This is an automated email from the ASF dual-hosted git repository.
fschumacher pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new edd46e4 Guard new escape routines for null values
edd46e4 is described below
commit edd46e498d9039bf9d47aa5169da279362dd3f66
Author: Felix Schumacher <[email protected]>
AuthorDate: Sat May 15 14:06:21 2021 +0200
Guard new escape routines for null values
NPE in JNDIRealm, when userRoleAttribute is not set.
Plus add path to UnboundID SDK to the Eclipse and Intellij
classpath settings.
Bugzilla Id: 63508
---
java/org/apache/catalina/realm/JNDIRealm.java | 6 ++++
res/ide-support/eclipse/eclipse.classpath | 1 +
res/ide-support/idea/tomcat.iml | 9 +++++
.../catalina/realm/TestJNDIRealmIntegration.java | 42 ++++++++++++++++------
webapps/docs/changelog.xml | 8 +++++
5 files changed, 55 insertions(+), 11 deletions(-)
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java
b/java/org/apache/catalina/realm/JNDIRealm.java
index f1354d1..cbef335 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -2804,6 +2804,9 @@ public class JNDIRealm extends RealmBase {
* @return String the escaped/encoded result
*/
protected String doFilterEscaping(String inString) {
+ if (inString == null) {
+ return null;
+ }
StringBuilder buf = new StringBuilder(inString.length());
for (int i = 0; i < inString.length(); i++) {
char c = inString.charAt(i);
@@ -2896,6 +2899,9 @@ public class JNDIRealm extends RealmBase {
* @return The string representation of the attribute value
*/
protected String doAttributeValueEscaping(String input) {
+ if (input == null) {
+ return null;
+ }
int len = input.length();
StringBuilder result = new StringBuilder();
diff --git a/res/ide-support/eclipse/eclipse.classpath
b/res/ide-support/eclipse/eclipse.classpath
index 0c67505..da8f013 100644
--- a/res/ide-support/eclipse/eclipse.classpath
+++ b/res/ide-support/eclipse/eclipse.classpath
@@ -29,5 +29,6 @@
<classpathentry kind="var"
path="TOMCAT_LIBS_BASE/hamcrest-2.2/hamcrest-2.2.jar"/>
<classpathentry kind="var"
path="TOMCAT_LIBS_BASE/cglib-3.3.0/cglib-nodep-3.3.0.jar"/>
<classpathentry kind="var"
path="TOMCAT_LIBS_BASE/objenesis-2.6/objenesis-2.6.jar"/>
+ <classpathentry kind="var"
path="TOMCAT_LIBS_BASE/unboundid-5.1.4/unboundid-ldapsdk-5.1.4.jar"/>
<classpathentry kind="output" path=".settings/output"/>
</classpath>
diff --git a/res/ide-support/idea/tomcat.iml b/res/ide-support/idea/tomcat.iml
index c7a9c03..f180cfb 100644
--- a/res/ide-support/idea/tomcat.iml
+++ b/res/ide-support/idea/tomcat.iml
@@ -110,6 +110,15 @@
<SOURCES />
</library>
</orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root
url="jar://$TOMCAT_BUILD_LIBS$/unboundid-5.1.4/unboundid-ldapsdk-5.1.4.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
</component>
</module>
diff --git a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
index e52d7c2..99d537d 100644
--- a/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
+++ b/test/org/apache/catalina/realm/TestJNDIRealmIntegration.java
@@ -58,26 +58,33 @@ public class TestJNDIRealmIntegration {
@Parameterized.Parameters(name = "{index}: user[{5}], pwd[{6}]")
public static Collection<Object[]> parameters() {
List<Object[]> parameterSets = new ArrayList<>();
- for (String roleSearch : new String[] { ROLE_SEARCH_A, ROLE_SEARCH_B,
ROLE_SEARCH_C }) {
- addUsers(USER_PATTERN, null, null, roleSearch, ROLE_BASE,
parameterSets);
- addUsers(null, USER_SEARCH, USER_BASE, roleSearch, ROLE_BASE,
parameterSets);
+ for (String userRoleAttribute : new String[] { "cn", null }) {
+ for (String roleSearch : new String[] { ROLE_SEARCH_A,
