[
https://issues.apache.org/jira/browse/SLING-8711?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16935116#comment-16935116
]
Eric Norman commented on SLING-8711:
------------------------------------
[~cziegeler] Well, ok then. I guess the details are in a black box that you
can't share?
I was mostly interested in whether the login failures were from a real world
scenario that may happen in a production sling deployment. If there are
circumstances where a real end user login attempt may fail without any details
about who the user was, then I was curious if that was expected/normal or some
symptom of something going wrong elsewhere.
I guess I'll be forced to just take your word for it...
> NPE when auth failed event is sent
> ----------------------------------
>
> Key: SLING-8711
> URL: https://issues.apache.org/jira/browse/SLING-8711
> Project: Sling
> Issue Type: Bug
> Components: Authentication
> Affects Versions: Auth Core 1.4.4
> Reporter: Carsten Ziegeler
> Assignee: Carsten Ziegeler
> Priority: Blocker
> Fix For: Auth Core 1.4.6
>
>
> Some auth info might be null when the authentication failed which then
> results in an NPE when sending the event:
> java.lang.NullPointerException
> at java.util.Hashtable.put(Hashtable.java:460)
> at
> org.apache.sling.auth.core.impl.SlingAuthenticator.postLoginFailedEvent(SlingAuthenticator.java:1541)
> at
> org.apache.sling.auth.core.impl.SlingAuthenticator.getResolver(SlingAuthenticator.java:840)
> at
> org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:518)
> at
> org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:462)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
