You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Valentin Erastov <xi...@gmail.com> on 2009/07/14 06:26:20 UTC
SimpleAccountRealm.doGetAuthenticationInfo and NullPointerException
Hello,
Problem in JSecurity 0.9
I use PropertiesRealm, wich configure in web.xml
[main]
cacheManager = org.jsecurity.cache.HashtableCacheManager
realm = org.jsecurity.realm.text.PropertiesRealm
realm.resourcePath = classpath:users.properties
realm.cacheManager = $cacheManager
securityManager = org.jsecurity.web.DefaultWebSecurityManager
securityManager.realm = $realm
[filters]
jsecurity.loginUrl = /jsec/login
[urls]
/jsec/login = authc
/account/** = authc
/remoting/** = authc, roles[b2bClient], perms[remote:invoke:"lan,wan"]
When I try login with non existing username, I get NullPointerException at
org.jsecurity.realm.SimpleAccountRealm.doGetAuthenticationInfo(SimpleAccountRealm.java:143)
Problem in this place
SimpleAccount account = (SimpleAccount)
getAuthorizationCache().get(upToken.getUsername());
if (account.isLocked()) {....
Why no check to null for account and throw UnknownAccountException?
SimpleAccount account = (SimpleAccount)
getAuthorizationCache().get(upToken.getUsername());
if (account == null) {
throw new UnknownAccountException();
}
if (account.isLocked()) {....