From 6e2ffeb8cb5e0285fd2cdd730b07fb54a74a110b Mon Sep 17 00:00:00 2001
From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Wed, 25 Feb 2009 15:46:46 +0000
Subject: [PATCH] Fix possible NPE

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@747834 13f79535-47bb-0310-9956-ffa450edef68
---
 java/org/apache/catalina/realm/DataSourceRealm.java | 5 +++--
 java/org/apache/catalina/realm/JDBCRealm.java       | 7 ++++---
 java/org/apache/catalina/realm/MemoryRealm.java     | 2 +-
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/java/org/apache/catalina/realm/DataSourceRealm.java b/java/org/apache/catalina/realm/DataSourceRealm.java
index 9288ff765..c6ec6e93a 100644
--- a/java/org/apache/catalina/realm/DataSourceRealm.java
+++ b/java/org/apache/catalina/realm/DataSourceRealm.java
@@ -270,8 +270,9 @@ public class DataSourceRealm
      */
     public Principal authenticate(String username, String credentials) {
     	
-    	// No user - can't possibly authenticate, don't bother the database then
-    	if (username == null) {
+    	// No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+    	if (username == null || credentials == null) {
     		return null;
     	}
         
diff --git a/java/org/apache/catalina/realm/JDBCRealm.java b/java/org/apache/catalina/realm/JDBCRealm.java
index 7cd17d0a0..05fd1fa88 100644
--- a/java/org/apache/catalina/realm/JDBCRealm.java
+++ b/java/org/apache/catalina/realm/JDBCRealm.java
@@ -393,9 +393,10 @@ public class JDBCRealm
                                                String username,
                                                String credentials) {
 
-        // No user - can't possibly authenticate
-        if (username == null) {
-            return (null);
+        // No user or no credentials
+        // Can't possibly authenticate, don't bother the database then
+        if (username == null || credentials == null) {
+            return null;
         }
 
         // Look up the user's credentials
diff --git a/java/org/apache/catalina/realm/MemoryRealm.java b/java/org/apache/catalina/realm/MemoryRealm.java
index ca1f70ca2..343a8d45d 100644
--- a/java/org/apache/catalina/realm/MemoryRealm.java
+++ b/java/org/apache/catalina/realm/MemoryRealm.java
@@ -147,7 +147,7 @@ public class MemoryRealm  extends RealmBase {
         GenericPrincipal principal = principals.get(username);
 
         boolean validated = false;
-        if (principal != null) {
+        if (principal != null && credentials != null) {
             if (hasMessageDigest()) {
                 // Hex hashes should be compared case-insensitive
                 validated = (digest(credentials)
-- 
2.11.0