6a60ed227fb20be0fdc4a72d252496a542e67ec7
java/com.sap.sse.security.ui/src/main/java/com/sap/sse/security/ui/server/UserManagementServiceImpl.java
| ... | ... | @@ -3,6 +3,7 @@ package com.sap.sse.security.ui.server; |
| 3 | 3 | import java.util.ArrayList; |
| 4 | 4 | import java.util.Collection; |
| 5 | 5 | import java.util.HashMap; |
| 6 | +import java.util.Iterator; |
|
| 6 | 7 | import java.util.List; |
| 7 | 8 | import java.util.Map; |
| 8 | 9 | import java.util.Map.Entry; |
| ... | ... | @@ -420,16 +421,18 @@ public class UserManagementServiceImpl extends RemoteServiceServlet implements U |
| 420 | 421 | public HashMap<String, TimedLock> getClientIPBasedTimedLocksForUserCreation() throws UnauthorizedException { |
| 421 | 422 | final SecurityService securityService = getSecurityService(); |
| 422 | 423 | final HashMap<String, TimedLock> ipToLockMap = securityService.getClientIPBasedTimedLocksForUserCreation(); |
| 424 | + final Iterator<Entry<String, TimedLock>> iterator = ipToLockMap.entrySet().iterator(); |
|
| 423 | 425 | // remove from Map, those where permission == FALSE |
| 424 | - ipToLockMap.entrySet().forEach(ipToLockPair -> { |
|
| 426 | + while (iterator.hasNext()) { |
|
| 427 | + final Entry<String, TimedLock> ipToLockPair = iterator.next(); |
|
| 425 | 428 | final String ip = ipToLockPair.getKey(); |
| 426 | 429 | final WildcardPermission userReadPermissionOnIp = SecuredSecurityTypes.LOCKED_IP |
| 427 | 430 | .getPermissionForObject(DefaultActions.READ, new IPAddress(ip)); |
| 428 | 431 | final boolean isPermitted = SecurityUtils.getSubject().isPermitted(userReadPermissionOnIp.toString()); |
| 429 | 432 | if (!isPermitted) { |
| 430 | - ipToLockMap.remove(ip); |
|
| 433 | + iterator.remove(); |
|
| 431 | 434 | } |
| 432 | - }); |
|
| 435 | + } |
|
| 433 | 436 | return ipToLockMap; |
| 434 | 437 | } |
| 435 | 438 | |
| ... | ... | @@ -438,15 +441,18 @@ public class UserManagementServiceImpl extends RemoteServiceServlet implements U |
| 438 | 441 | final SecurityService securityService = getSecurityService(); |
| 439 | 442 | final HashMap<String, TimedLock> ipToLockMap = securityService.getClientIPBasedTimedLocksForBearerTokenAbuse(); |
| 440 | 443 | // remove from Map, those where permission == FALSE |
| 441 | - ipToLockMap.entrySet().forEach(ipToLockPair -> { |
|
| 444 | + final Iterator<Entry<String, TimedLock>> iterator = ipToLockMap.entrySet().iterator(); |
|
| 445 | + // remove from Map, those where permission == FALSE |
|
| 446 | + while (iterator.hasNext()) { |
|
| 447 | + final Entry<String, TimedLock> ipToLockPair = iterator.next(); |
|
| 442 | 448 | final String ip = ipToLockPair.getKey(); |
| 443 | 449 | final WildcardPermission userReadPermissionOnIp = SecuredSecurityTypes.LOCKED_IP |
| 444 | 450 | .getPermissionForObject(DefaultActions.READ, new IPAddress(ip)); |
| 445 | 451 | final boolean isPermitted = SecurityUtils.getSubject().isPermitted(userReadPermissionOnIp.toString()); |
| 446 | 452 | if (!isPermitted) { |
| 447 | - ipToLockMap.remove(ip); |
|
| 453 | + iterator.remove(); |
|
| 448 | 454 | } |
| 449 | - }); |
|
| 455 | + } |
|
| 450 | 456 | return ipToLockMap; |
| 451 | 457 | } |
| 452 | 458 | } |