +++ core-module/pom.xml (.../pom.xml) (revision 6aec597bbfd6e939a288f9f176bf1018f939cb6c) @@ -7,7 +7,7 @@ 313devgrp jstree-project - 21.11.01 + 21.11.07 ../pom.xml @@ -31,7 +31,7 @@ 313devgrp lib-module - 21.11.01 + 21.11.07 pom FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cmm/interceptor/AuthenticInterceptor.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cmm/interceptor/IpObtainInterceptor.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cmm/util/EgovUserDetailsHelper.java'. FishEye: No comparison available. Pass `N' to diff? Index: core-module/src/main/java/egovframework/com/cmm/util/EgovXssChecker.java =================================================================== diff -u -r3378aeef18251570015a9efbed6402f39cffd95d -r6aec597bbfd6e939a288f9f176bf1018f939cb6c --- core-module/src/main/java/egovframework/com/cmm/util/EgovXssChecker.java (.../EgovXssChecker.java) (revision 3378aeef18251570015a9efbed6402f39cffd95d) +++ core-module/src/main/java/egovframework/com/cmm/util/EgovXssChecker.java (.../EgovXssChecker.java) (revision 6aec597bbfd6e939a288f9f176bf1018f939cb6c) @@ -17,26 +17,12 @@ boolean bLog = false; try { - //@ 공통모듈을 이용한 권한체크 - LoginVO loginVO = (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser(); if(bLog){ LOGGER.debug("@Step1. XSS Check uniqId : {}", sUniqId); - LOGGER.debug("Step2. XSS Session uniqId : {}", loginVO.getId()); - LOGGER.debug("Step3. XSS Session getUniqId : {}", loginVO.getUniqId()); - LOGGER.debug("Step4. XSS Session getAuthorities : {}", EgovUserDetailsHelper.getAuthorities()); } - //체크 값에 대한 무결성 체크 - if(sUniqId == null || loginVO.getUniqId() == null || loginVO.getUniqId().equals("")){ - throw new EgovXssException("XSS00001", "errors.xss.checkerUser"); - } - - //사용자에에 대한 Xss 체크 - if(!sUniqId.equals(loginVO.getUniqId())){ - throw new EgovXssException("XSS00002", "errors.xss.checkerUser"); - } - //2017.03.03 조성원 시큐어코딩(ES)-오류 메시지를 통한 정보노출[CWE-209] + //2017.03.03 조성원 시큐어코딩(ES)-오류 메시지를 통한 정보노출[CWE-209] } catch(IllegalArgumentException e) { LOGGER.error("[IllegalArgumentException] Try/Catch...usingParameters Runing : "+ e.getMessage()); } catch(Exception e) { Index: core-module/src/main/java/egovframework/com/cmm/web/EgovFileDownloadController.java =================================================================== diff -u -r3378aeef18251570015a9efbed6402f39cffd95d -r6aec597bbfd6e939a288f9f176bf1018f939cb6c --- core-module/src/main/java/egovframework/com/cmm/web/EgovFileDownloadController.java (.../EgovFileDownloadController.java) (revision 3378aeef18251570015a9efbed6402f39cffd95d) +++ core-module/src/main/java/egovframework/com/cmm/web/EgovFileDownloadController.java (.../EgovFileDownloadController.java) (revision 6aec597bbfd6e939a288f9f176bf1018f939cb6c) @@ -78,10 +78,6 @@ String atchFileId = (String) commandMap.get("atchFileId"); String fileSn = (String) commandMap.get("fileSn"); - //Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated(); - - //if (isAuthenticated) { - FileVO fileVO = new FileVO(); fileVO.setAtchFileId(atchFileId); fileVO.setFileSn(fileSn); FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/AtchmnFileVO.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/EgovMultiPartEmail.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/EgovSndngMailDetailService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/EgovSndngMailDtlsService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/EgovSndngMailRegistService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/EgovSndngMailService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/SndngMail.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/SndngMailVO.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/impl/EgovSndngMailDetailServiceImpl.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/impl/EgovSndngMailDtlsServiceImpl.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/impl/EgovSndngMailRegistServiceImpl.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/impl/EgovSndngMailServiceImpl.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/impl/SndngMailDetailDAO.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/impl/SndngMailDtlsDAO.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/service/impl/SndngMailRegistDAO.