Uploaded image for project: 'Apache Fineract'
  1. Apache Fineract
  2. FINERACT-1146

NPE at String.replace() at TenantAwareBasicAuthenticationFilter

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Auto Closed
    • None
    • None
    • Security

    Description

      While exploring FINERACT-1145 for FINERACT-726, I've found that invoking /fineract-provider/api/oauth/token without {{-Psecurity=oauth}} causes an HTTP 500 Internal Server Error due to:

      SEVERE: Servlet.service() for servlet [dispatcherServlet] in context with path [/fineract-provider] 
threw exception 
java.lang.NullPointerException 
 at java.base/java.lang.String.replace(String.java:2142) 
 at org.apache.fineract.infrastructure.security.filter.TenantAwareBasicAuthenticationFilter.doFilterInternal(TenantAwareBasicAuthenticationFilter.java:131)
 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)

      Perhaps we could handle this more gracefully and return a better error (400-ish?) to the client.

      Attachments

        Activity

          People

            Unassigned Unassigned
            vorburger Michael Vorburger
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: