You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cocoon.apache.org by "Antonio Fiol (JIRA)" <ji...@apache.org> on 2006/02/08 14:29:57 UTC
[jira] Created: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
[PATCH] AuthenticationContext: NullPointerException
---------------------------------------------------
Key: COCOON-1772
URL: http://issues.apache.org/jira/browse/COCOON-1772
Project: Cocoon
Type: Bug
Components: Blocks: Authentication Framework
Versions: 2.1.8
Reporter: Antonio Fiol
Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
We got a NullPointerException on AuthenticationContext.
Apparently, this.getState() is returning null.
We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Carsten Ziegeler (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/COCOON-1772?page=all ]
Carsten Ziegeler updated COCOON-1772:
-------------------------------------
Ok, I'll wait :)
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: http://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Type: Bug
> Components: Blocks: Authentication Framework
> Versions: 2.1.8
> Reporter: Antonio Fiol
> Assignee: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Jörg Heinicke (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-1772?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12462747 ]
Jörg Heinicke commented on COCOON-1772:
---------------------------------------
Antonio, the 2-3 weeks are over :)
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: https://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Issue Type: Bug
> Components: Blocks: Authentication Framework
> Affects Versions: 2.1.8
> Reporter: Antonio Fiol
> Assigned To: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Carsten Ziegeler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COCOON-1772?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler closed COCOON-1772.
------------------------------------
Resolution: Won't Fix
Close this bug for now
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: https://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Issue Type: Bug
> Components: Blocks: Authentication Framework
> Affects Versions: 2.1.8
> Reporter: Antonio Fiol
> Assigned To: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Carsten Ziegeler (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/COCOON-1772?page=all ]
Carsten Ziegeler reassigned COCOON-1772:
----------------------------------------
Assign To: Carsten Ziegeler
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: http://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Type: Bug
> Components: Blocks: Authentication Framework
> Versions: 2.1.8
> Reporter: Antonio Fiol
> Assignee: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Carsten Ziegeler (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/COCOON-1772?page=comments#action_12375687 ]
Carsten Ziegeler commented on COCOON-1772:
------------------------------------------
Yes, this makes sense, thanks!
I guess you're right that the incorrect code should be somewhere else. I'm wondering if this is due to the call of the flow script. Usually, the auth-protect action should set the state. The state is stored in a request attribute, so unless you're doing a redirect or something like that it should be available.
Would it be possible to provide a simple test case?
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: http://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Type: Bug
> Components: Blocks: Authentication Framework
> Versions: 2.1.8
> Reporter: Antonio Fiol
> Assignee: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Carsten Ziegeler (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/COCOON-1772?page=comments#action_12375540 ]
Carsten Ziegeler commented on COCOON-1772:
------------------------------------------
I think the code is correct (more or less - it would be better to throw a different exception as an NPE of course): Could it be, that you are storing the authentication context between requests and are accessing the context in a sub sequent request?
You should request a new authentication context within each request (this might not be documented though...) and only use this instance during this request.
Another possibility for this NPE might be that you are not authenticated for the current request, which means that the auth-protect action has not been invoked.
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: http://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Type: Bug
> Components: Blocks: Authentication Framework
> Versions: 2.1.8
> Reporter: Antonio Fiol
> Assignee: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Antonio Fiol (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/COCOON-1772?page=comments#action_12375708 ]
Antonio Fiol commented on COCOON-1772:
--------------------------------------
Yes, it should be possible, and it is noted on my to-do list. However, the list is long, so I don't think I can do it soon (est. 2-3 weeks). Please set this bug in a state according to this.
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: http://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Type: Bug
> Components: Blocks: Authentication Framework
> Versions: 2.1.8
> Reporter: Antonio Fiol
> Assignee: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Antonio Fiol (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/COCOON-1772?page=comments#action_12375608 ]
Antonio Fiol commented on COCOON-1772:
--------------------------------------
Our usage pattern is always the same:
We need authentication and authorization. We use Cocoon authentication framework for the former, and a custom flowscript function for the latter. Our sitemap goes more or less like this (I don't have the code right now, but I am pretty sure of the concept):
- Authentication handler is configured with a name, a redirect URI and an authentication URI, but with NO APPLICATION.
- Matchers for resources that should trigger A&A are URI wildcard matchers, and they all contain
- An auth-protect action, which contains
- A call function="authorization"
- There are corresponding matchers for the same URIs with a "protected/" prefix, in an internal-only="true" pipeline
- Function authorization:
- Gets the authentication context
- Checks if it is not null (null context would mean not logged in, so in this case we redirect to a "Not authorized" page, although this should never happen, and never happens, because all calls to the function are wrapped in auth-protect action)
- Obtains the XML from it (here we got the NPE)
- Does custom authorization procedure depending on the resource being accessed. This procedure does NOT involve any sendPageAndWait, sendForm or any other interaction with the user. It simply checks the resource being accessed ({0}) against the data in the obtained XML (which is never empty if the user is logged in).
- Redirects to either a "Not authorized" page or to the "protected/{0}" resource depending on the authorization procedure result.
With the attached patch, everything works as expected for us. Otherwise we simply cannot get the XML because of the NPE.
Maybe the reason of the NPE is not in that code fragment, and so the original code is correct, but there is incorrect code somewhere else, where the "state" is (not) set.
Does this make sense?
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: http://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Type: Bug
> Components: Blocks: Authentication Framework
> Versions: 2.1.8
> Reporter: Antonio Fiol
> Assignee: Carsten Ziegeler
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (COCOON-1772) [PATCH] AuthenticationContext:
NullPointerException
Posted by "Antonio Fiol (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/COCOON-1772?page=all ]
Antonio Fiol updated COCOON-1772:
---------------------------------
Attachment: AuthenticationContext.java.patch
I was not asked for the license grant when creating the issue, so I repost the attachment with it.
> [PATCH] AuthenticationContext: NullPointerException
> ---------------------------------------------------
>
> Key: COCOON-1772
> URL: http://issues.apache.org/jira/browse/COCOON-1772
> Project: Cocoon
> Type: Bug
> Components: Blocks: Authentication Framework
> Versions: 2.1.8
> Reporter: Antonio Fiol
> Attachments: AuthenticationContext.java.patch, AuthenticationContext.java.patch
>
> We got a NullPointerException on AuthenticationContext.
> Apparently, this.getState() is returning null.
> We did not investigate it any further, and supposed that a null RequestState means a null applicationName, which is reasonable as we have no "application" configured.
> Patched, and it works perfectly here.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira