You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/07/11 11:11:57 UTC

[2/2] directory-kerby git commit: Another NPE if the audience is not set

Another NPE if the audience is not set


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/08129710
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/08129710
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/08129710

Branch: refs/heads/trunk
Commit: 08129710af4c5139197489742d2a09c2fc32817f
Parents: e519217
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 11 11:55:14 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 11 11:55:14 2017 +0100

----------------------------------------------------------------------
 .../kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/08129710/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
index aefee74..e508023 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
@@ -112,7 +112,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
             PrincipalName serverPrincipal = kdcRequest.getKdcReq().getReqBody().getSname();
             serverPrincipal.setRealm(kdcRequest.getKdcReq().getReqBody().getRealm());
             kdcRequest.setServerPrincipal(serverPrincipal);
-            if (!audiences.contains(serverPrincipal.getName())) {
+            if (audiences == null || !audiences.contains(serverPrincipal.getName())) {
                 throw new KrbException("The token audience does not match with the target server principal!");
             }
             kdcRequest.setToken(authToken);