You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/07/11 11:11:57 UTC
[2/2] directory-kerby git commit: Another NPE if the audience is not
set
Another NPE if the audience is not set
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/08129710
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/08129710
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/08129710
Branch: refs/heads/trunk
Commit: 08129710af4c5139197489742d2a09c2fc32817f
Parents: e519217
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 11 11:55:14 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 11 11:55:14 2017 +0100
----------------------------------------------------------------------
.../kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/08129710/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
index aefee74..e508023 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
@@ -112,7 +112,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
PrincipalName serverPrincipal = kdcRequest.getKdcReq().getReqBody().getSname();
serverPrincipal.setRealm(kdcRequest.getKdcReq().getReqBody().getRealm());
kdcRequest.setServerPrincipal(serverPrincipal);
- if (!audiences.contains(serverPrincipal.getName())) {
+ if (audiences == null || !audiences.contains(serverPrincipal.getName())) {
throw new KrbException("The token audience does not match with the target server principal!");
}
kdcRequest.setToken(authToken);