You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Alan Cabrera (JIRA)" <ji...@apache.org> on 2009/03/06 14:59:56 UTC

[jira] Moved: (KI-9) SimpleAccountRealm fails with NPE

     [ https://issues.apache.org/jira/browse/KI-9?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alan Cabrera moved JSEC-51 to KI-9:
-----------------------------------

        Fix Version/s:     (was: 1.0)
          Component/s:     (was: Authentication (log-in))
    Affects Version/s:     (was: 1.0)
                  Key: KI-9  (was: JSEC-51)
              Project: Ki  (was: JSecurity)

> SimpleAccountRealm fails with NPE
> ---------------------------------
>
>                 Key: KI-9
>                 URL: https://issues.apache.org/jira/browse/KI-9
>             Project: Ki
>          Issue Type: Bug
>         Environment: java 1.6 standalone
>            Reporter: Csaba Nemeth
>            Assignee: Jeremy Haile
>
> Testing a simple example based on the Quickstart.java, using DefaultSecurityManager and PropertiesRealm with default user properties would successfully login users listed in the properties file, but fails with NPE on invalid usernames.
> I get NPE from SimpleAccountRealm.doGetAuthenticationInfo(AuthenticationToken token) method at this location:
>         if (account.isLocked()) {
>             throw new LockedAccountException("Account [" + account + "] is locked.");
>         }
> The variable account is null - as so it should be since it is not in the authorizationCache. I was testing for the behaviour when unknown users are trying to login.
> Seemingly a null test and return null would fix this issue, as the caller AuthenticationRealm.getAuthenticationInfo(AuthenticationToken token)  handles null return values.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.