From fdf127ee19be409b34d13aae867b90f815ba0e68 Mon Sep 17 00:00:00 2001 From: Jan Bartel <janb@webtide.com> Date: Tue, 2 Feb 2016 10:09:48 +0100 Subject: [PATCH 1/2] 486497 NPE in MappedLoginService --- .../jetty/security/AbstractLoginService.java | 2 +- .../eclipse/jetty/JdbcLoginServiceTest.java | 26 +++++++++++++++++-- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/AbstractLoginService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/AbstractLoginService.java index 84deed86097..2ac6781a79e 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/AbstractLoginService.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/AbstractLoginService.java @@ -166,7 +166,7 @@ public abstract class AbstractLoginService extends AbstractLifeCycle implements return null; UserPrincipal userPrincipal = loadUserInfo(username); - if (userPrincipal.authenticate(credentials)) + if (userPrincipal != null && userPrincipal.authenticate(credentials)) { //safe to load the roles String[] roles = loadRoleInfo(userPrincipal); diff --git a/tests/test-loginservice/src/test/java/org/eclipse/jetty/JdbcLoginServiceTest.java b/tests/test-loginservice/src/test/java/org/eclipse/jetty/JdbcLoginServiceTest.java index 2f6acdd3556..3670d1137d4 100644 --- a/tests/test-loginservice/src/test/java/org/eclipse/jetty/JdbcLoginServiceTest.java +++ b/tests/test-loginservice/src/test/java/org/eclipse/jetty/JdbcLoginServiceTest.java @@ -161,6 +161,21 @@ public class JdbcLoginServiceTest } } + public void testGetWithNonExistantUser() throws Exception + { + try + { + startClient("foo", "bar"); + + ContentResponse response = _client.GET(_baseUri.resolve("input.txt")); + assertEquals(HttpServletResponse.SC_UNAUTHORIZED,response.getStatus()); + } + finally + { + stopClient(); + } + } + //Head requests to jetty-client are not working: see https://bugs.eclipse.org/bugs/show_bug.cgi?id=394552 @Ignore public void testHead() throws Exception @@ -201,7 +216,7 @@ public class JdbcLoginServiceTest } } - protected void startClient() + protected void startClient(String username, String pwd) throws Exception { _client = new HttpClient(); @@ -209,10 +224,17 @@ public class JdbcLoginServiceTest executor.setName(executor.getName() + "-client"); _client.setExecutor(executor); AuthenticationStore authStore = _client.getAuthenticationStore(); - authStore.addAuthentication(new BasicAuthentication(_baseUri, __realm, "jetty", "jetty")); + authStore.addAuthentication(new BasicAuthentication(_baseUri, __realm, username, pwd)); _client.start(); } + protected void startClient() + throws Exception + { + startClient("jetty", "jetty"); + } + + protected void stopClient() throws Exception { From 0f19eda53d9d91902bc5719a8c2c38cb45529ed5 Mon Sep 17 00:00:00 2001 From: Jan Bartel <janb@webtide.com> Date: Tue, 2 Feb 2016 15:04:22 +0100 Subject: [PATCH 2/2] 486530 Handler added to WebAppContext prevents ServletContext initialization --- .../main/config/demo-base/webapps/test.xml | 26 ++++++++++--------- 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/tests/test-webapps/test-jetty-webapp/src/main/config/demo-base/webapps/test.xml b/tests/test-webapps/test-jetty-webapp/src/main/config/demo-base/webapps/test.xml index fc42f03a8f1..4a978e9fa79 100644 --- a/tests/test-webapps/test-jetty-webapp/src/main/config/demo-base/webapps/test.xml +++ b/tests/test-webapps/test-jetty-webapp/src/main/config/demo-base/webapps/test.xml @@ -109,18 +109,20 @@ detected. --> <!-- Add context specific logger - <Set name="handler"> - <New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler"> - <Set name="requestLog"> - <New id="RequestLogImpl" class="org.eclipse.jetty.server.NCSARequestLog"> - <Set name="filename"><Property name="jetty.logs" default="./logs"/>/test-yyyy_mm_dd.request.log</Set> - <Set name="filenameDateFormat">yyyy_MM_dd</Set> - <Set name="append">true</Set> - <Set name="LogTimeZone">GMT</Set> - </New> - </Set> - </New> - </Set> + <Call name="insertHandler"> + <Arg> + <New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler"> + <Set name="requestLog"> + <New id="RequestLogImpl" class="org.eclipse.jetty.server.NCSARequestLog"> + <Set name="filename"><Property name="jetty.logs" default="./logs"/>/test-yyyy_mm_dd.request.log</Set> + <Set name="filenameDateFormat">yyyy_MM_dd</Set> + <Set name="append">true</Set> + <Set name="LogTimeZone">GMT</Set> + </New> + </Set> + </New> + </Arg> + </Call> --> </Configure>