[ https://issues.apache.org/jira/browse/FTPSERVER-183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Latorre updated FTPSERVER-183: ------------------------------------ Description: I suppose that as a result of the change in the strategy to encrypt passwords in DBUserManager, getUserByName() -called by the authenticate() method - returns an User object with the password field unset. When trying to use the "save" method , this line throws a NullPointerException map.put(ATTR_PASSWORD, escapeString(passwordEncryptor.encrypt(user.getPassword()))); My reason to use this method is that I call DBUserManager.save() to update the user in the database with last-login information. I'm providing a patch although maybe there's a more elegant solution. The same modification is done in PropertiesUserManager for coherence. Important Note: with my provided path , the user's password should not be included in the WHERE query of "updateStatement" as there's a chance that for a PasswordEncryptor, the result of passwordEncryptor.encrypt is not the same as the stored password even if matches() returns true. was: I suppose that as a result of the change in the strategy to encrypt passwords in DBUserManager, getUserByName() -called by the authenticate() method - returns an User object with the password field unset. When trying to use the "save" method , this line throws a NullPointerException map.put(ATTR_PASSWORD, escapeString(passwordEncryptor.encrypt(user.getPassword()))); I'm providing a patch although maybe there's a more elegant solution. Summary: DBUserManager and PropertiesUserManager are not storing the password in the User object after in "authenticate()" (was: DBUserManager is not storing the password in the User object) > DBUserManager and PropertiesUserManager are not storing the password in the > User object after in "authenticate()" > ------------------------------------------------------------------------------------------------------------------ > > Key: FTPSERVER-183 > URL: https://issues.apache.org/jira/browse/FTPSERVER-183 > Project: FtpServer > Issue Type: Bug > Components: Core > Affects Versions: 1.0-M4 > Reporter: David Latorre > Priority: Minor > Attachments: UserManagers.patch > > > I suppose that as a result of the change in the strategy to encrypt passwords > in DBUserManager, getUserByName() -called by the authenticate() method - > returns an User object with the password field unset. > When trying to use the "save" method , this line throws a > NullPointerException > map.put(ATTR_PASSWORD, > escapeString(passwordEncryptor.encrypt(user.getPassword()))); > My reason to use this method is that I call DBUserManager.save() to update > the user in the database with last-login information. > I'm providing a patch although maybe there's a more elegant solution. The > same modification is done in PropertiesUserManager for coherence. > Important Note: with my provided path , the user's password should not be > included in the WHERE query of "updateStatement" as there's a chance that for > a PasswordEncryptor, the result of passwordEncryptor.encrypt is not the > same as the stored password even if matches() returns true. > > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.