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/web/EgovSndngMailDetailController.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/web/EgovSndngMailDtlsController.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/cop/ems/web/EgovSndngMailRegistController.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/controller/PagesController.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/controller/RegistrationController.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/controller/SecurityController.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/database/dao/GenericDao.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/database/dao/RoleDao.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/database/dao/UserDao.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/database/model/Role.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/database/model/User.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/dto/LocalUser.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/dto/SocialProvider.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/dto/SocialUser.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/dto/UserRegistrationForm.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/entrypoint/AppAuthenticationEntryPoint.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/exception/UserAlreadyExistAuthenticationException.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/handler/AppSuccessHandler.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/registry/AppConnectionSignUp.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/registry/AppSocialAuthenticationServiceRegistry.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/service/LocalUserDetailService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/service/RegistrationUserDetailService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/service/SocialUserDetailService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/service/UserService.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/java/egovframework/com/ext/jstree/support/security/util/SecurityUtil.java'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/resources/egovframework/spring/com/context-egovuserdetailshelper.xml'. FishEye: No comparison available. Pass `N' to diff? FishEye: Tag 6aec597bbfd6e939a288f9f176bf1018f939cb6c refers to a dead (removed) revision in file `core-module/src/main/resources/egovframework/spring/com/context-security.xml'. FishEye: No comparison available. Pass `N' to diff? Index: lib-module/pom.xml =================================================================== diff -u -raba7a5f98828cea5801bebaeeddb6da8d964dc9b -r6aec597bbfd6e939a288f9f176bf1018f939cb6c --- lib-module/pom.xml (.../pom.xml) (revision aba7a5f98828cea5801bebaeeddb6da8d964dc9b) +++ lib-module/pom.xml (.../pom.xml) (revision 6aec597bbfd6e939a288f9f176bf1018f939cb6c) @@ -5,7 +5,7 @@ 313devgrp jstree-project - 21.11.01 + 21.11.07 ../pom.xml @@ -17,7 +17,6 @@ 4.1.9.RELEASE 3.6.0 - 3.2.9.RELEASE 2.3.34 4.3.11.Final @@ -68,11 +67,6 @@ egovframework.rte - egovframework.rte.fdl.security - ${egovframework.rte.version} - - - egovframework.rte egovframework.rte.fdl.excel ${egovframework.rte.version} @@ -736,37 +730,6 @@ ${spring.maven.artifact.version} - - - org.springframework.security - spring-security-core - ${spring.security.version} - - - - org.springframework.security - spring-security-taglibs - ${spring.security.version} - - - - org.springframework.security - spring-security-web - ${spring.security.version} - - - - org.springframework.security - spring-security-config - ${spring.security.version} - - - - org.springframework.security.oauth - spring-security-oauth2 - 2.0.7.RELEASE - - com.navercorp.lucy @@ -790,12 +753,6 @@ org.springframework.social - spring-social-security - 1.1.4.RELEASE - - - - org.springframework.social spring-social-web 1.1.4.RELEASE Index: pom.xml =================================================================== diff -u -raba7a5f98828cea5801bebaeeddb6da8d964dc9b -r6aec597bbfd6e939a288f9f176bf1018f939cb6c --- pom.xml (.../pom.xml) (revision aba7a5f98828cea5801bebaeeddb6da8d964dc9b) +++ pom.xml (.../pom.xml) (revision 6aec597bbfd6e939a288f9f176bf1018f939cb6c) @@ -10,7 +10,7 @@ 4.0.0 313devgrp jstree-project - 21.11.01 + 21.11.07 pom jstree-project