diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2016-05-26 05:10:17 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2016-05-27 18:36:14 +0200 |
| commit | 5f6a70bb59e1a67071a6766882feb91f8a31f82f (patch) | |
| tree | 9fa2a06062b0d63d393b5c6db1715458eca4f465 /base/server/tomcat8/src/com | |
| parent | 7f112797da0238ad97e3006b6cf63907ec42372f (diff) | |
Fixed error handling in ProxyRealm.
All methods in ProxyRealms for Tomcat 7 and 8 have been modified
to check whether the subsystem is available, then generate a proper
error message instead of null pointer exception.
https://fedorahosted.org/pki/ticket/2326
Diffstat (limited to 'base/server/tomcat8/src/com')
| -rw-r--r-- | base/server/tomcat8/src/com/netscape/cms/tomcat/ProxyRealm.java | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/base/server/tomcat8/src/com/netscape/cms/tomcat/ProxyRealm.java b/base/server/tomcat8/src/com/netscape/cms/tomcat/ProxyRealm.java index bcedd52dc..f5986e857 100644 --- a/base/server/tomcat8/src/com/netscape/cms/tomcat/ProxyRealm.java +++ b/base/server/tomcat8/src/com/netscape/cms/tomcat/ProxyRealm.java @@ -7,6 +7,8 @@ import java.security.cert.X509Certificate; import java.util.HashMap; import java.util.Map; +import javax.ws.rs.ServiceUnavailableException; + import org.apache.catalina.Container; import org.apache.catalina.Context; import org.apache.catalina.CredentialHandler; @@ -62,16 +64,25 @@ public class ProxyRealm implements Realm { @Override public Principal authenticate(String username) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(username); } @Override public Principal authenticate(String username, String password) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(username, password); } @Override public Principal authenticate(X509Certificate certs[]) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(certs); } @@ -86,11 +97,17 @@ public class ProxyRealm implements Realm { String realmName, String md5a2 ) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(username, digest, nonce, nc, cnonce, qop, realmName, md5a2); } @Override public Principal authenticate(GSSContext gssContext, boolean storeCreds) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.authenticate(gssContext, storeCreds); } @@ -101,21 +118,33 @@ public class ProxyRealm implements Realm { SecurityConstraint[] constraints, Context context ) throws IOException { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.hasResourcePermission(request, response, constraints, context); } @Override public void backgroundProcess() { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } realm.backgroundProcess(); } @Override public SecurityConstraint[] findSecurityConstraints(Request request, Context context) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.findSecurityConstraints(request, context); } @Override public boolean hasRole(Wrapper wrapper, Principal principal, String role) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.hasRole(wrapper, principal, role); } @@ -125,26 +154,41 @@ public class ProxyRealm implements Realm { Response response, SecurityConstraint[] constraint ) throws IOException { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.hasUserDataPermission(request, response, constraint); } @Override public void addPropertyChangeListener(PropertyChangeListener listener) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } realm.addPropertyChangeListener(listener); } @Override public void removePropertyChangeListener(PropertyChangeListener listener) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } realm.removePropertyChangeListener(listener); } @Override public CredentialHandler getCredentialHandler() { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } return realm.getCredentialHandler(); } @Override public void setCredentialHandler(CredentialHandler handler) { + if (realm == null) { + throw new ServiceUnavailableException("Subsystem unavailable"); + } realm.setCredentialHandler(handler); } } |