Greetings, While debugging my Kerberos woes, I think I have identified an issue. I have enabled the default identity-assertion provider which uses CommonIdentityAssertionFilter. Within the doFilter method this calls evaluates the Subject:
Subject subject = Subject.getSubject(AccessController.getContext()); In my case, the subject is null and subsequent call to determine the principalName cause a NullPointerException. Can/should we add a check for null after the line above? I just don't know the correct behavior. Do we throw another exception or simply set mappedPrincipalName and groups to null? Thoughts? Rick Kellogg
