Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Bartel2013-08-12 02:36:08 -0400
committerJan Bartel2013-08-12 02:36:08 -0400
commite3e9264a07cf453a7c02a6dd9f65e1380df5d444 (patch)
treecac0e11fd8a79b46ba5f3a3ab5f58948d74cdefc /jetty-security/src/main/java
parent80988c8b1ff4ba23f31f5b500ff6869119944830 (diff)
downloadorg.eclipse.jetty.project-e3e9264a07cf453a7c02a6dd9f65e1380df5d444.tar.gz
org.eclipse.jetty.project-e3e9264a07cf453a7c02a6dd9f65e1380df5d444.tar.xz
org.eclipse.jetty.project-e3e9264a07cf453a7c02a6dd9f65e1380df5d444.zip
414840 Request.login() throws NPE if username is null
Diffstat (limited to 'jetty-security/src/main/java')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java3
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java3
2 files changed, 6 insertions, 0 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java
index 41648d6a6c..37c72c37dd 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java
@@ -212,6 +212,9 @@ public abstract class MappedLoginService extends AbstractLifeCycle implements Lo
*/
public UserIdentity login(String username, Object credentials)
{
+ if (username == null)
+ return null;
+
UserIdentity user = _users.get(username);
if (user==null)
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
index d47a65d1fc..b1a2c6061e 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
@@ -116,6 +116,9 @@ public class DeferredAuthentication implements Authentication.Deferred
@Override
public Authentication login(String username, Object password, ServletRequest request)
{
+ if (username == null)
+ return null;
+
UserIdentity identity = _authenticator.login(username, password, request);
if (identity != null)
{

Back to the top