Bug 61780 - If AuthConfigFactoryImpl.getRegistrationIDs() is called to get the IDs of all active registrations, it always returns the default registration id in the result list
Summary: If AuthConfigFactoryImpl.getRegistrationIDs() is called to get the IDs of all...
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 8
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 8.5.23
Hardware: PC All
: P2 normal (vote)
Target Milestone: ----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-11-18 13:58 UTC by Lazar Kirchev
Modified: 2017-11-20 13:39 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Lazar Kirchev 2017-11-18 13:58:59 UTC
When AuthConfigFactoryImpl.getRegistrationIDs() is called with null parameter in order to get all active registrations' IDs, it always returns in the result list the default registration id, even if there is no registration with this ID.
 
It adds the default registration ID to the list if the default registration map is not null, but it actually is always non-null becuase it is created upon creation of the AuthConfigFactoryImpl instance.
Comment 1 Lazar Kirchev 2017-11-18 14:00:45 UTC
This pull request contains a test case, which illustrates the problem and a fix for it: https://github.com/apache/tomcat/pull/88

One comment - in the proposed fix I add a check if the default registrations map is empty. However, here the check for null seems not to be necessary as the map is created upon creation of the AuthConfigFactoryImpl instance.
Comment 2 Mark Thomas 2017-11-20 13:24:44 UTC
Agreed. It looks like some refactoring took place that wasn't fully taken into account. The null check is unnecessary. As is making the map volatile.
Comment 3 Mark Thomas 2017-11-20 13:39:47 UTC
Thanks for the pull request. I tweaked it slightly as per my previous comment before applying it.

Fixed in:
- trunk for 9.0.2 onwards
- 8.5.x for 8.5.24 onwards