[
https://issues.apache.org/jira/browse/KNOX-1152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16486572#comment-16486572
]
Larry McCay commented on KNOX-1152:
-----------------------------------
I've moved this out since I can't really reproduce it either. Since we have
made the Default identity assertion provider be default when there isn't one
configured this may not be an issue anymore.
However, I am not closing it since the description says that the NPE is
occurring in the CommonIdentityAssertionFilter. This implies pretty strongly
that there was an identity assertion provider in place.
> Guard Against Missing Subject in Identity Assertion
> ---------------------------------------------------
>
> Key: KNOX-1152
> URL: https://issues.apache.org/jira/browse/KNOX-1152
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.11.0, 0.12.0, 0.13.0, 0.14.0
> Reporter: Rick Kellogg
> Assignee: Larry McCay
> Priority: Minor
> Fix For: 1.2.0
>
> Attachments: KNOX-1152B.patch
>
>
> Within the CommonIdentityAssertionFilter class, it is possible the evaluation
> of the Subject can return null. A check should be added for this, error
> logged and IllegalStateException exception thrown.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
