You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2017/06/09 14:25:18 UTC

[jira] [Commented] (KNOX-966) NPE when Shiro is misconfigured

    [ https://issues.apache.org/jira/browse/KNOX-966?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16044492#comment-16044492 ] 

Larry McCay commented on KNOX-966:
----------------------------------

[~rvesse] - thank you for the contribution.
I will get it reviewed and committed shortly.

I am curious about your description above though and would like some more details.
When you say "if the user doesn't enable authentication or
enables anonymous authentication" do you mean adding specific Shiro configuration to do that?

The reason that I ask is the fix is specific to Shiro provider - so if you don't use Shiro then it isn't engaged and we have a separate Anonymous authentication provider.

> NPE when Shiro is misconfigured
> -------------------------------
>
>                 Key: KNOX-966
>                 URL: https://issues.apache.org/jira/browse/KNOX-966
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 0.12.0
>            Reporter: Rob Vesse
>             Fix For: 0.13.0
>
>         Attachments: KNOX-966.patch
>
>
> When Shiro provider is used if the user doesn't enable authentication or
> enables anonymous authentication then Knox will hit an NPE because it
> assumes the Shiro Subject is populated.  This commit adds a check and
> adds a specific error message which indicates that there is a problem and
> what configuration to check



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)