Hi,
Is there any particular reason for hiding some exceptions
in OAuthServerConfiguration class? For an example,
* public List<ClientAuthenticationHandler>
getSupportedClientAuthHandlers() {*
* if (supportedClientAuthHandlers == null) {*
* synchronized (this) {*
* if (supportedClientAuthHandlers == null) {*
* supportedClientAuthHandlers = new
ArrayList<ClientAuthenticationHandler>();*
* for (String entry :
supportedClientAuthHandlerClassNames) {*
* ClientAuthenticationHandler
clientAuthenticationHandler = null;*
* try {*
* clientAuthenticationHandler =
(ClientAuthenticationHandler) Class.forName(entry).newInstance();*
* clientAuthenticationHandler.init();*
* } catch (InstantiationException e) {*
* log.error("Error instantiating " + entry);*
* } catch (IllegalAccessException e) {*
* log.error("Illegal access to " + entry);*
* } catch (ClassNotFoundException e) {*
* log.error("Cannot find class: " + entry);*
* } catch (IdentityOAuth2Exception e) {*
* log.error("Error while initializing " +
entry);*
* }*
*
supportedClientAuthHandlers.add(clientAuthenticationHandler);*
* }*
* }*
* }*
* }*
* return supportedClientAuthHandlers;*
* }*
Returned *supportedClientAuthHandlers *has a potential of
a NullPointerException in run time.
--
Best Regards,
Nuwandi Wickramasinghe
Software Engineer
WSO2 Inc.
Web : http://wso2.com
Mobile : 0719214873
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
