[
https://issues.apache.org/jira/browse/SOLR-13905?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16975151#comment-16975151
]
Jan Høydahl commented on SOLR-13905:
------------------------------------
Please see [GitHub Pull Request
#1014|https://github.com/apache/lucene-solr/pull/1014] for the fix. I did not
manage to reproduce the original NPE in {{findRequestType()}} in unit tests,
since Jetty seems to behave differently in our tests and real life wrt what
part of URL goes into servletPath and pathInfo in {{httpRequest}}. But I both
added an explicit null check in that method as well as a safe way to construct
the "resource" string that gets audit-logged. Also in the PR is an optimization
of regex matching in the {{findRequestType()}} method and detection of some
more ADMIN paths.
I'll commit on Tuesday Nov 19th. Reviews welcome.
> Nullpointer exception in AuditEvent
> -----------------------------------
>
> Key: SOLR-13905
> URL: https://issues.apache.org/jira/browse/SOLR-13905
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Auditlogging
> Affects Versions: 8.3
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Priority: Major
> Fix For: 8.4, 8.3.1
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Nullpointer exception in AuditEvent for events with HttpServletRequest as
> input. Happens when {{getPathInfo()}} returns null, which was not caught by
> current tests. This causes the whole request to fail, rendering the audit
> service unusable.
> The nullpointer is experienced in the {{findRequestType()}} method when
> performing pattern match on the resource (path).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
