Ravi Nori has uploaded a new change for review. Change subject: restapi : NullPointerException when Authorization header is passed(#916085) ......................................................................
restapi : NullPointerException when Authorization header is passed(#916085) When invalid authorization header is passed a null pointer exception is thrown on the server resulting in internal server error. Change-Id: I10b580dcc3fddbec8ccd80130e977aeb4ef37fb2 Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=916085 Signed-off-by: Ravi Nori <[email protected]> --- M backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java 1 file changed, 9 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/01/12501/1 diff --git a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java index 7b8ef88..d961eec 100644 --- a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java +++ b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java @@ -40,6 +40,7 @@ // do not log passwords protected static final String LOGIN_SUCCESS = "Login success, user: {0} domain: {1}"; protected static final String LOGIN_FAILURE = "Login failure, user: {0} domain: {1} reason: {2}"; + protected static final String LOGIN_FAILURE_NO_PRINCIPAL = "Login failure , reason: missing principal"; protected static final String VALIDATE_SESSION_SUCCESS = "Validating session succeeded"; protected static final String VALIDATE_SESSION_FAILURE = "Validating session failed, reason: {0}"; protected static final String NO_DOMAIN = "Missing domain component in User Principal Name (UPN)"; @@ -63,6 +64,9 @@ @Override public boolean validate(Principal principal, String sessionId) { + if (principal == null) { + return loginFailureNoPrincipal(); + } if (principal.getDomain() == null) { return loginFailure(principal, NO_DOMAIN); } @@ -139,6 +143,11 @@ return loginFailure(principal, reasons != null ? reasons.toString() : null); } + private boolean loginFailureNoPrincipal() { + LOG.infoFormat(LOGIN_FAILURE_NO_PRINCIPAL); + return false; + } + private boolean loginFailure(Principal principal, String reason) { LOG.infoFormat(LOGIN_FAILURE, principal.getUser(), principal.getDomain(), reason); return false; -- To view, visit http://gerrit.ovirt.org/12501 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I10b580dcc3fddbec8ccd80130e977aeb4ef37fb2 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
