Examples with BasicParserPool net.shibboleth.utilities.java.support.xml.BasicParserPool used on opensource projects

Example 1 with BasicParserPool

use of net.shibboleth.utilities.java.support.xml.BasicParserPool in project cas by apereo.

the class CoreSamlConfiguration method parserPool.

/**
     * Parser pool basic parser pool.
     *
     * @return the basic parser pool
     */
@Bean(name = "shibboleth.ParserPool", initMethod = "initialize")
public BasicParserPool parserPool() {
    final BasicParserPool pool = new BasicParserPool();
    pool.setMaxPoolSize(POOL_SIZE);
    pool.setCoalescing(true);
    pool.setIgnoreComments(true);
    pool.setXincludeAware(false);
    pool.setExpandEntityReferences(false);
    pool.setIgnoreComments(true);
    pool.setNamespaceAware(true);
    final Map<String, Object> attributes = new HashMap<>();
    try {
        final Class clazz = ClassUtils.getClass(casProperties.getSamlCore().getSecurityManager());
        attributes.put("http://apache.org/xml/properties/security-manager", clazz.newInstance());
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
    pool.setBuilderAttributes(attributes);
    final Map<String, Boolean> features = new HashMap<>();
    features.put("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
    features.put("http://apache.org/xml/features/validation/schema/normalized-value", Boolean.FALSE);
    features.put("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
    features.put("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
    features.put("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
    pool.setBuilderFeatures(features);
    return pool;
}