Hello,
Problem in JSecurity 0.9
I use PropertiesRealm, wich configure in web.xml
[main]
cacheManager = org.jsecurity.cache.HashtableCacheManager
realm = org.jsecurity.realm.text.PropertiesRealm
realm.resourcePath = classpath:users.properties
realm.cacheManager = $cacheManager
securityManager = org.jsecurity.web.DefaultWebSecurityManager
securityManager.realm = $realm
[filters]
jsecurity.loginUrl = /jsec/login
[urls]
/jsec/login = authc
/account/** = authc
/remoting/** = authc, roles[b2bClient], perms[remote:invoke:"lan,wan"]
When I try login with non existing username, I get NullPointerException at
org.jsecurity.realm.SimpleAccountRealm.doGetAuthenticationInfo(SimpleAccountRealm.java:143)
Problem in this place
SimpleAccount account = (SimpleAccount)
getAuthorizationCache().get(upToken.getUsername());
if (account.isLocked()) {....
Why no check to null for account and throw UnknownAccountException?
SimpleAccount account = (SimpleAccount)
getAuthorizationCache().get(upToken.getUsername());
if (account == null) {
throw new UnknownAccountException();
}
if (account.isLocked()) {....
--
View this message in context:
http://n2.nabble.com/SimpleAccountRealm.doGetAuthenticationInfo-and-NullPointerException-tp3254546p3254546.html
Sent from the Shiro User mailing list archive at Nabble.com.
