[FELIX-4995] NPE when updating Apache Felix OSGi Management Console configuration without a password - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: webconsole-4.2.10
Fix Version/s: webconsole-4.2.12
Component/s: Web Console
Labels:
None

Description

The following exception occurs, when you try to save the webconsole configuration from the web console config plugin:

java.lang.NullPointerException
	java.security.MessageDigest$Delegate(java.security.MessageDigest).update(byte[]) line: 293	
	java.security.MessageDigest$Delegate(java.security.MessageDigest).digest(byte[]) line: 368	
	org.apache.felix.webconsole.internal.servlet.Password.hashPassword(byte[], java.lang.String) line: 178	
	org.apache.felix.webconsole.internal.servlet.Password.hashPassword(java.lang.String, byte[]) line: 118	
	org.apache.felix.webconsole.internal.servlet.Password.hashPassword(java.lang.String) line: 77

The implementation obviously expects password to be always set.
However initially the configuration doesn't exist and when you create it with web console, the password is not set yet.
However, if you do not edit the password in the configuration dialog, it is set to a PASSWORD_PLACEHOLDER_VALUE = "unmodifed".

Then the following code becomes the reason of the problem, because of the incorrect assumption:

// assumption: config is not null and as a non-null password String property
final String pwd = ( String ) config.get( OsgiManager.PROP_PASSWORD );
final String hashedPassword = Password.hashPassword( pwd );

Attachments

Activity

People

Assignee:: Valentin Valchev

Reporter:: Valentin Valchev

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 07/Aug/15 08:12

Updated:: 23/Sep/15 12:52

Resolved:: 07/Aug/15 08:15