You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2017/02/06 09:04:04 UTC
[Bug 60694] New: Potential NullPointerException in
AuthenticatorBase.getJaspicProvider()
https://bz.apache.org/bugzilla/show_bug.cgi?id=60694
Bug ID: 60694
Summary: Potential NullPointerException in
AuthenticatorBase.getJaspicProvider()
Product: Tomcat 8
Version: 8.5.11
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: awilkinson@pivotal.io
Target Milestone: ----
AuthenticatorBase.getJaspicProvider() can throw a NullPointerException. The
code in question is:
AuthConfigFactory factory = AuthConfigFactory.getFactory();
provider = factory.getConfigProvider("HttpServlet", jaspicAppContextID, this);
The javadoc for AuthConfigFactory.getFactory() states that it returns:
The non-null system-wide AuthConfigFactory instance set at the time of the
call, or if that value was null, the value of the system-wide factory instance
established by this method. This method returns null when the system-wide
factory was not defined when this method was called and no default factory name
was defined via the security property.
When it returns null, a NullPointerException occurs:
java.lang.NullPointerException: null
at
org.apache.catalina.authenticator.AuthenticatorBase.getJaspicProvider(AuthenticatorBase.java:1192)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:465)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349)
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:798)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1434)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
This was originally reported against Spring Boot using embedded Tomcat when the
user also had javax:javaee-api on the classpath.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 60694] Potential NullPointerException in
AuthenticatorBase.getJaspicProvider()
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60694
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Thanks for the report.
Fixed in:
- trunk for 9.0.0.M18 onwards
- 8.5.x for 8.5.12 onwards
Earlier versions are not affected (no JASPIC support)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org