Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-8438

EJBComponentDescription : possible NPE on securityRoles

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 11.0.0.Beta1
    • None
    • EJB
    • None

      In https://github.com/wildfly/wildfly/commit/38f8f5915b40d036bd0fd1a904d6a13916f3fa2c#diff-faf7ca63d4b901f1bff0697491c8f5ddL1147 you added check on if (securityRoles != null).

      securityRoles is not checked few lines below your check (in different if block)
      https://github.com/wildfly/wildfly/blob/master/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java#L1162 (securityRoles.getSecurityRoleNamesByPrincipal ... )

      I suggest to change https://github.com/wildfly/wildfly/blob/master/ejb3/src/main/java/org/jboss/as/ejb3/component/EJBComponentDescription.java#L1158 from 

      if (runAsPrincipal != null) {

      to 

      if ((securityRoles != null) && (runAsPrincipal != null)) {

              fjuma1@redhat.com Farah Juma
              fjuma1@redhat.com Farah Juma
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: