You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2015/09/15 18:31:47 UTC

[jira] [Updated] (OAK-3302) ExternalLoginModule:193 can never be reached

     [ https://issues.apache.org/jira/browse/OAK-3302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

angela updated OAK-3302:
------------------------
    Component/s:     (was: auth-ldap)

> ExternalLoginModule:193 can never be reached
> --------------------------------------------
>
>                 Key: OAK-3302
>                 URL: https://issues.apache.org/jira/browse/OAK-3302
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: auth-external
>    Affects Versions: 1.2.2
>         Environment: AEM 6.1
>            Reporter: Thorsten Biegner
>            Priority: Minor
>
> Starting at line 193 in Version 1.2.2 which shipped with AEM 6.1 this code can never be reached.
> https://github.com/apache/jackrabbit-oak/blob/jackrabbit-oak-1.2.2/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java#L189
>  sId = syncHandler.findIdentity(userMgr, userId);
> // if there exists an authorizable with the given userid but is
>  // not an external one or if it belongs to another IDP, we just ignore it.
> if (sId != null) {
> Line 193      ExternalIdentityRef externalIdRef = sId.getExternalIdRef();
>                     if (externalIdRef == null) {
> Because when no ExternalReference is present sId will be null.
> See https://github.com/apache/jackrabbit-oak/blob/jackrabbit-oak-1.2.2/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandler.java#L187
> Instead of being null it should return a SyncedIdentity with the ExternalIdRef set to null.
> As far as I can see the same bug still exists in the current trunk see
> https://github.com/apache/jackrabbit-oak/blob/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java#L193
> and
> https://github.com/apache/jackrabbit-oak/blob/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java#L120



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)