[
https://issues.apache.org/jira/browse/CXF-1655?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12605945#action_12605945
]
Sergey Beryozkin commented on CXF-1655:
---------------------------------------
Thanks for the analysis, it's very welcome. This NullPointerException is fixed
in my private snapshot but I won't have time to ensure all the right error
status codes are returned. We'll fixed it afterwards.
> NPE when no sub-resource method found that matches to the request
> -----------------------------------------------------------------
>
> Key: CXF-1655
> URL: https://issues.apache.org/jira/browse/CXF-1655
> Project: CXF
> Issue Type: Bug
> Components: REST
> Affects Versions: 2.1
> Reporter: Zagyvai Balazs
> Attachments: test.zip
>
>
> Hi,
> In the process of matching a request to a resource method, a sub-resource
> locator (if any involved) returns a sub-resource class. CXF will try to find
> a method in that class with which it continues the request matching, but it
> doesn't check if a suitable method can actually be found. This can result in
> a NPE.
> At org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:139):
> OperationResourceInfo subOri = JAXRSUtils.findTargetMethod(subCri,
>
> subResourcePath,
>
> httpMethod,
>
> values,
>
> contentType,
>
> acceptContentType);
> This call to findTargetMethod() is made in order to get the handler method
> from the sub-resource class. At this point a check is missing to see whether
> subOri is null, because later it is assumed to represent either a
> sub-resource method or a sub-resource locator.
> subOri can be null for a number of reasons:
> 1. no method found with matching URI template,
> 2. no resource method found for the given httpMethod,
> 3. no method found with matching @ConsumeMime value,
> 4. no method found with matching @ProduceMime value.
> According to the JAX-RS spec v0.6, section 2.5, step 3, the above cases have
> to result in:
> 1. well, not sure about this, step 3.(c) simply says "otherwise no matching
> resource method can be found and the algorithm terminates". I would guess a
> not found response (HTTP 404 status) would be proper, as this is similar to
> the case in step 2.(e).
> 2. a method not allowed response (HTTP 405 status)
> 3. an unsupported media type response (HTTP 415 status)
> 4. a not acceptable response (HTTP 406 status)
> Sorry, I don't feel familiar enough with the code yet to try to send a patch
> for this bug.
> Thanks,
> Balazs
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
