Ticket #478 (new task)
Opened 14 months ago
NullPointerException in FormAuthenticationMethod challenge method when triggered from template
| Reported by: | jgou | Owned by: | bruno |
|---|---|---|---|
| Priority: | minor | Milestone: | 0.4 |
| Component: | modules/kauri-security | Version: | |
| Keywords: | Cc: |
Description
The FormAuthenticationMethod challenge method throws a NullPointerException when triggered from a template. This is the case when a template variable pointing to a protected area is used on an unprotected page.
The exception is caused by request.getHostRef().toString() , with hostRef being null.
Suggested approach when hostref is null:
- fix NPE
- log error/warning
- set status code to 401 - Unauthorized instead of doing redirect to login page
Note: See
TracTickets for help on using
tickets.