svn commit: r747834 - in /tomcat/trunk/java/org/apache/catalina/realm: DataSourceRealm.java JDBCRealm.java MemoryRealm.java

Wed, 25 Feb 2009 07:47:11 -0800 

Author: markt
Date: Wed Feb 25 15:46:46 2009
New Revision: 747834

URL: http://svn.apache.org/viewvc?rev=747834&view=rev
Log:
Fix possible NPE

Modified:
    tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
    tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java
    tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java

Modified: tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java?rev=747834&r1=747833&r2=747834&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/DataSourceRealm.java Wed Feb 25 
15:46:46 2009
@@ -270,8 +270,9 @@
      */
     public Principal authenticate(String username, String credentials) {
        
-       // No user - can't possibly authenticate, don't bother the database then
-       if (username == null) {
+       // No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+       if (username == null || credentials == null) {
                return null;
        }
         

Modified: tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java?rev=747834&r1=747833&r2=747834&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/JDBCRealm.java Wed Feb 25 
15:46:46 2009
@@ -393,9 +393,10 @@
                                                String username,
                                                String credentials) {
 
-        // No user - can't possibly authenticate
-        if (username == null) {
-            return (null);
+        // No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+        if (username == null || credentials == null) {
+            return null;
         }
 
         // Look up the user's credentials

Modified: tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java?rev=747834&r1=747833&r2=747834&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java (original)
+++ tomcat/trunk/java/org/apache/catalina/realm/MemoryRealm.java Wed Feb 25 
15:46:46 2009
@@ -147,7 +147,7 @@
         GenericPrincipal principal = principals.get(username);
 
         boolean validated = false;
-        if (principal != null) {
+        if (principal != null && credentials != null) {
             if (hasMessageDigest()) {
                 // Hex hashes should be compared case-insensitive
                 validated = (digest(credentials)



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to