Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
2.3
-
None
-
None
-
All
-
Trivial, see patch above
Description
If an incorrect username or password is used ehen e.g. posting a new entry via the Atom API instead of getting a 401 error (Unauthorized) you get a 500 server error because of a NullPOinterException in RollerAtomHandler.
RollerAtomHandler#getAuthenticatedUsername was not checking if this.user was null.
The patch for my proposed fix is below :
Index: RollerAtomHandler.java
===================================================================
— RollerAtomHandler.java (revision 414838)
+++ RollerAtomHandler.java (working copy)
@@ -121,6 +121,9 @@
- Return weblogHandle of authenticated user or null if there is none.
*/
public String getAuthenticatedUsername()Unknown macro: {+ if (this.user == null) { + return null; + } return this.user.getUserName(); }