Bugs item #1014373, was opened at 2004-08-23 07:25
Message generated for change (Comment added) made by starksm
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=376685&aid=1014373&group_id=22866
Category: JBossSX
Group: v3.2
>Status: Closed
>Resolution: Fixed
Priority: 5
Submitted By: Johan Hammar (daemon23)
Assigned to: Scott M Stark (starksm)
Summary: NPE in JBossSecurityMgrRealm.getCachingPrincpal()
Initial Comment:
When the CallerPrincipal is not a descendant of
SimplePrincipal and implements it's own hashCode() and
equals() methods in a different way than SimplePrincipal,
a NPE is thrown in
JBossSecurityMgrRealm.getCachingPrincpal().
The reason to this is that TimedCachePolicy uses an
internal HashMap where in which it uses the incoming
Principal objects as keys and trusts their hashCode()
and equals() implementations to be compatible with the
implementations of SimplePrincipal.
Nothing is stated about the requirements about the
hashcode() and equals() implementation in the
java.security.Principal interface documentation so it
should not be trusted.
Here is the stacktrace of the NPE
java.lang.NullPointerException
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.ge
tCachingPrincpal(JBossSecurityMgrRealm.java:459)
at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.au
thenticate(JBossSecurityMgrRealm.java:286)
at
org.apache.catalina.authenticator.BasicAuthenticator.aut
henticate(BasicAuthenticator.java:129)
at
org.apache.catalina.authenticator.AuthenticatorBase.inv
oke(AuthenticatorBase.java:504)
at
org.apache.catalina.core.StandardValveContext.invokeNe
xt(StandardValveContext.java:102)
at
org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:520)
at
org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:137)
at
org.apache.catalina.core.StandardValveContext.invokeNe
xt(StandardValveContext.java:104)
at
org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:117)
at
org.apache.catalina.core.StandardValveContext.invokeNe
xt(StandardValveContext.java:102)
at
org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.in
voke(CachedConnectionValve.java:92)
at
org.apache.catalina.core.StandardValveContext.invokeNe
xt(StandardValveContext.java:102)
at
org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:520)
at
org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:109)
at
org.apache.catalina.core.StandardValveContext.invokeNe
xt(StandardValveContext.java:104)
at
org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:520)
at
org.apache.catalina.core.ContainerBase.invoke
(ContainerBase.java:929)
at
org.apache.coyote.tomcat5.CoyoteAdapter.service
(CoyoteAdapter.java:160)
at
org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:799)
at
org.apache.coyote.http11.Http11Protocol$Http11Connec
tionHandler.processConnection(Http11Protocol.java:705)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt
(PoolTcpEndpoint.java:577)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunna
ble.run(ThreadPool.java:683)
at java.lang.Thread.run(Unknown Source)
/Johan Hammar
----------------------------------------------------------------------
>Comment By: Scott M Stark (starksm)
Date: 2004-08-23 14:07
Message:
Logged In: YES
user_id=175228
Its not clear this is due to the princpal equals/hashCode
implementation. There was an expectation that an
authenticated user has associated roles and if this was not
the case the NPE resulted. The NPE has been addressed.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=376685&aid=1014373&group_id=22866
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
JBoss-Development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
