JNDIRealm does not catch NullPointerException for Sun's LDAP provider

git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk@539907 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java
index a5144c6..6b99df5 100644 (file)
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -808,6 +808,23 @@ public class JNDIRealm extends RealmBase {
                 // Authenticate the specified username if possible
                 principal = authenticate(context, username, credentials);
 
+            } catch (NullPointerException e) {
+                /* BZ 42449 - Kludge Sun's LDAP provider
+                   with broken SSL
+                */
+                // log the exception so we know it's there.
+                containerLog.warn(sm.getString("jndiRealm.exception"), e);
+
+                // close the connection so we know it will be reopened.
+                if (context != null)
+                    close(context);
+
+                // open a new directory context.
+                context = open();
+
+                // Try the authentication again.
+                principal = authenticate(context, username, credentials);
+
             } catch (CommunicationException e) {
 
                 // log the exception so we know it's there.

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 81a749b..c450011 100644 (file)
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -18,7 +18,12 @@
   <subsection name="Catalina">
     <changelog>
       <fix>
-         <bug>42444</bug>: prevent NPE 
+         <bug>42449</bug>:
+         JNDIRealm does not catch NullPointerException for Sun's
+         LDAP provider (See bug for details) (funkman)
+      </fix>
+      <fix>
+         <bug>42444</bug>: prevent NPE for AccessLogValve
          Patch provided by Nils Hammar (funkman)
       </fix>
       <fix>