ROLE_SEARCH_B, ROLE_SEARCH_C }) {
+ if (userRoleAttribute != null) {
+ addUsers(USER_PATTERN, null, null, roleSearch, ROLE_BASE,
userRoleAttribute, parameterSets);
+ addUsers(null, USER_SEARCH, USER_BASE, roleSearch,
ROLE_BASE, userRoleAttribute, parameterSets);
+ }
+ }
+ parameterSets.add(new Object[] {
"cn={0},ou=s\\;ub,ou=people,dc=example,dc=com", null, null, ROLE_SEARCH_A,
+ "{3},ou=people,dc=example,dc=com", "testsub", "test", new
String[] { "TestGroup4" },
+ userRoleAttribute });
}
- parameterSets.add(new Object[] {
"cn={0},ou=s\\;ub,ou=people,dc=example,dc=com", null, null, ROLE_SEARCH_A,
- "{3},ou=people,dc=example,dc=com", "testsub", "test", new
String[] {"TestGroup4"} });
return parameterSets;
}
private static void addUsers(String userPattern, String userSearch, String
userBase, String roleSearch,
- String roleBase, List<Object[]> parameterSets) {
+ String roleBase, String userRoleAttribute, List<Object[]>
parameterSets) {
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "test", "test", new String[] {"TestGroup"} });
+ "test", "test", new String[] {"TestGroup"}, userRoleAttribute
});
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "t;", "test", new String[] {"TestGroup"} });
+ "t;", "test", new String[] {"TestGroup"}, userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "t*", "test", new String[] {"TestGroup"} });
+ "t*", "test", new String[] {"TestGroup"}, userRoleAttribute });
parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
- "t=", "test", new String[] {"Test<Group*2", "Test>Group*3"} });
+ "t=", "test", new String[] {"Test<Group*2", "Test>Group*3"},
userRoleAttribute });
+ parameterSets.add(new Object[] { userPattern, userSearch, userBase,
roleSearch, roleBase,
+ "norole", "test", new String[0], userRoleAttribute });
}
@@ -97,6 +104,8 @@ public class TestJNDIRealmIntegration {
public String credentials;
@Parameter(7)
public String[] groups;
+ @Parameter(8)
+ public String realmConfigUserRoleAttribute;
@Test
public void testAuthenication() throws Exception {
@@ -107,7 +116,7 @@ public class TestJNDIRealmIntegration {
realm.setUserPattern(realmConfigUserPattern);
realm.setUserSearch(realmConfigUserSearch);
realm.setUserBase(realmConfigUserBase);
- realm.setUserRoleAttribute("cn");
+ realm.setUserRoleAttribute(realmConfigUserRoleAttribute);
realm.setRoleName("cn");
realm.setRoleBase(realmConfigRoleBase);
realm.setRoleSearch(realmConfigRoleSearch);
@@ -203,6 +212,17 @@ public class TestJNDIRealmIntegration {
result = conn.processOperation(addUserTestEquals);
Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+ AddRequest addUserNoRole = new AddRequest(
+ "dn: cn=norole,ou=people,dc=example,dc=com",
+ "objectClass: top",
+ "objectClass: person",
+ "objectClass: organizationalPerson",
+ "cn: norole",
+ "sn: No Role",
+ "userPassword: test");
+ result = conn.processOperation(addUserNoRole);
+ Assert.assertEquals(ResultCode.SUCCESS, result.getResultCode());
+
AddRequest addGroupTest = new AddRequest(
"dn: cn=TestGroup,ou=people,dc=example,dc=com",
"objectClass: top",
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f39aa5f..bd59929 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -104,6 +104,14 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 8.5.67 (markt)" rtext="in development">
+ <subsection name="Catalina">
+ <changelog>
+ <fix>
+ <bug>63508</bug>: NPE in JNDIRealm when no
<code>userRoleAttribute</code>
+ is given. (fschumacher)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Coyote">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
