[ https://issues.apache.org/jira/browse/ROL-1167?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Glen Mazza closed ROL-1167.
---------------------------
Resolution: Fixed
This item from 2006 against Roller 2.3. The current Roller trunk already has this code in
(perhaps from this patch).
> Authentication failure in Atom API leads to NullPointerException in RollerAtomHandler
> -------------------------------------------------------------------------------------
>
> Key: ROL-1167
> URL: https://issues.apache.org/jira/browse/ROL-1167
> Project: Apache Roller
> Issue Type: Bug
> Components: Web Services
> Affects Versions: 2.3
> Environment: All
> Reporter: Padraig O hIceadha
> Priority: Minor
> Attachments: ASF.LICENSE.NOT.GRANTED--RollerAtomHandler.java, ASF.LICENSE.NOT.GRANTED--patchfile.txt
>
>
> If an incorrect username or password is used ehen e.g. posting a new entry via the Atom
API instead of getting a 401 error (Unauthorized) you get a 500 server error because of a
NullPOinterException in RollerAtomHandler.
> RollerAtomHandler#getAuthenticatedUsername was not checking if this.user was null.
> The patch for my proposed fix is below :
> Index: RollerAtomHandler.java
> ===================================================================
> --- RollerAtomHandler.java (revision 414838)
> +++ RollerAtomHandler.java (working copy)
> @@ -121,6 +121,9 @@
> * Return weblogHandle of authenticated user or null if there is none.
> */
> public String getAuthenticatedUsername() {
> + if (this.user == null) {
> + return null;
> + }
> return this.user.getUserName();
> }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
|