Bug 129672

Summary: Timeout of user Session still results in null pointer error
Product: [Retired] Red Hat Network Reporter: Mike McCune <mmccune>
Component: RHN/R&DAssignee: Jesus M. Rodriguez <jesusr>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: RHN Devel   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-08-20 02:49:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 125080    

Description Mike McCune 2004-08-11 18:53:12 UTC 
Bookmark a page specific to a User (for example:
http://localhost:8080/Addresses.do?uid=2266493) and let your session
timeout.

Then hit the URL again and you get:

[ServletException in:/WEB-INF/pages/addresses.jsp]
IllegalInvocationException calling aclOrgEntitlement
("org_entitlement(rhn_monitor)"): null'
Comment 1 Jesus M. Rodriguez 2004-08-19 22:26:12 UTC 
The culprit is in the NavMenuTag.java file.  If the request attribute
"session" is null, we set the user to null.  Then we proceed to call
the AclGuard with a null user.  Bad idea.
Comment 2 Jesus M. Rodriguez 2004-08-20 02:46:43 UTC 
Reassigning to jesusr
Comment 3 Jesus M. Rodriguez 2004-08-20 02:49:47 UTC 
Fixed in Access.java.  Rather than fix the tag, I fixed the acl.  It
should return false if it can't access the user.