https://bz.apache.org/bugzilla/show_bug.cgi?id=62142
Bug ID: 62142
Summary: NullPointerException in Request.logout()
Product: Tomcat 8
Version: 8.5.28
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ----
I'm not sure yet whether I have some type of misconfiguration which triggers
this error, but I'm pretty confident that this is a bug in the Tomcat code
either way.
Line 2767 in org.apache.catalina.connector.Request.logout() throws a
NullPointerException when Context.getAuthenticator() returns is null. I believe
that this is inappropriate, a null check should be performed, per the Javadoc
for org.apache.catalina.Context.getAuthenticator():
/**
* @return the {@link Authenticator} that is used by this context or
* <code>null</code> if none is used.
*/
If null is a valid return value per the API contract, then any calling code
should probably do a null check rather than throwing an NPE. There are null
checks elsewhere in org.apache.catalina.connector.Request, they simply throw
new ServletException("no authenticator").
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
