Hi Rob - Thank you for your contribution here. I would suggest that you do a couple things to move forward:
1. File a JIRA for the NPE with a description of the problem and attach a patch 2. subscribe to the dev@ list - I had to approve the review board email After a quick review, I think that the check for a missing Subject is exactly right. However, there are probably other ways to end up in that state than having the authcBasic parameter missing. Very explicit error messages can be misleading if the conditions that cause the state can vary. A more generic message and exception that eliminates the NPE would be great. Thanks again! --larry On Mon, Jun 5, 2017 at 6:06 AM, Rob Vesse <[email protected]> wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/59802/ > ----------------------------------------------------------- > > Review request for Knox. > > > Repository: knox > > > Description > ------- > > When Shiro provider is used if the user doesn't enable authentication or > enables anonymous authentication then Knox will hit an NPE because it > assumes the Shiro Subject is populated. This commit adds a check and > adds a specific error message which indicates what the problem is and > how to fix it > > > Diffs > ----- > > gateway-provider-security-shiro/src/main/java/org/ > apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java 705430c4 > > > Diff: https://reviews.apache.org/r/59802/diff/1/ > > > Testing > ------- > > > Thanks, > > Rob Vesse > >
