Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Wilkins2012-02-09 19:58:19 -0500
committerGreg Wilkins2012-02-09 19:58:19 -0500
commita4a5e56aeb9819990d16b883f07dadc5e2199217 (patch)
treed75cf090b70b15439b81148bbf76194a8445482f /jetty-security/src/main/java
parentb949fb762273d7a6e23a8e7eb9dcf7f4b2bb99e7 (diff)
downloadorg.eclipse.jetty.project-a4a5e56aeb9819990d16b883f07dadc5e2199217.tar.gz
org.eclipse.jetty.project-a4a5e56aeb9819990d16b883f07dadc5e2199217.tar.xz
org.eclipse.jetty.project-a4a5e56aeb9819990d16b883f07dadc5e2199217.zip
371162 NPE protection for nested security handlers
Diffstat (limited to 'jetty-security/src/main/java')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java17
1 files changed, 10 insertions, 7 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
index f6af097880..d6f69bbb91 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
@@ -503,15 +503,18 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
previousIdentity = deferred.getPreviousAssociation();
deferred.setIdentityService(null);
}
-
- Authentication auth=baseRequest.getAuthentication();
- if (auth instanceof Authentication.User)
+
+ if (authenticator!=null)
{
- Authentication.User userAuth = (Authentication.User)auth;
- authenticator.secureResponse(request, response, isAuthMandatory, userAuth);
+ Authentication auth=baseRequest.getAuthentication();
+ if (auth instanceof Authentication.User)
+ {
+ Authentication.User userAuth = (Authentication.User)auth;
+ authenticator.secureResponse(request, response, isAuthMandatory, userAuth);
+ }
+ else
+ authenticator.secureResponse(request, response, isAuthMandatory, null);
}
- else
- authenticator.secureResponse(request, response, isAuthMandatory, null);
}
else
{

Back to the top