[
http://www.stripesframework.org/jira/browse/STS-845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ben Gunter resolved STS-845.
----------------------------
Resolution: Fixed
Assignee: Ben Gunter
Fixed for 1.5.7. Encrypted values are now decrypted during required-field
validation. If the submitted value cannot be decrypted it will be treated as
null, the standard validation error will be added, and the type converter will
not be called.
> Integer encrypted fields may throw a NPE
> ----------------------------------------
>
> Key: STS-845
> URL: http://www.stripesframework.org/jira/browse/STS-845
> Project: Stripes
> Issue Type: Bug
> Components: Validation
> Affects Versions: Release 1.5.6
> Reporter: Samuel Santos
> Assignee: Ben Gunter
> Fix For: Release 1.5.7
>
>
> I have an integer property that cannot be changed by the client:
> {code}
> @ValidateNestedProperties({
> [...]
> @Validate(field = "userProfile.id", required = true, encrypted = true, on
> = { "update" }),
> [...]
> })
> private User user;
> {code}
> If I change the value of this hidden field (with firebug) I get the following
> error:
> {noformat}
> 16:48:17,656 WARN [net.sourceforge.stripes.util.CryptoUtil] Input was not
> encrypted with the current encryption key: sacsdfsa
> 16:48:17,656 WARN
> [net.sourceforge.stripes.controller.DefaultActionBeanPropertyBinder] Looks
> like type converter
> net.sourceforge.stripes.validation.IntegerTypeConverter@5dec2e51 threw an
> exception.: java.lang.NullPointerException
> at
> net.sourceforge.stripes.validation.NumberTypeConverterSupport.preprocess(NumberTypeConverterSupport.java:94)
> [:1.5.6]
> at
> net.sourceforge.stripes.validation.NumberTypeConverterSupport.parse(NumberTypeConverterSupport.java:68)
> [:1.5.6]
> at
> net.sourceforge.stripes.validation.IntegerTypeConverter.convert(IntegerTypeConverter.java:36)
> [:1.5.6]
> at
> net.sourceforge.stripes.validation.IntegerTypeConverter.convert(IntegerTypeConverter.java:25)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.DefaultActionBeanPropertyBinder.convert(DefaultActionBeanPropertyBinder.java:792)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.DefaultActionBeanPropertyBinder.bind(DefaultActionBeanPropertyBinder.java:182)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.DispatcherHelper$3.intercept(DispatcherHelper.java:218)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.ExecutionContext.proceed(ExecutionContext.java:158)
> [:1.5.6]
> at
> org.stripesstuff.plugin.security.SecurityInterceptor.interceptBindingAndValidation(SecurityInterceptor.java:158)
> [:139]
> at
> org.stripesstuff.plugin.security.SecurityInterceptor.intercept(SecurityInterceptor.java:123)
> [:139]
> at
> net.sourceforge.stripes.controller.ExecutionContext.proceed(ExecutionContext.java:155)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.BeforeAfterMethodInterceptor.intercept(BeforeAfterMethodInterceptor.java:113)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.ExecutionContext.proceed(ExecutionContext.java:155)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.ExecutionContext.wrap(ExecutionContext.java:74)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.DispatcherHelper.doBindingAndValidation(DispatcherHelper.java:214)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.DispatcherServlet.doBindingAndValidation(DispatcherServlet.java:254)
> [:1.5.6]
> at
> net.sourceforge.stripes.controller.DispatcherServlet.service(DispatcherServlet.java:148)
> [:1.5.6]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
> [:1.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
> [:6.0.0.Final]
> at
> net.sourceforge.stripes.controller.StripesFilter.doFilter(StripesFilter.java:247)
> [:1.5.6]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
> [:6.0.0.Final]
> at
> com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129)
> [:]
> at
> com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77)
> [:]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
> [:6.0.0.Final]
> at com.samaxes.filter.NoCacheFilter.doFilter(NoCacheFilter.java:65)
> [:2.0]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181)
> [:6.0.0.Final]
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:593)
> [:6.0.0.Final]
> at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285)
> [:1.1.0.Final]
> at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261)
> [:1.1.0.Final]
> at
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> [:6.0.0.Final]
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53)
> [:6.0.0.Final]
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
> [:6.0.0.Final]
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
> [:6.0.0.Final]
> at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654)
> [:6.0.0.Final]
> at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951)
> [:6.0.0.Final]
> at java.lang.Thread.run(Thread.java:662) [:1.6.0_25]
> {noformat}
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Stripes-development mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/stripes-development
