diff --git a/core/src/main/java/org/acegisecurity/util/StringSplitUtils.java b/core/src/main/java/org/acegisecurity/util/StringSplitUtils.java
index 3588713a33..f07e7266de 100644
--- a/core/src/main/java/org/acegisecurity/util/StringSplitUtils.java
+++ b/core/src/main/java/org/acegisecurity/util/StringSplitUtils.java
@@ -57,7 +57,7 @@ public class StringSplitUtils {
"Delimiter can only be one character in length");
}
- int offset = toSplit.indexOf('=');
+ int offset = toSplit.indexOf(delimiter);
if (offset < 0) {
return null;
diff --git a/core/src/test/java/org/acegisecurity/util/StringSplitUtilsTests.java b/core/src/test/java/org/acegisecurity/util/StringSplitUtilsTests.java
index 09fc3df48b..e5ad73f18b 100644
--- a/core/src/test/java/org/acegisecurity/util/StringSplitUtilsTests.java
+++ b/core/src/test/java/org/acegisecurity/util/StringSplitUtilsTests.java
@@ -137,4 +137,12 @@ public class StringSplitUtilsTests extends TestCase {
assertTrue(true);
}
}
+
+ public void testSplitWorksWithDifferentDelimiters() {
+ assertEquals(2, StringSplitUtils.split("18/marissa", "/").length);
+ assertNull(StringSplitUtils.split("18/marissa", "!"));
+
+ // only guarantees to split at FIRST delimiter, not EACH delimiter
+ assertEquals(2, StringSplitUtils.split("18|marissa|foo|bar", "|").length);
+ }
}
diff --git a/doc/xdocs/changes.xml b/doc/xdocs/changes.xml
index 329272cc68..afa26c8d15 100644
--- a/doc/xdocs/changes.xml
+++ b/doc/xdocs/changes.xml
@@ -35,6 +35,7 @@
Corrected Authz parsing of whitespace in GrantedAuthoritys
TokenBasedRememberMeServices now respects expired users, expired credentials and disabled users
HttpSessionContextIntegrationFilter now handles HttpSession invalidation without redirection
+ StringSplitUtils.split() ignored delimiter argument
Added Digest Authentication support (RFC 2617 and RFC 2069)