You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Valentin Valchev (JIRA)" <ji...@apache.org> on 2015/08/07 10:16:45 UTC
[jira] [Updated] (FELIX-4995) NPE when updating Apache Felix OSGi
Management Console configuration without a password
[ https://issues.apache.org/jira/browse/FELIX-4995?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Valentin Valchev updated FELIX-4995:
------------------------------------
Affects Version/s: (was: webconsole-4.2.8)
webconsole-4.2.10
> NPE when updating Apache Felix OSGi Management Console configuration without a password
> ---------------------------------------------------------------------------------------
>
> Key: FELIX-4995
> URL: https://issues.apache.org/jira/browse/FELIX-4995
> Project: Felix
> Issue Type: Bug
> Components: Web Console
> Affects Versions: webconsole-4.2.10
> Reporter: Valentin Valchev
> Assignee: Valentin Valchev
> Fix For: webconsole-4.2.12
>
>
> The following exception occurs, when you try to save the webconsole configuration from the web console config plugin:
> {code}
> java.lang.NullPointerException
> java.security.MessageDigest$Delegate(java.security.MessageDigest).update(byte[]) line: 293
> java.security.MessageDigest$Delegate(java.security.MessageDigest).digest(byte[]) line: 368
> org.apache.felix.webconsole.internal.servlet.Password.hashPassword(byte[], java.lang.String) line: 178
> org.apache.felix.webconsole.internal.servlet.Password.hashPassword(java.lang.String, byte[]) line: 118
> org.apache.felix.webconsole.internal.servlet.Password.hashPassword(java.lang.String) line: 77
> {code}
> The implementation obviously expects password to be always set.
> However initially the configuration doesn't exist and when you create it with web console, the password is not set yet.
> However, if you do not edit the password in the configuration dialog, it is set to a PASSWORD_PLACEHOLDER_VALUE = "unmodifed".
> Then the following code becomes the reason of the problem, because of the incorrect assumption:
> {code}
> // assumption: config is not null and as a non-null password String property
> final String pwd = ( String ) config.get( OsgiManager.PROP_PASSWORD );
> final String hashedPassword = Password.hashPassword( pwd );
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)