[KAFKA-5802] ScramServerCallbackHandler#handle should check username not being null before calling credentialCache.get() - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: security
Labels:
None

Description

        String username = null;
        for (Callback callback : callbacks) {
            if (callback instanceof NameCallback)
                username = ((NameCallback) callback).getDefaultName();
            else if (callback instanceof ScramCredentialCallback)
                ((ScramCredentialCallback) callback).scramCredential(credentialCache.get(username));

Since ConcurrentHashMap, used by CredentialCache, doesn't allow null keys, we should check that username is not null before calling credentialCache.get()

Attachments

Issue Links

links to

GitHub Pull Request #3946

Activity

People

Assignee:: Unassigned

Reporter:: Ted Yu

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 28/Aug/17 18:23

Updated:: 03/Aug/18 21:00