If you have not declared any security roles for a portlet in the deployment descriptor (portlet.xml) and then invoke the isUserInRole() method of either the RenderRequest or ActionRequest objects, a NullPointerException is thrown:
In the isUserInRole() method of the PortletRequestImpl class the getSecurityRoleRefs() method of the PortletDD is invoked and then an iterator is requested for the returned List – however, the return value of getSecurityRoleRefs() is not checked for a null value before invoking the iterator() method.
As a workaround you can make sure that you always declare at least on <security-role-ref> element in your portlet.xml file – this will ensure that the list returned by getSecurityRoleRefs() is not null.
|Status||Open [ 1 ]||Resolved [ 5 ]|
|Resolution||Fixed [ 1 ]|
|Workflow||jira [ 12444549 ]||Default workflow, editable Closed status [ 12565096 ]|
|Workflow||Default workflow, editable Closed status [ 12565096 ]||jira [ 12585891 ]|