mike-jumper opened a new pull request #537:
URL: https://github.com/apache/guacamole-client/pull/537
The SAML authentication implementation currently contains an incorrect
`null` check:
```java
// Grab the username, and, if present, finish authentication.
String username = samlResponse.getNameId().toLowerCase();
if (username != null) {
...
}
```
The intent is clearly to only move forward with using the Name ID as the
username if it's present in the response, but that check would need to be
performed on the result of `getNameId()` prior to invoking `toLowerCase()`.
As-is, the lack of username in the SAML response will produce a
`NullPointerException`.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
