Michael Vorburger created FINERACT-1146:
-------------------------------------------
Summary: NPE at String.replace() at
TenantAwareBasicAuthenticationFilter
Key: FINERACT-1146
URL: https://issues.apache.org/jira/browse/FINERACT-1146
Project: Apache Fineract
Issue Type: Bug
Components: Security
Reporter: Michael Vorburger
While exploring FINERACT-1145 for FINERACT-726, I've found that invoking
{{/fineract-provider/api/oauth/token}} without {{{{-Psecurity=oauth}}}} causes
an HTTP 500 Internal Server Error due to:
{noformat}SEVERE: Servlet.service() for servlet [dispatcherServlet] in context
with path [/fineract-provider]
threw exception
java.lang.NullPointerException
at java.base/java.lang.String.replace(String.java:2142)
at
org.apache.fineract.infrastructure.security.filter.TenantAwareBasicAuthenticationFilter.doFilterInternal(TenantAwareBasicAuthenticationFilter.java:131)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119){noformat}
Perhaps we could handle this more gracefully and return a better error
(400-ish?) to the client.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
