angela created OAK-8231:
---------------------------
Summary: Unreachable code in LoginModuleImpl.getLoginId
Key: OAK-8231
URL: https://issues.apache.org/jira/browse/OAK-8231
Project: Jackrabbit Oak
Issue Type: Bug
Components: core, security
Reporter: angela
[~stillalex], as discussed today it seems that the following block in
{{LoginModuleImpl.getLoginId}} can never be reached
{code}
[... here if-statements for 3 types of supported credentials...]
else {
try {
NameCallback callback = new NameCallback("User-ID: ");
callbackHandler.handle(new Callback[] { callback });
uid = callback.getName();
} catch (IOException | UnsupportedCallbackException e) {
onError();
log.error(e.getMessage(), e);
}
}
{code}
the reason for this: that block resides inside an if-statement verifying that
{{credentials}} are not null. if credentials are not null they will be any of
the supported classes according to the implementation of {{getCredentials}},
which will return null if none of the credentials extracted from
subject/callback/sharedstate is supported.
as discussed the safest way to deal with this is probably to get rid of that
block altogether. let me know if you have any concern with that approach.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
