StringSplitUtils.split() ignored delimiter argument.

core/src/main/java/org/acegisecurity/util/StringSplitUtils.java

@@ -57,7 +57,7 @@ public class StringSplitUtils {
                 "Delimiter can only be one character in length");
         }
 
-        int offset = toSplit.indexOf('=');
+        int offset = toSplit.indexOf(delimiter);
 
         if (offset < 0) {
             return null;

core/src/test/java/org/acegisecurity/util/StringSplitUtilsTests.java

@@ -137,4 +137,12 @@ public class StringSplitUtilsTests extends TestCase {
             assertTrue(true);
         }
     }
+
+    public void testSplitWorksWithDifferentDelimiters() {
+        assertEquals(2, StringSplitUtils.split("18/marissa", "/").length);
+        assertNull(StringSplitUtils.split("18/marissa", "!"));
+
+        // only guarantees to split at FIRST delimiter, not EACH delimiter
+        assertEquals(2, StringSplitUtils.split("18|marissa|foo|bar", "|").length);
+    }
 }

doc/xdocs/changes.xml

@@ -35,6 +35,7 @@
       <action dev="fbos" type="fix">Corrected Authz parsing of whitespace in GrantedAuthoritys</action>
       <action dev="benalex" type="fix">TokenBasedRememberMeServices now respects expired users, expired credentials and disabled users</action>
       <action dev="benalex" type="fix">HttpSessionContextIntegrationFilter now handles HttpSession invalidation without redirection</action>
+      <action dev="benalex" type="fix">StringSplitUtils.split() ignored delimiter argument</action>
     </release>
     <release version="0.8.0" date="2005-03-03">
       <action dev="benalex" type="add">Added Digest Authentication support (RFC 2617 and RFC 2069)</action>