8 Replies Latest reply on Jul 10, 2008 5:33 PM by leegreiner

    NPE in ExtendedFormAuthenticator

    leegreiner Newbie

      I belive I have come across an issue when using the ExtendedFormAuthenticator in 4.0.5.GA. When a user sits on the login page for too long and their session expires the following NullPointerException is thrown in ExtendedFormAuthenticator.authenticate():

      13:44:15,765 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
      java.lang.NullPointerException
      at org.jboss.web.tomcat.security.ExtendedFormAuthenticator.authenticate(ExtendedFormAuthenticator.java:104)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
      at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
      at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
      at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
      at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
      at java.lang.Thread.run(Thread.java:595)

      The session appears to be null and an attempt is made to remove a note from the session thereby causing the NPE. Earlier references to the session are enclosed by if(session != null). The one attempting to remove the note is not.

      Any comments?