When using the embedded tomcat with a MemoryRealm for basic authentication, a request containing an unknown username leads to a NullPointerException. java.lang.NullPointerException org.apache.catalina.realm.MemoryRealm.authenticate(MemoryRealm.java:143) org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:164) .... MemoryRealm.authenticate get the principal via principals.get(username). If the user is not known, he result is null.
Thanks for the report. This has been fixed in trunk for 8.0.4 and in 7.0.x for 7.0.53 onwards.