[ https://issues.apache.org/jira/browse/KAFKA-5802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ted Yu updated KAFKA-5802: -------------------------- Description: {code} String username = null; for (Callback callback : callbacks) { if (callback instanceof NameCallback) username = ((NameCallback) callback).getDefaultName(); else if (callback instanceof ScramCredentialCallback) ((ScramCredentialCallback) callback).scramCredential(credentialCache.get(username)); {code} Since ConcurrentHashMap, used by CredentialCache, doesn't allow null keys, we should check that username is not null before calling credentialCache.get() was: {code} String username = null; for (Callback callback : callbacks) { if (callback instanceof NameCallback) username = ((NameCallback) callback).getDefaultName(); else if (callback instanceof ScramCredentialCallback) ((ScramCredentialCallback) callback).scramCredential(credentialCache.get(username)); {code} Since ConcurrentHashMap, used by CredentialCache, doesn't allow null keys, we should check that username is not null before calling credentialCache.get() > ScramServerCallbackHandler#handle should check username not being null before > calling credentialCache.get() > ----------------------------------------------------------------------------------------------------------- > > Key: KAFKA-5802 > URL: https://issues.apache.org/jira/browse/KAFKA-5802 > Project: Kafka > Issue Type: Bug > Reporter: Ted Yu > Priority: Minor > > {code} > String username = null; > for (Callback callback : callbacks) { > if (callback instanceof NameCallback) > username = ((NameCallback) callback).getDefaultName(); > else if (callback instanceof ScramCredentialCallback) > ((ScramCredentialCallback) > callback).scramCredential(credentialCache.get(username)); > {code} > Since ConcurrentHashMap, used by CredentialCache, doesn't allow null keys, we > should check that username is not null before calling credentialCache.get() -- This message was sent by Atlassian JIRA (v6.4.14#64029)