You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by co...@apache.org on 2017/07/04 15:37:35 UTC
syncope git commit: Make sure a null issuer is explicitly not allowed
Repository: syncope
Updated Branches:
refs/heads/master c86fb4e63 -> bbf5b514b
Make sure a null issuer is explicitly not allowed
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/bbf5b514
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/bbf5b514
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/bbf5b514
Branch: refs/heads/master
Commit: bbf5b514b92cf37109e1a168a189014f1c570356
Parents: c86fb4e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 4 16:37:23 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 4 16:37:23 2017 +0100
----------------------------------------------------------------------
.../core/logic/init/ClassPathScanImplementationLookup.java | 1 -
.../org/apache/syncope/core/spring/security/AuthDataAccessor.java | 3 +++
2 files changed, 3 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/bbf5b514/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java b/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
index 1fa0043..fd2f1fb 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java
@@ -29,7 +29,6 @@ import org.apache.syncope.common.lib.policy.AccountRuleConf;
import org.apache.syncope.common.lib.policy.PasswordRuleConf;
import org.apache.syncope.common.lib.report.ReportletConf;
import org.apache.syncope.core.persistence.api.ImplementationLookup;
-import org.apache.syncope.core.persistence.api.ImplementationLookup.Type;
import org.apache.syncope.core.persistence.api.attrvalue.validation.Validator;
import org.apache.syncope.core.persistence.api.dao.AccountRule;
import org.apache.syncope.core.persistence.api.dao.AccountRuleConfClass;
http://git-wip-us.apache.org/repos/asf/syncope/blob/bbf5b514/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index 1a425f3..402bfae 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -155,6 +155,9 @@ public class AuthDataAccessor {
}
}
+ if (issuer == null) {
+ throw new AuthenticationCredentialsNotFoundException("A null issuer is not permitted");
+ }
JWTSSOProvider provider = jwtSSOProviders.get(issuer);
if (provider == null) {
throw new AuthenticationCredentialsNotFoundException(