Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-8231

Unreachable code in LoginModuleImpl.getLoginId

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.14.0
    • Component/s: core, security
    • Labels:
      None

      Description

      Alex Deparvu, as discussed today it seems that the following block in LoginModuleImpl.getLoginId can never be reached

         [... here if-statements for 3 types of supported credentials...]
         else {
                      try {
                          NameCallback callback = new NameCallback("User-ID: ");
                          callbackHandler.handle(new Callback[] { callback });
                          uid = callback.getName();
                      } catch (IOException | UnsupportedCallbackException e) {
                          onError();
                          log.error(e.getMessage(), e);
                      }
                  }
      

      the reason for this: that block resides inside an if-statement verifying that credentials are not null. if credentials are not null they will be any of the supported classes according to the implementation of getCredentials, which will return null if none of the credentials extracted from subject/callback/sharedstate is supported.

      as discussed the safest way to deal with this is probably to get rid of that block altogether. let me know if you have any concern with that approach.

        Attachments

          Activity

            People

            • Assignee:
              angela Angela Schreiber
              Reporter:
              angela Angela Schreiber
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: