Bug 56246 - NPE in MemoryRealm when authenticating unknown user
NPE in MemoryRealm when authenticating unknown user
Product: Tomcat 7
Classification: Unclassified
Component: Catalina
PC All
: P2 normal (vote)
: ---
Assigned To: Tomcat Developers Mailing List
Depends on:
  Show dependency tree
Reported: 2014-03-11 13:46 UTC by mail
Modified: 2014-03-12 14:53 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description mail 2014-03-11 13:46:44 UTC
When using the embedded tomcat with a MemoryRealm for basic authentication, a request containing an unknown username leads to a NullPointerException.

org.apache.catalina.realm.MemoryRealm.authenticate(MemoryRealm.java:143)	org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:164)

MemoryRealm.authenticate get the principal via principals.get(username).
If the user is not known, he result is null.
Comment 1 Mark Thomas 2014-03-12 14:53:48 UTC
Thanks for the report. This has been fixed in trunk for 8.0.4 and in 7.0.x for 7.0.53 onwards.