[ https://issues.apache.org/jira/browse/OAK-3302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela updated OAK-3302: ------------------------ Component/s: (was: auth-ldap) > ExternalLoginModule:193 can never be reached > -------------------------------------------- > > Key: OAK-3302 > URL: https://issues.apache.org/jira/browse/OAK-3302 > Project: Jackrabbit Oak > Issue Type: Bug > Components: auth-external > Affects Versions: 1.2.2 > Environment: AEM 6.1 > Reporter: Thorsten Biegner > Priority: Minor > > Starting at line 193 in Version 1.2.2 which shipped with AEM 6.1 this code > can never be reached. > https://github.com/apache/jackrabbit-oak/blob/jackrabbit-oak-1.2.2/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java#L189 > sId = syncHandler.findIdentity(userMgr, userId); > // if there exists an authorizable with the given userid but is > // not an external one or if it belongs to another IDP, we just ignore it. > if (sId != null) { > Line 193 ExternalIdentityRef externalIdRef = sId.getExternalIdRef(); > if (externalIdRef == null) { > Because when no ExternalReference is present sId will be null. > See > https://github.com/apache/jackrabbit-oak/blob/jackrabbit-oak-1.2.2/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/DefaultSyncHandler.java#L187 > Instead of being null it should return a SyncedIdentity with the > ExternalIdRef set to null. > As far as I can see the same bug still exists in the current trunk see > https://github.com/apache/jackrabbit-oak/blob/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModule.java#L193 > and > https://github.com/apache/jackrabbit-oak/blob/trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/basic/DefaultSyncContext.java#L120 -- This message was sent by Atlassian JIRA (v6.3.4#6332)