Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-59: Fix NullPointerException caused by unnecessary check of application context path when a singleton is defined.

This commit is contained in:
Ben Alex 2005-10-21 07:46:06 +00:00
parent 55e552a846
commit b19d1f9d77
1 changed files with 32 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java
View File

@ -12,7 +12,6 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package net.sf.acegisecurity.adapters.jboss; package net.sf.acegisecurity.adapters.jboss;
import net.sf.acegisecurity.AccountExpiredException; import net.sf.acegisecurity.AccountExpiredException;
@ -62,15 +61,11 @@ import javax.security.auth.login.LoginException;
* @version $Id$ * @version $Id$
*/ */
public class JbossAcegiLoginModule extends AbstractServerLoginModule { public class JbossAcegiLoginModule extends AbstractServerLoginModule {
//~ Instance fields ========================================================
private AuthenticationManager authenticationManager; private AuthenticationManager authenticationManager;
private Principal identity; private Principal identity;
private String key; private String key;
private char[] credential; private char[] credential;
//~ Methods ================================================================
public void initialize(Subject subject, CallbackHandler callbackHandler, public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) { Map sharedState, Map options) {
super.initialize(subject, callbackHandler, sharedState, options); super.initialize(subject, callbackHandler, sharedState, options);
@ -89,21 +84,24 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
String appContextLocation = (String) options.get("appContextLocation"); String appContextLocation = (String) options.get("appContextLocation");
if ((((singletonId == null) || "".equals(singletonId)) if ((((singletonId == null) || "".equals(singletonId)) &&
&& (appContextLocation == null)) || "".equals(appContextLocation)) { (appContextLocation == null)) || "".equals(appContextLocation)) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"appContextLocation must be defined"); "appContextLocation must be defined");
} }
String beanName = (String) options.get("authenticationManager"); String beanName = (String) options.get("authenticationManager");
// Attempt to find the appContextLocation only if no singletonId was defined
if ((singletonId == null) || "".equals(singletonId)) {
if (Thread.currentThread().getContextClassLoader().getResource(appContextLocation) == null) { if (Thread.currentThread().getContextClassLoader().getResource(appContextLocation) == null) {
if (super.log.isInfoEnabled()) { if (super.log.isInfoEnabled()) {
super.log.info("cannot locate " + appContextLocation); super.log.info("cannot locate " + appContextLocation);
} }
throw new IllegalArgumentException("Cannot locate " throw new IllegalArgumentException("Cannot locate " +
+ appContextLocation); appContextLocation);
}
} }
ClassPathXmlApplicationContext ctx = null; ClassPathXmlApplicationContext ctx = null;
@ -113,13 +111,13 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
ctx = new ClassPathXmlApplicationContext(appContextLocation); ctx = new ClassPathXmlApplicationContext(appContextLocation);
} catch (Exception e) { } catch (Exception e) {
if (super.log.isInfoEnabled()) { if (super.log.isInfoEnabled()) {
super.log.info("error loading spring context " super.log.info("error loading spring context " +
+ appContextLocation + " " + e); appContextLocation + " " + e);
} }
throw new IllegalArgumentException( throw new IllegalArgumentException(
"error loading spring context " + appContextLocation + " " "error loading spring context " + appContextLocation + " " +
+ e); e);
} }
} else { } else {
if (super.log.isInfoEnabled()) { if (super.log.isInfoEnabled()) {
@ -132,11 +130,12 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
if (ctx == null) { if (ctx == null) {
if (super.log.isInfoEnabled()) { if (super.log.isInfoEnabled()) {
super.log.info("singleton " + beanName + " does not exists"); super.log.info("singleton " + beanName +
" does not exists");
} }
throw new IllegalArgumentException("singleton " + singletonId throw new IllegalArgumentException("singleton " + singletonId +
+ " does not exists"); " does not exists");
} }
} }
@ -179,8 +178,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
if ((username == null) && (password == null)) { if ((username == null) && (password == null)) {
identity = null; identity = null;
super.log.trace("Authenticating as unauthenticatedIdentity=" super.log.trace("Authenticating as unauthenticatedIdentity=" +
+ identity); identity);
} }
if (username == null) { if (username == null) {
@ -239,8 +238,7 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
super.log.debug("user is logged. redirecting to jaas classes"); super.log.debug("user is logged. redirecting to jaas classes");
identity = new PrincipalAcegiUserToken(this.key, identity = new PrincipalAcegiUserToken(this.key,
response.getName(), response.getName(), response.getCredentials().toString(),
response.getCredentials().toString(),
response.getAuthorities()); response.getAuthorities());
} }
@ -251,8 +249,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
} }
super.loginOk = true; super.loginOk = true;
super.log.trace("User '" + identity + "' authenticated, loginOk=" super.log.trace("User '" + identity + "' authenticated, loginOk=" +
+ loginOk); loginOk);
return true; return true;
} }
@ -263,7 +261,7 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
protected Group[] getRoleSets() throws LoginException { protected Group[] getRoleSets() throws LoginException {
SimpleGroup roles = new SimpleGroup("Roles"); SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles}; Group[] roleSets = { roles };
if (this.identity instanceof Authentication) { if (this.identity instanceof Authentication) {
Authentication user = (Authentication) this.identity; Authentication user = (Authentication) this.identity;
@ -278,17 +276,17 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
} }
protected String[] getUsernameAndPassword() throws LoginException { protected String[] getUsernameAndPassword() throws LoginException {
String[] info = {null, null}; String[] info = { null, null };
// prompt for a username and password // prompt for a username and password
if (callbackHandler == null) { if (callbackHandler == null) {
throw new LoginException("Error: no CallbackHandler available " throw new LoginException("Error: no CallbackHandler available " +
+ "to collect authentication information"); "to collect authentication information");
} }
NameCallback nc = new NameCallback("User name: ", "guest"); NameCallback nc = new NameCallback("User name: ", "guest");
PasswordCallback pc = new PasswordCallback("Password: ", false); PasswordCallback pc = new PasswordCallback("Password: ", false);
Callback[] callbacks = {nc, pc}; Callback[] callbacks = { nc, pc };
String username = null; String username = null;
String password = null; String password = null;
@ -308,8 +306,8 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
} catch (java.io.IOException ioe) { } catch (java.io.IOException ioe) {
throw new LoginException(ioe.toString()); throw new LoginException(ioe.toString());
} catch (UnsupportedCallbackException uce) { } catch (UnsupportedCallbackException uce) {
throw new LoginException("CallbackHandler does not support: " throw new LoginException("CallbackHandler does not support: " +
+ uce.getCallback()); uce.getCallback());
} }
info[0] = username; info[0] = username;