and = CONFIDENTIAL

bugzilla Thu, 11 Apr 2002 09:20:51 -0700

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7973>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.


http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7973

Null Pointer exception with apache/mod_webapp/SSL/ and <user-data-constraint> = 
CONFIDENTIAL

           Summary: Null Pointer exception with apache/mod_webapp/SSL/ and
                    <user-data-constraint> = CONFIDENTIAL
           Product: Tomcat 4
           Version: 4.0 Final
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina:Modules
        AssignedTo: [EMAIL PROTECTED]
        ReportedBy: [EMAIL PROTECTED]


I've spent several days researching this problem and have had no luck, so I'm 
assuming this is a bug:

Configuration:

Apache 1.3.22 with mod_ssl and mod_webapp sitting in front of Tomcat 4.03. SSL 
and mod_webApp seem to be set-up correctly as I can access the entire web 
application via https. The problem arises when I set the user-data-constraint 
for any of my resources to CONFIDENTIAL. When I do that, I get a null pointer 
exception whenever I try to access my webapp.

Server.xml is configured with one connector: WarpConnector:

<Service name="Tomcat-Apache">

     <Connector className="org.apache.catalina.connector.warp.WarpConnector"
     port="8181" minProcessors="2" maxProcessors="5"
     enableLookups="true"
     acceptCount="10" redirectPort="443" debug="9"/>

    <!-- Replace "localhost" with what your Apache "ServerName" is set to -->
    <Engine className="org.apache.catalina.connector.warp.WarpEngine"
     name="develop.streetmail.com" debug="9" appBase="webapps">

      <!-- Global logger unless overridden at lower levels -->
      <Logger className="org.apache.catalina.logger.FileLogger"
              prefix="apache_log." suffix=".txt"
              timestamp="true"/>

      <!-- Because this Realm is here, an instance will be shared globally -->
<!--
      <Realm className="org.apache.catalina.realm.MemoryRealm" />
-->

      <!-- Replace the above Realm with one of the following to get a Realm
           stored in a database and accessed via JDBC -->
      <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
             driverName="org.gjt.mm.mysql.Driver"
          connectionURL="jdbc:mysql://citation.streetmail.com:3306/streetmail"
         connectionName="nobody"
     connectionPassword="Uf0&lt;*&gt;"
              userTable="Users" userNameCol="LogIn" userCredCol="TTPass"
          userRoleTable="UserRoles" roleNameCol="UserType"
                 digest="MD5" />
    </Engine>
  </Service>

Here is an example of how my web resources are protected from web.xml:

    <security-constraint>
      <display-name>Query Security Constraint</display-name>
      <web-resource-collection>
         <web-resource-name>Create Query protected area</web-resource-name>
         <!-- Define the context-relative URL(s) to be protected -->
         <url-pattern>/query/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
         <!-- Anyone with one of the listed roles may access this area -->
         <role-name>QUERY</role-name>
         <role-name>RESERVE</role-name>
         <role-name>SUBSCRIBE</role-name>
      </auth-constraint>

      <!-- Comment out when running on box with no SSL support -->
      <user-data-constraint>
          <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
    </security-constraint>

    <!-- Default login configuration uses form-based authentication -->
    <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>Targeting and Tracking</realm-name>
      <form-login-config>
        <form-login-page>/login</form-login-page>
        <form-error-page>/login_error</form-error-page>
      </form-login-config>
    </login-config>


Lastly, here is the exception:

2002-04-11 11:39:59 WarpEngine[develop.streetmail.com]: Mapping request
2002-04-11 11:39:59 WarpHost[develop.streetmail.com]: Mapping request for Host
2002-04-11 11:39:59 [org.apache.catalina.connector.warp.WarpRequestHandler]
java.lang.NullPointerException
        at org.apache.catalina.authenticator.AuthenticatorBase.checkUserData
(AuthenticatorBase.java:702)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:491)
        at org.apache.catalina.core.StandardPipeline.invokeNext
(StandardPipeline.java:564)
        at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:472)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
        at org.apache.catalina.core.StandardContext.invoke
(StandardContext.java:2343)
        at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:180)
        at org.apache.catalina.core.StandardPipeline.invokeNext
(StandardPipeline.java:566)
        at org.apache.catalina.valves.ErrorDispatcherValve.invoke
(ErrorDispatcherValve.java:170)
        at org.apache.catalina.core.StandardPipeline.invokeNext
(StandardPipeline.java:564)
        at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:170)
        at org.apache.catalina.core.StandardPipeline.invokeNext
(StandardPipeline.java:564)
        at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:472)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
        at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:174)
        at org.apache.catalina.core.StandardPipeline.invokeNext
(StandardPipeline.java:566)
        at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:472)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
        at org.apache.catalina.connector.warp.WarpRequestHandler.handle
(WarpRequestHandler.java:217)
        at org.apache.catalina.connector.warp.WarpConnection.run
(WarpConnection.java:194)
        at java.lang.Thread.run(Thread.java:484)

2002-04-11 11:40:00 [org.apache.catalina.connector.warp.WarpConnector] 
Connection from localhost/127.0.0.1:44824 t
o localhost/127.0.0.1:8181
2002-04-11 11:40:00 
[org.apache.catalina.connector.warp.WarpConfigurationHandler] Filter mappings 
(0)
2002-04-11 11:40:00 
[org.apache.catalina.connector.warp.WarpConfigurationHandler] Filter mappings 
(0)
2002-04-11 11:40:00 [org.apache.catalina.connector.warp.WarpConnector] 
Connection from localhost/127.0.0.1:44825 t
o localhost/127.0.0.1:8181
2002-04-11 11:40:00 
[org.apache.catalina.connector.warp.WarpConfigurationHandler] Filter mappings 
(0)
2002-04-11 11:40:00 
[org.apache.catalina.connector.warp.WarpConfigurationHandler] Filter mappings 
(0)


If I look at the code where the exception is happening, it appears as though 
the request object is returning null instead of a Connector:

        // Initialize variables we need to determine the appropriate action
        HttpServletRequest hrequest =
            (HttpServletRequest) request.getRequest();
        HttpServletResponse hresponse =
            (HttpServletResponse) response.getResponse();
        int redirectPort = request.getConnector().getRedirectPort();

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

DO NOT REPLY [Bug 7973] New: - Null Pointer exception with apache/mod_webapp/SSL/ and = CONFIDENTIAL

Reply via email to