[MNG-1106] guard against NPE which can be generated by the LDAP user manager if misconfigured

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@750953 13f79535-47bb-0310-9956-ffa450edef68
author: Brett Porter <brett@apache.org> 2009-03-06 16:08:12 +0000
committer: Brett Porter <brett@apache.org> 2009-03-06 16:08:12 +0000
commit: 4b34d911eb606d05f4bdc9c4f73e8e6283565bf9 (patch)
tree: ecc55ae399c3d932babd772b3ccc18facf2b9f63 /archiva-modules/archiva-web/archiva-security
parent: adf0f01d13f602754d824843ce3b8b3d43b844c2 (diff)
download: archiva-4b34d911eb606d05f4bdc9c4f73e8e6283565bf9.tar.gz
archiva-4b34d911eb606d05f4bdc9c4f73e8e6283565bf9.zip
2 files changed, 12 insertions, 0 deletions
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
index 11d39592d..1b533d30f 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
@@ -105,6 +105,10 @@ public class ArchivaServletAuthenticator
             }
             
             User user = securitySystem.getUserManager().findUser( principal );
+            if ( user == null )
+            {
+                throw new UnauthorizedException( "The security system had an internal error - please check your system logs" );
+            }
             if ( user.isLocked() )
             {
                 throw new UnauthorizedException( "User account is locked." );
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
index 842a5e647..d99b08932 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
@@ -77,6 +77,10 @@ public class DefaultUserRepositories
         try
         {
             User user = securitySystem.getUserManager().findUser( principal );
+            if ( user == null )
+            {
+                throw new ArchivaSecurityException( "The security system had an internal error - please check your system logs" );
+            }
 
             if ( user.isLocked() )
             {
@@ -145,6 +149,10 @@ public class DefaultUserRepositories
         try
         {
             User user = securitySystem.getUserManager().findUser( principal );
+            if ( user == null )
+            {
+                throw new ArchivaSecurityException( "The security system had an internal error - please check your system logs" );
+            }
 
             if ( user.isLocked() )
             {
author	Brett Porter <brett@apache.org>	2009-03-06 16:08:12 +0000
committer	Brett Porter <brett@apache.org>	2009-03-06 16:08:12 +0000
commit	4b34d911eb606d05f4bdc9c4f73e8e6283565bf9 (patch)
tree	ecc55ae399c3d932babd772b3ccc18facf2b9f63 /archiva-modules/archiva-web/archiva-security
parent	adf0f01d13f602754d824843ce3b8b3d43b844c2 (diff)
download	archiva-4b34d911eb606d05f4bdc9c4f73e8e6283565bf9.tar.gz archiva-4b34d911eb606d05f4bdc9c4f73e8e6283565bf9.zip