diff options
author | Jan Bartel | 2013-08-12 06:36:08 +0000 |
---|---|---|
committer | Jan Bartel | 2013-08-12 06:36:08 +0000 |
commit | e3e9264a07cf453a7c02a6dd9f65e1380df5d444 (patch) | |
tree | cac0e11fd8a79b46ba5f3a3ab5f58948d74cdefc /jetty-security/src/main/java/org/eclipse/jetty/security | |
parent | 80988c8b1ff4ba23f31f5b500ff6869119944830 (diff) | |
download | org.eclipse.jetty.project-e3e9264a07cf453a7c02a6dd9f65e1380df5d444.tar.gz org.eclipse.jetty.project-e3e9264a07cf453a7c02a6dd9f65e1380df5d444.tar.xz org.eclipse.jetty.project-e3e9264a07cf453a7c02a6dd9f65e1380df5d444.zip |
414840 Request.login() throws NPE if username is null
Diffstat (limited to 'jetty-security/src/main/java/org/eclipse/jetty/security')
2 files changed, 6 insertions, 0 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java index 41648d6a6c..37c72c37dd 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java @@ -212,6 +212,9 @@ public abstract class MappedLoginService extends AbstractLifeCycle implements Lo */ public UserIdentity login(String username, Object credentials) { + if (username == null) + return null; + UserIdentity user = _users.get(username); if (user==null) diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java index d47a65d1fc..b1a2c6061e 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java @@ -116,6 +116,9 @@ public class DeferredAuthentication implements Authentication.Deferred @Override public Authentication login(String username, Object password, ServletRequest request) { + if (username == null) + return null; + UserIdentity identity = _authenticator.login(username, password, request); if (identity != null) { |