Bugs item #638994, was opened at 2002-11-15 11:43
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=376685&aid=638994&group_id=22866
Category: JBossSOAP
Group: v3.0 Rabbit Hole
Status: Open
Resolution: None
Priority: 5
Submitted By: James Ogura (jogura)
Assigned to: Nobody/Anonymous (nobody)
Summary: jboss.net does not handle null passwords
Initial Comment:
Operating System: Windows 2K
JDK Version: 1.4.0_01
JBoss version: 3.0.4
In the case where a valid password maybe null and
exception is thrown (see stacktrace below).
The below is a patch that will fix this problem:
org.jboss.net.axis.server.JBossAuthenicationHandler
/** associates the call context with the given info */
protected Subject associate(Principal userPrincipal,
String passwd) {
// build passchars
char[] passChars = passwd != null ?
passwd.toCharArray() : null;
// pointer comparison, again
if (userPrincipal !=
NobodyPrincipal.NOBODY_PRINCIPAL) {
SecurityAssociation.setPrincipal(userPrincipal);
SecurityAssociation.setCredential(passChars);
} else {
// Jboss security does not like nobody:null
SecurityAssociation.setPrincipal(null);
SecurityAssociation.setCredential(null);
}
return authMgr.getActiveSubject();
}
StackTrace (fault):
AxisFault
faultCode: {http://xml.apache.org/axis/}
Server.userException
faultString: java.lang.NullPointerException
faultActor: null
faultDetail:
stackTrace: java.lang.NullPointerException
at
org.jboss.net.axis.server.JBossAuthenticationHandler.associ
ate(JBossAuthenticationHandler.java:127)
at
org.jboss.net.axis.server.JBossAuthenticationHandler.invoke
(JBossAuthenticationHandler.java:171)
at
org.apache.axis.strategies.InvocationStrategy.visit
(InvocationStrategy.java:71)
at org.apache.axis.SimpleChain.doVisiting
(SimpleChain.java:154)
at org.apache.axis.SimpleChain.invoke
(SimpleChain.java:121)
at org.apache.axis.server.AxisServer.invoke
(AxisServer.java:256)
at
org.apache.axis.transport.http.AxisServlet.doPost
(AxisServlet.java:543)
at javax.servlet.http.HttpServlet.service
(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service
(HttpServlet.java:853)
at org.mortbay.jetty.servlet.ServletHolder.handle
(ServletHolder.java:366)
at
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch
(WebApplicationHandler.java:293)
at org.mortbay.jetty.servlet.ServletHandler.handle
(ServletHandler.java:581)
at org.mortbay.http.HttpContext.handle
(HttpContext.java:1687)
at
org.mortbay.jetty.servlet.WebApplicationContext.handle
(WebApplicationContext.java:544)
at org.mortbay.http.HttpContext.handle
(HttpContext.java:1637)
at org.mortbay.http.HttpServer.service
(HttpServer.java:875)
at org.jboss.jetty.Jetty.service(Jetty.java:543)
at org.mortbay.http.HttpConnection.service
(HttpConnection.java:806)
at org.mortbay.http.HttpConnection.handleNext
(HttpConnection.java:956)
at org.mortbay.http.HttpConnection.handle
(HttpConnection.java:823)
at
org.mortbay.http.SocketListener.handleConnection
(SocketListener.java:203)
at org.mortbay.util.ThreadedServer.handle
(ThreadedServer.java:290)
at org.mortbay.util.ThreadPool$JobRunner.run
(ThreadPool.java:743)
at java.lang.Thread.run(Thread.java:536)
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=376685&aid=638994&group_id=22866
-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing
your web site with SSL, click here to get a FREE TRIAL of a Thawte
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
