Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-12328

When accessing krew_doc_hdr_cntnt_t content, don't decrypt if content seems like uncrypted xml

    Details

    • Type: Bug Fix Bug Fix
    • Status: Closed Closed
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.4
    • Component/s: Development, JPA
    • Security Level: Public (Public: Anyone can view)
    • Similar issues:
      KULRICE-7565Make it so that KEW can safely handle an entry in KREW_DOC_HDR_T with no corresponding entry in KREW_DOC_HDR_CNTNT_T
      KULRICE-8602Ability to populate the KREW_DOC_HDR_CNTNT_T table for documents from legacy systems.
      KULRICE-8179Rice KEW considers Maps as 'simple' properties and serializes them and persists them in the database.
      KULRICE-897Investigate removing document content XML payload when doc goes to final
      KULRICE-9438Not able to edit rules that have attributes - the attribute disappears once the doc is saved or submitted
      KULRICE-4892Document Operation screen in workflow doesn't display XML properly if it's encrypted with a different encryption key then the standalone server uses
      KULRICE-3297XML Document Content is not properly included in XML used to generate workflow emails
      KULRICE-8299Create UI for encrypting/decrypting document content
      KULRICE-2057RouteNode content fragment is not being exported during Document Type XML export
      KULRICE-7467Lightbox - scrollbar is included in lightbox with iframe when not needed (all content in view)?
    • Rice Module:
      KEW
    • Sprint:
      2.4.0-rc1 Sprint 7
    • KAI Review Status:
      Not Required
    • KTI Review Status:
      Pending Review
    • Code Review Status:
      Not Required
    • Contributing Institution:
      Indiana Univ
    • Include in Release Notes?:
      Yes

      Description

      When fetching the document content XML from the database sometimes document content is not encrypted even though an encryption key property is set. This causes OJB to try to decrypt the content but it ends up causing exceptions to occur since the content is not encrypted. We added a simple check to see if the content appears to be XML before trying to decrypt it to avoid this issue

        Activity

        Hide
        James Bennett added a comment -

        It looks like the documentContent property of the DocumentRouteHeaderValueContent class is missing the JPA EncryptionConverter which will be necessary to handle encryption of document content in the database when the encryption.key property is set. This will be an issue for any implementing institution who currently has encrypted content since it will not decrypt properly, and it would prevent any new documents from encrypting their content as expected.

        Show
        James Bennett added a comment - It looks like the documentContent property of the DocumentRouteHeaderValueContent class is missing the JPA EncryptionConverter which will be necessary to handle encryption of document content in the database when the encryption.key property is set. This will be an issue for any implementing institution who currently has encrypted content since it will not decrypt properly, and it would prevent any new documents from encrypting their content as expected.
        Hide
        Eric Westfall added a comment -

        Implemented DocumentContentEncryptionConverter which handles encrypted and non-encrypted workflow document content.

        Show
        Eric Westfall added a comment - Implemented DocumentContentEncryptionConverter which handles encrypted and non-encrypted workflow document content.
        Hide
        Eric Westfall added a comment -

        Committed to trunk. Tested this out with doc ops and tested with both previously encrypted and non-encrypted content. Everything appears to be working well in my tests. Also ran a few KEW integration tests and they passed so hopefully the integration test run comes out clean on the other end after this commit.

        Show
        Eric Westfall added a comment - Committed to trunk. Tested this out with doc ops and tested with both previously encrypted and non-encrypted content. Everything appears to be working well in my tests. Also ran a few KEW integration tests and they passed so hopefully the integration test run comes out clean on the other end after this commit.

          People

          • Assignee:
            Eric Westfall
            Reporter:
            James Bennett
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Agile

                Structure Helper Panel