You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by co...@apache.org on 2017/07/04 15:37:35 UTC

syncope git commit: Make sure a null issuer is explicitly not allowed

Repository: syncope
Updated Branches:
  refs/heads/master c86fb4e63 -> bbf5b514b


Make sure a null issuer is explicitly not allowed


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/bbf5b514
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/bbf5b514
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/bbf5b514

Branch: refs/heads/master
Commit: bbf5b514b92cf37109e1a168a189014f1c570356
Parents: c86fb4e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 4 16:37:23 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 4 16:37:23 2017 +0100

----------------------------------------------------------------------
 .../core/logic/init/ClassPathScanImplementationLookup.java        | 1 -
 .../org/apache/syncope/core/spring/security/AuthDataAccessor.java | 3 +++
 2 files changed, 3 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/bbf5b514/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java b/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
index 1fa0043..fd2f1fb 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
@@ -29,7 +29,6 @@ import org.apache.syncope.common.lib.policy.AccountRuleConf;
 import org.apache.syncope.common.lib.policy.PasswordRuleConf;
 import org.apache.syncope.common.lib.report.ReportletConf;
 import org.apache.syncope.core.persistence.api.ImplementationLookup;
-import org.apache.syncope.core.persistence.api.ImplementationLookup.Type;
 import org.apache.syncope.core.persistence.api.attrvalue.validation.Validator;
 import org.apache.syncope.core.persistence.api.dao.AccountRule;
 import org.apache.syncope.core.persistence.api.dao.AccountRuleConfClass;

http://git-wip-us.apache.org/repos/asf/syncope/blob/bbf5b514/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index 1a425f3..402bfae 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -155,6 +155,9 @@ public class AuthDataAccessor {
             }
         }
 
+        if (issuer == null) {
+            throw new AuthenticationCredentialsNotFoundException("A null issuer is not permitted");
+        }
         JWTSSOProvider provider = jwtSSOProviders.get(issuer);
         if (provider == null) {
             throw new AuthenticationCredentialsNotFoundException(