Bug 33713 - Admin webapp throws NullPointerException when logon is performed using Single Sign On
Summary: Admin webapp throws NullPointerException when logon is performed using Single...
Alias: None
Product: Tomcat 5
Classification: Unclassified
Component: Webapps:Administration (show other bugs)
Version: 5.5.7
Hardware: PC Windows XP
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Depends on:
Reported: 2005-02-23 19:19 UTC by Ben Spiller
Modified: 2005-03-24 06:24 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Ben Spiller 2005-02-23 19:19:44 UTC
If Single Sign On is enabled, a user can visit the Tomcat administration webapp
after logging on using another page. Unfortunately after upgrading from Tomcat
5.0 to 5.5.7 we've found this results in a NullPointerException (unless the
admin webapp has already been loaded).

I've had a look at the code, and the reason seems to be Remm's commit to web.xml
and login.jsp on 16-Aug-04 (affecting Tomcat 5.5.0 and above) that stopped the
admin app being loaded on startup and instead loads its internals when the login
.jsp page is visited.

This fix obviously assumes that the login page is always visited before the
admin webapp is accessed - an assumption that is not valid when using SSO. 

I suggest either reversing the previous commit and turning load-on-startup on
again; or alternatively, adding the line that was added to login.jsp to
frameset.jsp as well (someone would need to confirm if this works OK, as I don't
Comment 1 Yoav Shapira 2005-03-23 17:09:42 UTC
Hmm... We don't want it to load-on-startup because its loading time slows down
the overall server start time.  The frameset.jsp suggestion sounds reasonable
but I don't have time to test it at the moment.