From: Brett Porter <brett@apache.org>
Date: Fri, 6 Mar 2009 16:08:12 +0000 (+0000)
Subject: [MNG-1106] guard against NPE which can be generated by the LDAP user manager if misco... 
X-Git-Tag: archiva-1.2~93
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=4b34d911eb606d05f4bdc9c4f73e8e6283565bf9;p=archiva.git

[MNG-1106] guard against NPE which can be generated by the LDAP user manager if misconfigured


git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@750953 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
index 11d39592d..1b533d30f 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
@@ -105,6 +105,10 @@ public class ArchivaServletAuthenticator
             }
             
             User user = securitySystem.getUserManager().findUser( principal );
+            if ( user == null )
+            {
+                throw new UnauthorizedException( "The security system had an internal error - please check your system logs" );
+            }
             if ( user.isLocked() )
             {
                 throw new UnauthorizedException( "User account is locked." );
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
index 842a5e647..d99b08932 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
@@ -77,6 +77,10 @@ public class DefaultUserRepositories
         try
         {
             User user = securitySystem.getUserManager().findUser( principal );
+            if ( user == null )
+            {
+                throw new ArchivaSecurityException( "The security system had an internal error - please check your system logs" );
+            }
 
             if ( user.isLocked() )
             {
@@ -145,6 +149,10 @@ public class DefaultUserRepositories
         try
         {
             User user = securitySystem.getUserManager().findUser( principal );
+            if ( user == null )
+            {
+                throw new ArchivaSecurityException( "The security system had an internal error - please check your system logs" );
+            }
 
             if ( user.isLocked() )
             {