You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/07/11 11:11:56 UTC
[1/2] directory-kerby git commit: NPE fix if there are no audiences
in the token
Repository: directory-kerby
Updated Branches:
refs/heads/trunk 0e3234bca -> 08129710a
NPE fix if there are no audiences in the token
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/e5192177
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/e5192177
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/e5192177
Branch: refs/heads/trunk
Commit: e519217727625f0e4557a04b29af36b40c18e69b
Parents: 0e3234b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 11 11:25:43 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 11 11:25:43 2017 +0100
----------------------------------------------------------------------
.../java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e5192177/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
index beb5ffb..d1637b5 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/type/base/KrbToken.java
@@ -103,7 +103,7 @@ public class KrbToken extends KrbTokenBase implements AuthToken {
*/
public void setTokenType() {
List<String> audiences = this.innerToken.getAudiences();
- if (audiences.size() == 1 && audiences.get(0).startsWith(KrbConstant.TGS_PRINCIPAL)) {
+ if (audiences != null && audiences.size() == 1 && audiences.get(0).startsWith(KrbConstant.TGS_PRINCIPAL)) {
isIdToken(true);
} else {
isAcToken(true);
[2/2] directory-kerby git commit: Another NPE if the audience is not
set
Posted by co...@apache.org.
Another NPE if the audience is not set
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/08129710
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/08129710
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/08129710
Branch: refs/heads/trunk
Commit: 08129710af4c5139197489742d2a09c2fc32817f
Parents: e519217
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 11 11:55:14 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 11 11:55:14 2017 +0100
----------------------------------------------------------------------
.../kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/08129710/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
index aefee74..e508023 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
@@ -112,7 +112,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
PrincipalName serverPrincipal = kdcRequest.getKdcReq().getReqBody().getSname();
serverPrincipal.setRealm(kdcRequest.getKdcReq().getReqBody().getRealm());
kdcRequest.setServerPrincipal(serverPrincipal);
- if (!audiences.contains(serverPrincipal.getName())) {
+ if (audiences == null || !audiences.contains(serverPrincipal.getName())) {
throw new KrbException("The token audience does not match with the target server principal!");
}
kdcRequest.setToken(authToken);