Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 7.1.0.DR12
Affects Version/s: 7.1.0.DR8
Component/s: Security
Labels:
- authentication
- sasl

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Steps to Reproduce:

Hide

Call methods of the Sasl*Factory classes with null parameters (where the contract allows it).

You can use tests in SaslFactoriesApiTest.java for verification.

Show
Call methods of the Sasl*Factory classes with null parameters (where the contract allows it). You can use tests in SaslFactoriesApiTest.java for verification.

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Java SaslClientFactory and SaslServerFactory interfaces define where null parameters or null return values are allowed and which Exception types can be used in methods. Elytron implementation of SASL mechanisms doesn't follow this contract, which results in NullPointerExceptions.

E.g.

java.lang.NullPointerException
	at org.wildfly.security.sasl.scram.ScramSaslClientFactory.getMechanismNames(ScramSaslClientFactory.java:119)
...

is cloned by

ELY-788 Elytron SASL factories don't follow contract from corresponding Java interfaces

Resolved

Assignee:: Jan Kalina (Inactive)

Reporter:: Josef Cacek (Inactive)

Need Info From:: Jan Kalina (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2016/11/23 10:20 AM

Updated:: 2021/10/24 6:11 AM

Resolved:: 2017/02/15 12:02 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Hide