Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-6258

Authorication can fail with NPE when no subject is provided

    Details

      Description

      When user's subject is null, authorization on secured cache can fail with NPE bellow, instead of logging SecurityException

      15:14:47,795 ERROR [org.infinispan.server.hotrod.HotRodEncoder] (HotRodServerWorker-9-1) ISPN005022: Exception writing response with messageId=2: java.lang.NullPointerException                                                             
              at org.infinispan.security.impl.CachePrincipalPair.<init>(CachePrincipalPair.java:17)                                                                                                                                                
              at org.infinispan.security.impl.AuthorizationHelper.checkSubjectPermissionAndRole(AuthorizationHelper.java:103)                                                                                                                      
              at org.infinispan.security.impl.AuthorizationHelper.checkPermission(AuthorizationHelper.java:76)                                                                                                                                     
              at org.infinispan.security.impl.AuthorizationManagerImpl.checkPermission(AuthorizationManagerImpl.java:37)                                                                                                                           
      

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                vjuranek Vojtech Juranek
                Reporter:
                vjuranek Vojtech Juranek
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: