jackrabbit-oak-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (JIRA)" <j...@apache.org>
Subject [jira] [Created] (OAK-8231) Unreachable code in LoginModuleImpl.getLoginId
Date Thu, 11 Apr 2019 15:56:00 GMT
angela created OAK-8231:
---------------------------

             Summary: Unreachable code in LoginModuleImpl.getLoginId
                 Key: OAK-8231
                 URL: https://issues.apache.org/jira/browse/OAK-8231
             Project: Jackrabbit Oak
          Issue Type: Bug
          Components: core, security
            Reporter: angela


[~stillalex], as discussed today it seems that the following block in {{LoginModuleImpl.getLoginId}}
can never be reached

{code}
   [... here if-statements for 3 types of supported credentials...]
   else {
                try {
                    NameCallback callback = new NameCallback("User-ID: ");
                    callbackHandler.handle(new Callback[] { callback });
                    uid = callback.getName();
                } catch (IOException | UnsupportedCallbackException e) {
                    onError();
                    log.error(e.getMessage(), e);
                }
            }
{code}

the reason for this: that block resides inside an if-statement verifying that {{credentials}}
are not null. if credentials are not null they will be any of the supported classes according
to the implementation of {{getCredentials}}, which will return null if none of the credentials
extracted from subject/callback/sharedstate is supported.

as discussed the safest way to deal with this is probably to get rid of that block altogether.
let me know if you have any concern with that approach.




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message