[
https://issues.apache.org/jira/browse/ROL-1167?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Glen Mazza reassigned ROL-1167:
-------------------------------
Assignee: Glen Mazza (was: Roller Unassigned)
> Authentication failure in Atom API leads to NullPointerException in
> RollerAtomHandler
> -------------------------------------------------------------------------------------
>
> Key: ROL-1167
> URL: https://issues.apache.org/jira/browse/ROL-1167
> Project: Roller
> Issue Type: Bug
> Components: Web Services
> Affects Versions: 2.3
> Environment: All
> Reporter: Padraig O hIceadha
> Assignee: Glen Mazza
> Priority: Minor
> Attachments: ASF.LICENSE.NOT.GRANTED--patchfile.txt,
> ASF.LICENSE.NOT.GRANTED--RollerAtomHandler.java
>
>
> If an incorrect username or password is used ehen e.g. posting a new entry
> via the Atom API instead of getting a 401 error (Unauthorized) you get a 500
> server error because of a NullPOinterException in RollerAtomHandler.
> RollerAtomHandler#getAuthenticatedUsername was not checking if this.user was
> null.
> The patch for my proposed fix is below :
> Index: RollerAtomHandler.java
> ===================================================================
> --- RollerAtomHandler.java (revision 414838)
> +++ RollerAtomHandler.java (working copy)
> @@ -121,6 +121,9 @@
> * Return weblogHandle of authenticated user or null if there is none.
> */
> public String getAuthenticatedUsername() {
> + if (this.user == null) {
> + return null;
> + }
> return this.user.getUserName();
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
