Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-8438

EJBComponentDescription : possible NPE on securityRoles

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 11.0.0.Beta1
    • Component/s: EJB
    • Labels:
      None

      Description

      In https://github.com/wildfly/wildfly/commit/38f8f5915b40d036bd0fd1a904d6a13916f3fa2c#diff-faf7ca63d4b901f1bff0697491c8f5ddL1147 you added check on if (securityRoles != null).

      securityRoles is not checked few lines below your check (in different if block)
      https://github.com/wildfly/wildfly/blob/master/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java#L1162 (securityRoles.getSecurityRoleNamesByPrincipal ... )

      I suggest to change https://github.com/wildfly/wildfly/blob/master/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java#L1158 from

      if (runAsPrincipal != null) {
      

      to

      if ((securityRoles != null) && (runAsPrincipal != null)) {
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  fjuma Farah Juma
                  Reporter:
                  fjuma Farah Juma
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: