[jboss-jira] [JBoss JIRA] (WFLY-11130) javax.security.enterprise.SecurityContext.isCallerInRole throws NullPointerException if the caller is not authenticated (New Java EE 8 Security)

Lukas Kuzmiak (Jira) issues at jboss.org
Mon Nov 11 02:17:00 EST 2019 

    [ https://issues.jboss.org/browse/WFLY-11130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13810440#comment-13810440 ] 

Lukas Kuzmiak commented on WFLY-11130:
--------------------------------------

This still happens to me with 18.0.0.Final nowadays, is it a bug?

{{Caused by: java.lang.NullPointerException
	at org.glassfish.soteria at 1.0.1//org.glassfish.soteria.authorization.JACC.fromSubject(JACC.java:142)
	at org.glassfish.soteria at 1.0.1//org.glassfish.soteria.authorization.JACC.hasPermission(JACC.java:101)
	at org.glassfish.soteria at 1.0.1//org.glassfish.soteria.authorization.JACC.isCallerInRole(JACC.java:56)
	at org.glassfish.soteria at 1.0.1//org.glassfish.soteria.authorization.spi.impl.ReflectionAndJaccCallerDetailsResolver.isCallerInRole(ReflectionAndJaccCallerDetailsResolver.java:58)
	at org.glassfish.soteria at 1.0.1//org.glassfish.soteria.SecurityContextImpl.isCallerInRole(SecurityContextImpl.java:65)
}}

> javax.security.enterprise.SecurityContext.isCallerInRole throws NullPointerException if the caller is not authenticated (New Java EE 8 Security)
> ------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WFLY-11130
>                 URL: https://issues.jboss.org/browse/WFLY-11130
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 14.0.1.Final
>            Reporter: Instantiation Exception
>            Priority: Major
>
> I tried to use new Java EE 8 Security API and noticed that javax.security.enterprise.SecurityContext.isCallerInRole throws NullPointerException if the caller is not authenticated. But according to JavaDoc it should return false in this situation.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the jboss-jira mailing list