[jira] [Work logged] (KNOX-2651) NPE when token value is missing

Mon, 30 Aug 2021 03:18:06 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-2651?focusedWorklogId=643374&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-643374
 ]

ASF GitHub Bot logged work on KNOX-2651:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 30/Aug/21 10:17
            Start Date: 30/Aug/21 10:17
    Worklog Time Spent: 10m 
      Work Description: zeroflag opened a new pull request #487:
URL: https://github.com/apache/knox/pull/487


   ## What changes were proposed in this pull request?
   
   There can be a NPE when there is a space between the username and password.
   
   ## How was this patch tested?
   
   ```
   $ curl -vvv -iku Token: xxxx 
https://localhost:8443/gateway/sandbox/webhdfs/v1/?op=LISTSTATUS
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

            Worklog Id:     (was: 643374)
    Remaining Estimate: 0h
            Time Spent: 10m

> NPE when token value is missing
> -------------------------------
>
>                 Key: KNOX-2651
>                 URL: https://issues.apache.org/jira/browse/KNOX-2651
>             Project: Apache Knox
>          Issue Type: Task
>            Reporter: Attila Magyar
>            Assignee: Attila Magyar
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> This happens when one accidentally puts a space between the user and password.
> {code:java}
> $ curl -vvv -iku Token: xxxxxxx 
> https://localhost:8443/gateway/sandbox/webhdfs/v1/?op=LISTSTATUS {code}
>  
> {code:java}
> Caused by: java.lang.NullPointerException
>     at com.nimbusds.jose.JOSEObject.split(JOSEObject.java:214)
>     at com.nimbusds.jwt.SignedJWT.parse(SignedJWT.java:110)
>     at 
> org.apache.knox.gateway.services.security.token.impl.JWTToken.<init>(JWTToken.java:55)
>     at 
> org.apache.knox.gateway.provider.federation.jwt.filter.JWTFederationFilter.doFilter(JWTFederationFilter.java:135)
>     at 
> org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:348)
>     at 
> org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:262)
>     at 
> org.apache.knox.gateway.filter.XForwardedHeaderFilter.doFilter(XForwardedHeaderFilter.java:50)
>     at 
> org.apache.knox.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:58)
>     ... 54 more {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to