Bug 50855 - NullPointerException thrown in AuthenticatorBase.register method for null principal
Summary: NullPointerException thrown in AuthenticatorBase.register method for null pri...
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 6
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 6.0.32
Hardware: PC Windows XP
: P2 normal (vote)
Target Milestone: default
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-03-02 11:19 UTC by Dorin
Modified: 2011-03-10 09:03 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dorin 2011-03-02 11:19:27 UTC
The description is the same as for the older bug 39255, except it is produced at
org.apache.catalina.authenticator.AuthenticatorBase.register(AuthenticatorBase.java:688)

Please, see the following link 
https://issues.apache.org/bugzilla/show_bug.cgi?id=39255

This bug has been fixed for Tomcat 5.5.16, but it looks to appear again in Tomcat 7.

This is the excerpt from AuthenticatorBase.java:
   public void register(Request request, HttpServletResponse response,
                            Principal principal, String authType,
                            String username, String password) {

       if (log.isDebugEnabled())
            log.debug("Authenticated '" + principal.getName() + "' with type '"
                + authType + "'");

It is seen that there is no more condition to verify if principal is null.

Specifically, the NullPointerException is thrown when calling HttpServletRequest.logout method from a JSF managed bean. According to Java EE 6 documentation, the logout method establishes null as the value returned when getUserPrincipal, getRemoteUser, and getAuthType is called on the request. Hence, the exception thrown.
Comment 1 Mark Thomas 2011-03-06 02:39:41 UTC
Looks like this never got applied to 6.0.x (or 7.0.x)

I have fixed 7.0.x (will be in 7.0.11 onwards) and proposed the fix for 6.0.x
Comment 2 Mark Thomas 2011-03-10 09:03:16 UTC
This has been fixed in trunk and will be included in 6.0.33 onwards.