[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-serviceability-dev
Subject: Re: RFR: 8282730: LdapLoginModule throw NPE from logout method after login failure [v3]
From: Weijun Wang <weijun () openjdk ! org>
Date: 2022-07-18 17:54:09
Message-ID: BpA-ZGs_Y2Qe_8SCxpZa-IRUwwHlE_3cetmkgQgIjSA=.bcd1b6cb-0b8c-46f8-95f9-96006434cdfb () github ! com
[Download RAW message or body]
On Sat, 16 Jul 2022 13:46:58 GMT, Weijun Wang <weijun@openjdk.org> wrote:
> > Add null-checks in all `LoginModule` implementations. It's possible that an \
> > application calls `logout` after a login failure, where most internal variables \
> > for principals and credentials are null and removing a null from the `Subject`'s \
> > principals and credentials sets will trigger a `NullPointerException`.
>
> Weijun Wang has updated the pull request incrementally with one additional commit \
> since the last revision:
> more comment
Thanks. CSR is filed at https://bugs.openjdk.org/browse/JDK-8290119. I've also \
written a release note at https://bugs.openjdk.org/browse/JDK-8290467. Please take a \
review.
-------------
PR: https://git.openjdk.org/jdk/pull/9348
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic