diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2016-05-26 05:10:17 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2016-05-27 18:36:14 +0200 |
| commit | 5f6a70bb59e1a67071a6766882feb91f8a31f82f (patch) | |
| tree | 9fa2a06062b0d63d393b5c6db1715458eca4f465 /base/server/tomcat7/src | |
| parent | 7f112797da0238ad97e3006b6cf63907ec42372f (diff) | |
| download | pki-5f6a70bb59e1a67071a6766882feb91f8a31f82f.tar.gz pki-5f6a70bb59e1a67071a6766882feb91f8a31f82f.tar.xz pki-5f6a70bb59e1a67071a6766882feb91f8a31f82f.zip | |
Fixed error handling in ProxyRealm.
All methods in ProxyRealms for Tomcat 7 and 8 have been modified
to check whether the subsystem is available, then generate a proper
error message instead of null pointer exception.
https://fedorahosted.org/pki/ticket/2326
Diffstat (limited to 'base/server/tomcat7/src')
| -rw-r--r-- | base/server/tomcat7/src/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | base/server/tomcat7/src/com/netscape/cms/tomcat/ProxyRealm.java | 46 |
2 files changed, 48 insertions, 1 deletions
diff --git a/base/server/tomcat7/src/CMakeLists.txt b/base/server/tomcat7/src/CMakeLists.txt index bb42bfe0a..f84369ccc 100644 --- a/base/server/tomcat7/src/CMakeLists.txt +++ b/base/server/tomcat7/src/CMakeLists.txt @@ -124,7 +124,8 @@ javac(pki-tomcat7-classes com/netscape/cms/tomcat/*.java CLASSPATH ${SERVLET_JAR} ${TOMCAT_CATALINA_JAR} ${TOMCAT_UTIL_SCAN_JAR} - ${CMAKE_BINARY_DIR}/../../tomcat + ${JAXRS_API_JAR} + ${CMAKE_BINARY_DIR}/../../tomcat OUTPUT_DIR ${CMAKE_BINARY_DIR}/../../tomcat DEPENDS diff --git a/base/server/tomcat7/src/com/netscape/cms/tomcat/ProxyRealm.java b/base/server/tomcat7/src/com/netscape/cms/tomcat/ProxyRealm.java index 094c0561f..13b61e47a 100644 --- a/base/server/tomcat7/src/com/netscape/cms/tomcat/ProxyRealm.java +++ b/base/server/tomcat7/src/com/netscape/cms/tomcat/ProxyRealm.java @@ -7,6 +7,8 @@ import java.security.cert.X509Certificate; import java.util.HashMap; import java.util.Map; +import javax.ws.rs.ServiceUnavailableException; + import org.apache.catalina.Container; import org.apache.catalina.Context; import org.apache.catalina.Realm; @@ -60,12 +62,26 @@ public class ProxyRealm implements Realm { } @Override + public Principal authenticate(String username) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } + return realm.authenticate(username); + } + + @Override public Principal authenticate(String username, String password) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(username, password); } @Override public Principal authenticate(X509Certificate certs[]) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(certs); } @@ -80,11 +96,17 @@ public class ProxyRealm implements Realm { String realmName, String md5a2 ) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(username, digest, nonce, nc, cnonce, qop, realmName, md5a2); } @Override public Principal authenticate(GSSContext gssContext, boolean storeCreds) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(gssContext, storeCreds); } @@ -95,26 +117,41 @@ public class ProxyRealm implements Realm { SecurityConstraint[] constraints, Context context ) throws IOException { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.hasResourcePermission(request, response, constraints, context); } @Override public String getInfo() { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.getInfo(); } @Override public void backgroundProcess() { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } realm.backgroundProcess(); } @Override public SecurityConstraint[] findSecurityConstraints(Request request, Context context) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.findSecurityConstraints(request, context); } @Override public boolean hasRole(Wrapper wrapper, Principal principal, String role) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.hasRole(wrapper, principal, role); } @@ -124,16 +161,25 @@ public class ProxyRealm implements Realm { Response response, SecurityConstraint[] constraint ) throws IOException { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.hasUserDataPermission(request, response, constraint); } @Override public void addPropertyChangeListener(PropertyChangeListener listener) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } realm.addPropertyChangeListener(listener); } @Override public void removePropertyChangeListener(PropertyChangeListener listener) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } realm.removePropertyChangeListener(listener); } } |