[OAK-8231] Unreachable code in LoginModuleImpl.getLoginId - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.14.0
Component/s: core, security
Labels:
None

Description

stillalex, as discussed today it seems that the following block in LoginModuleImpl.getLoginId can never be reached

   [... here if-statements for 3 types of supported credentials...]
   else {
                try {
                    NameCallback callback = new NameCallback("User-ID: ");
                    callbackHandler.handle(new Callback[] { callback });
                    uid = callback.getName();
                } catch (IOException | UnsupportedCallbackException e) {
                    onError();
                    log.error(e.getMessage(), e);
                }
            }

the reason for this: that block resides inside an if-statement verifying that credentials are not null. if credentials are not null they will be any of the supported classes according to the implementation of getCredentials, which will return null if none of the credentials extracted from subject/callback/sharedstate is supported.

as discussed the safest way to deal with this is probably to get rid of that block altogether. let me know if you have any concern with that approach.

Attachments

Activity

People

Assignee:: Angela Schreiber

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 11/Apr/19 15:55

Updated:: 11/Jun/19 10:51

Resolved:: 15/Apr/19 11:20