Simple example produces NullPointerException in server logs when entering wrong
user/password
---------------------------------------------------------------------------------------------
Key: SEAMSECURITY-39
URL: https://issues.jboss.org/browse/SEAMSECURITY-39
Project: Seam Security
Issue Type: Bug
Affects Versions: 3.0.0.Beta2
Environment: JBoss AS 6
Reporter: Marek Schmidt
Priority: Minor
The "simple" example in examples/simple will produce NPE, because the
SimpleAuthenticator does not call setStatus(AuthenticationStatus.FAILURE) when
incorrect credentials are provided by the user. Since the example is also used
in the documentation, it probably teaches a bad practice of writing custom
authenticators.
The example and the docs should probably be updated to contain a call to
setStatus(AuthenticationStatus.FAILURE)
The exception from server logs:
16:52:26,901 ERROR [org.jboss.seam.security.IdentityImpl] Login failed:
java.lang.RuntimeException: java.lang.NullPointerException
at
org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:328)
[:3.0.0-SNAPSHOT]
at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:229)
[:3.0.0-SNAPSHOT]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[:1.6.0_18]
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
[:1.6.0_18]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[:1.6.0_18]
at java.lang.reflect.Method.invoke(Method.java:616) [:1.6.0_18]
at org.apache.el.parser.AstValue.invoke(AstValue.java:196)
[:6.0.0.Final]
at
org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
[:6.0.0.Final]
at
org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
[:6.0.0.Final]
at
org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56)
[:6.0.0.Final]
at
org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
[:6.0.0.Final]
at
org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56)
[:6.0.0.Final]
at
com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102)
[:2.0.3-]
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:84)
[:2.0.3-]
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:98)
[:2.0.3-]
at javax.faces.component.UICommand.broadcast(UICommand.java:311)
[:2.0.3-]
at
javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) [:2.0.3-]
at
javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246)
[:2.0.3-]
at
com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77)
[:2.0.3-]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
at
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) [:2.0.3-]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308)
[:2.0.3-]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324)
[:6.0.0.Final]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
[:6.0.0.Final]
at
org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67)
[:6.0.0.Final]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
[:6.0.0.Final]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
[:6.0.0.Final]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
[:6.0.0.Final]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
[:6.0.0.Final]
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181)
[:6.0.0.Final]
at
org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285)
[:1.1.0.Final]
at
org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261)
[:1.1.0.Final]
at
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88)
[:6.0.0.Final]
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100)
[:6.0.0.Final]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
[:6.0.0.Final]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[:6.0.0.Final]
at
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
[:6.0.0.Final]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[:6.0.0.Final]
at
org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53)
[:6.0.0.Final]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[:6.0.0.Final]
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
[:6.0.0.Final]
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654)
[:6.0.0.Final]
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951)
[:6.0.0.Final]
at java.lang.Thread.run(Thread.java:636) [:1.6.0_18]
Caused by: java.lang.NullPointerException
at
org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:311)
[:3.0.0-SNAPSHOT]
... 43 more
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
seam-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/seam-issues
