Github user HeartSaVioR commented on a diff in the pull request:
https://github.com/apache/storm/pull/2656#discussion_r186308063
--- Diff:
storm-client/src/jvm/org/apache/storm/security/auth/authorizer/SimpleACLAuthorizer.java
---
@@ -129,7 +129,7 @@ public void prepare(Map<String, Object> conf) {
*/
@Override
public boolean permit(ReqContext context, String operation,
Map<String, Object> topoConf) {
- String principal = context.principal().getName();
+ String principal = context.principal() != null ?
context.principal().getName() : null;
--- End diff --
I'm not sure when `context.principal()` is being null, but leaving as null
could possibly incur another NPE. If it is a really bad case, better not to
permit with (maybe) log message.
@revans2 What do you think?
---
