Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-6258

Authorication can fail with NPE when no subject is provided

    XMLWordPrintable

Details

    Description

      When user's subject is null, authorization on secured cache can fail with NPE bellow, instead of logging SecurityException

      15:14:47,795 ERROR [org.infinispan.server.hotrod.HotRodEncoder] (HotRodServerWorker-9-1) ISPN005022: Exception writing response with messageId=2: java.lang.NullPointerException                                                             
              at org.infinispan.security.impl.CachePrincipalPair.<init>(CachePrincipalPair.java:17)                                                                                                                                                
              at org.infinispan.security.impl.AuthorizationHelper.checkSubjectPermissionAndRole(AuthorizationHelper.java:103)                                                                                                                      
              at org.infinispan.security.impl.AuthorizationHelper.checkPermission(AuthorizationHelper.java:76)                                                                                                                                     
              at org.infinispan.security.impl.AuthorizationManagerImpl.checkPermission(AuthorizationManagerImpl.java:37)                                                                                                                           
      

      Attachments

        Activity

          People

            vjuranek@redhat.com Vojtech Juranek
            vjuranek@redhat.com Vojtech Juranek
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: