cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "mustafa (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-5275) NullPointerException when using Kerberos Delegation
Date Thu, 12 Sep 2013 09:21:52 GMT

    [ https://issues.apache.org/jira/browse/CXF-5275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13765295#comment-13765295
] 

mustafa commented on CXF-5275:
------------------------------

Looks like the fix by Colm was slightly different that the one propose.

http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java?r1=1370142&r2=1402099&pathrev=1402099&diff_format=h
                
> NullPointerException when using Kerberos Delegation
> ---------------------------------------------------
>
>                 Key: CXF-5275
>                 URL: https://issues.apache.org/jira/browse/CXF-5275
>             Project: CXF
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.6.6
>            Reporter: mustafa
>
> We are on Jboss 6.1.0 the version of CXF is 2.6.6 and has a bug when delegation is used:
> AbstractSpnegoAuthSupplier (v 2.6.6) has this method call:
>    [...]
>       return getToken(delegatedCred == null ? authPolicy : null, context);
>    [...]
> here if we have delegatedCred with a value the statment passes null to the method:
>    private byte[] getToken(AuthorizationPolicy authPolicy,
>                             final GSSContext context) throws GSSException,
>         LoginException {
>         
>         String contextName = authPolicy.getAuthorization();
>         if (contextName == null) {
>             contextName = "";
>         }
>         
>       [...]
>     }
> if authPolicy is null (our case) the method throws a NullPointerException.
> So I got the fixed AbstractSpnegoAuthSupplier and SpnegoAuthSupplier from cxf 2.7.1 copied/renamed
in my project and programmatically set on HTTPConduit:
>   [...]
>    HTTPConduit http = (HTTPConduit) client.getConduit();
>    http.setAuthorization(authorization);
>    http.setAuthSupplier(new CustomSpnegoAuthSupplier());
>   [...]
> And now it works fine.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message