You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Sergey Beryozkin (JIRA)" <ji...@apache.org> on 2014/12/12 18:11:13 UTC
[jira] [Resolved] (CXF-6153) OAuthRequestFilter throws
NullPointerException when "Authorization" header is missing
[ https://issues.apache.org/jira/browse/CXF-6153?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sergey Beryozkin resolved CXF-6153.
-----------------------------------
Resolution: Fixed
Fix Version/s: 2.7.15
3.0.4
3.1.0
Assignee: Sergey Beryozkin
> OAuthRequestFilter throws NullPointerException when "Authorization" header is missing
> -------------------------------------------------------------------------------------
>
> Key: CXF-6153
> URL: https://issues.apache.org/jira/browse/CXF-6153
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Affects Versions: 3.0.2
> Reporter: Michal Sabo
> Assignee: Sergey Beryozkin
> Fix For: 3.1.0, 3.0.4, 2.7.15
>
>
> OAuthRequestFilter, when validating a request, is calling the AuthorizationUtils.getAuthorizationParts method to get the actual authorization for current request. A List of headers with name "Authorization" is requested and since HttpHeadersImpl do not longer returns empty list but null, a NullPointerException is thrown.
> Part of the exception:
> java.lang.NullPointerException
> at org.apache.cxf.rs.security.oauth2.utils.AuthorizationUtils.getAuthorizationParts(AuthorizationUtils.java:76)
> at org.apache.cxf.rs.security.oauth2.utils.AuthorizationUtils.getAuthorizationParts(AuthorizationUtils.java:69)
> at org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter.getAuthorizationParts(OAuthRequestFilter.java:227)
> at org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter.validateRequest(OAuthRequestFilter.java:83)
> at org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter.filter(OAuthRequestFilter.java:72)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)