This is an automated email from the ASF dual-hosted git repository.
fschumacher pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 939efed Guard new escape routines for null values
939efed is described below
commit 939efedccff7fafc45eedb11dcce67cd92975364
Author: Felix Schumacher <fschumac...@apache.org>
AuthorDate: Sat May 15 14:06:21 2021 +0200
Guard new escape routines for null values
NPE in JNDIRealm, when userRoleAttribute is not set.
Plus add path to UnboundID SDK to the Eclipse and Intellij
classpath settings.
Bugzilla Id: 63508
---
java/org/apache/catalina/realm/JNDIRealm.java | 6 ++++
res/ide-support/eclipse/eclipse.classpath | 1 +
res/ide-support/idea/tomcat.iml | 9 +++++
.../catalina/realm/TestJNDIRealmIntegration.java | 42 ++++++++++++++++------
webapps/docs/changelog.xml | 8 +++++
5 files changed, 55 insertions(+), 11 deletions(-)
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java
b/java/org/apache/catalina/realm/JNDIRealm.java
index 04768e8..b6318b4 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -2788,6 +2788,9 @@ public class JNDIRealm extends RealmBase {
* @return String the escaped/encoded result
*/
protected String doFilterEscaping(String inString) {
+ if (inString == null) {
+ return null;
+ }
StringBuilder buf = new StringBuilder(inString.length());
for (int i = 0; i < inString.length(); i++) {
char c = inString.charAt(i);
@@ -2880,6 +2883,9 @@ public class JNDIRealm extends RealmBase {
* @return The string representation of the attribute value
*/
protected String doAttributeValueEscaping(String input) {
+ if (input == null) {
+ return null;
+ }
int len = input.length();
StringBuilder result = new StringBuilder();
diff --git a/res/ide-support/eclipse/eclipse.classpath
b/res/ide-support/eclipse/eclipse.classpath
index 857b557..2b99428 100644
--- a/res/ide-support/eclipse/eclipse.classpath
+++ b/res/ide-support/eclipse/eclipse.classpath
@@ -31,5 +31,6 @@
<classpathentry kind="var"
path="TOMCAT_LIBS_BASE/objenesis-3.1/objenesis-3.1.jar"/>
<classpathentry kind="var"
path="TOMCAT_LIBS_BASE/bnd-5.3.0/biz.aQute.bnd-5.3.0.jar"/>
<classpathentry kind="var"
path="TOMCAT_LIBS_BASE/migration-1.0.0/jakartaee-migration-1.0.0-shaded.jar"/>
+ <classpathentry kind="var"
path="TOMCAT_LIBS_BASE/unboundid-5.1.4/unboundid-ldapsdk-5.1.4.jar"/>
<classpathentry kind="output" path=".settings/output"/>
</classpath>
diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml
index 2c10049..11d1909 100644
--- a/res/ide-support/idea/tomcat.iml
+++ b/res/ide-support/idea/tomcat.iml
@@ -128,6 +128,15 @@
<SOURCES />
</library>
</orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root
url="jar://$TOMCAT_BUILD_LIBS$/unboundid-5.1.4/unboundid-ldapsdk-5.1.4.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
</component>
</module>
diff --git a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
index e52d7c2..99d537d 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
@@ -58,26 +58,33 @@ public class TestJNDIRealmIntegration {
@Parameterized.Parameters(name = "{index}: user[{5}], pwd[{6}]")
public static Collection<Object[]> parameters() {
List<Object[]> parameterSets = new ArrayList<>();
- for (String roleSearch : new String[] { ROLE_SEARCH_A, ROLE_SEARCH_B,
ROLE_SEARCH_C }) {
- addUsers(USER_PATTERN, null, null, roleSearch, ROLE_BASE,
parameterSets);
- addUsers(null, USER_SEARCH, USER_BASE, roleSearch, ROLE_BASE,
parameterSets);
+ for (String userRoleAttribute : new String[] { "cn", null }) {
+ for (String roleSearch : new String[] { ROLE_SEARCH_A,
ROLE_SEARCH_B, ROLE_SEARCH_C }) {
+ if (userRoleAttribute != null) {
+ addUsers(USER_PATTERN, null, null, roleSearch, ROLE_BASE,
userRoleAttribute, parameterSets);
+ addUsers(null, USER_SEARCH, USER_BASE, roleSearch,
ROLE_BASE, userRoleAttribute, parameterSets);
+ }
+ }
+ parameterSets.add(new Object[] {
"cn={0},ou=s\\;ub,ou=people,dc=example,dc=com", null, null, ROLE_SEARCH_A,
+ "{3},ou=people,dc=example,dc=com", "testsub", "test", new
String[] { "TestGroup4" },
+ userRoleAttribute });
}
- parameterSets.add(new Object[] {
"cn={0},ou=s\\;ub,ou=people,dc=example,dc=com", null, null, ROLE_SEARCH_A,
- "{3},ou=people,dc=example,dc=com", "testsub", "test", new
String[] {"TestGroup4"} });
return parameterSets;
}
private static void addUsers(String userPattern, String userSearch, String
userBase, String roleSearch,
- String roleBase, List<Object[]> parameterSets) {
+ String roleBase, String userRoleAttribute, List<Object[]>
parameterSets) {
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "test", "test", new String[] {"TestGroup"} });
+ "test", "test", new String[] {"TestGroup"}, userRoleAttribute
});
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "t;", "test", new String[] {"TestGroup"} });
+ "t;", "test", new String[] {"TestGroup"}, userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "t*", "test", new String[] {"TestGroup"} });
+ "t*", "test", new String[] {"TestGroup"}, userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "t=", "test", new String[] {"Test<Group*2", "Test>Group*3"} });
+ "t=", "test", new String[] {"Test<Group*2", "Test>Group*3"},
userRoleAttribute });
+ parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
+ "norole", "test", new String[0], userRoleAttribute });
}
@@ -97,6 +104,8 @@ public class TestJNDIRealmIntegration {
public String credentials;
@Parameter(7)
public String[] groups;
+ @Parameter(8)
+ public String realmConfigUserRoleAttribute;
@Test
public void testAuthenication() throws Exception {
@@ -107,7 +116,7 @@ public class TestJNDIRealmIntegration {
realm.setUserPattern(realmConfigUserPattern);
realm.setUserSearch(realmConfigUserSearch);
realm.setUserBase(realmConfigUserBase);
- realm.setUserRoleAttribute("cn");
+ realm.setUserRoleAttribute(realmConfigUserRoleAttribute);
realm.setRoleName("cn");
realm.setRoleBase(realmConfigRoleBase);
realm.setRoleSearch(realmConfigRoleSearch);
@@ -203,6 +212,17 @@ public class TestJNDIRealmIntegration {
result = conn.processOperation(addUserTestEquals);
Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+ AddRequest addUserNoRole = new AddRequest(
+ "dn: cn=norole,ou=people,dc=example,dc=com",
+ "objectClass: top",
+ "objectClass: person",
+ "objectClass: organizationalPerson",
+ "cn: norole",
+ "sn: No Role",
+ "userPassword: test");
+ result = conn.processOperation(addUserNoRole);
+ Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
AddRequest addGroupTest = new AddRequest(
"dn: cn=TestGroup,ou=people,dc=example,dc=com",
"objectClass: top",
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 0efc03d..630110e 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -104,6 +104,14 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 10.0.7 (markt)" rtext="in development">
+ <subsection name="Catalina">
+ <changelog>
+ <fix>
+ <bug>63508</bug>: NPE in JNDIRealm when no
<code>userRoleAttribute</code>
+ is given. (fschumacher)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Coyote">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
