[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-3109) I get a NullPointerException when I try to use HTTP Basic Authentication.

[Ken Qiu (JIRA)]

I get a NullPointerException when I try to use HTTP Basic Authentication.
-------------------------------------------------------------------------

                 Key: JBSEAM-3109
                 URL: http://jira.jboss.com/jira/browse/JBSEAM-3109
             Project: Seam
          Issue Type: Bug
          Components: Framework
    Affects Versions: 2.0.2.SP1
         Environment: Windows XP sp2, Jboss 4.2.2.GA
            Reporter: Ken Qiu
            Priority: Blocker


I get a NullPointerException when I try to use HTTP Basic Authentication.

I've added the following to components.xml:

<security:identity authenticate-method="#{authenticatorTest.login}" />
<web:authentication-filter url-pattern="*.seam" auth-type="basic"/>

Here's the stack trace:

14:00:26,359 ERROR [ExceptionFilter] handling uncaught exception
java.lang.NullPointerException
	at org.jboss.seam.web.AuthenticationFilter.processBasicAuth(AuthenticationFilter.java:158)
	at org.jboss.seam.web.AuthenticationFilter.doFilter(AuthenticationFilter.java:118)
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
	at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
	at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
	at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
	at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:73)
	at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
	at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
	at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
	at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
	at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)

I noticed that the Identity component is not started until after the exception:

14:00:26,359 INFO  [Contexts] starting up: org.jboss.seam.security.identity
14:00:26,359 INFO  [Contexts] starting up: org.jboss.seam.web.session

I checked the seam sources and this is the line that is causing the exception (AuthenticationFilter.java #158):

if (!identity.isLoggedIn() && !identity.isCredentialsSet())

So, it "identity" is null. This is consistent with my observation (above) that the component was not started yet.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira