Bug 472654 - Missing email address in Administration Panel causes Velocity Servlet NULL Pointer Exception
Missing email address in Administration Panel causes Velocity Servlet NULL Po...
Product: Dogtag Certificate System
Classification: Community
Component: Installation Wizard (Show other bugs)
All Linux
high Severity low
: ---
: ---
Assigned To: Ade Lee
Chandrasekar Kannan
Depends On:
Blocks: 443788
  Show dependency treegraph
Reported: 2008-11-22 17:48 EST by Matthew Harmsen
Modified: 2015-01-05 20:17 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-07-22 19:30:28 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch to fix (5.29 KB, patch)
2008-12-16 23:13 EST, Ade Lee
no flags Details | Diff

  None (edit)
Description Matthew Harmsen 2008-11-22 17:48:32 EST
While attempting to configure a CA on RHEL5.2, I forgot to enter an email address in the Administration Panel of the Configuration Wizard.  I received the following problem:

VelocityServlet: Error processing the template

	at com.netscape.certsrv.util.HttpInput.getEmail(HttpInput.java:267)
	at com.netscape.cms.servlet.csadmin.AdminPanel.validate(AdminPanel.java:198)
	at com.netscape.cms.servlet.wizard.WizardServlet.goNextApply(WizardServlet.java:313)
	at com.netscape.cms.servlet.wizard.WizardServlet.goNext(WizardServlet.java:294)
	at com.netscape.cms.servlet.wizard.WizardServlet.handleRequest(WizardServlet.java:470)
	at org.apache.velocity.servlet.VelocityServlet.doRequest(VelocityServlet.java:358)
	at org.apache.velocity.servlet.VelocityServlet.doPost(VelocityServlet.java:327)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:542)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
	at java.lang.Thread.run(Thread.java:636)

In the file common/src/com/netscape/certsrv/util/HttpInput.java, the NULL pointer exception comes from attempting to parse an empty "name" value:

   public static String getEmail(HttpServletRequest request, String name)
        throws IOException
        String v = getString(request, name);
        if (v.indexOf('@') == -1) {
           throw new IOException("Invalid email " + v);
        return v;

Code should be placed in the panel to disallow a user from ever going to the code in the first place.
Comment 1 Matthew Harmsen 2008-11-22 19:15:11 EST
NOTE:  This bug may be invalid, as it may have been caused by a certificate
       pre-existing in the browser's database, since retrying yielded problems
       with the Panels skipping the highlighting of the "Import CA Certificate
       Chain", and the "Administration" panel was completely greyed-out (thus
       why no email address got entered).  One potential problem may be that
       the system thought that it was a "clone", since the code doesn't appear
       to get executed for this type of configuration.
Comment 2 Matthew Harmsen 2008-12-15 14:22:57 EST
This problem can be seen on the following virtual machine:

meatpie.dsdev.sjc.redhat.com (RHEL 5.2 + OpenJDK 1.6.0)
Comment 3 Ade Lee 2008-12-16 23:11:20 EST
The problem results because some change made in common-ui in dogtag were not replicated to the redhat subversion tree.

The specific changes can be found in BZ 224765 and BZ 223367.
Comment 4 Ade Lee 2008-12-16 23:13:27 EST
Created attachment 327202 [details]
patch to fix

patch with required changes to be ported over.  There are no differences between the changes in dogtag and the changes required here.

mharmsen, please review.
Comment 5 Matthew Harmsen 2008-12-17 13:59:03 EST
attachment (id=327202) +mharmsen
Comment 6 Ade Lee 2008-12-17 14:41:38 EST
[builder@dhcp231-124 pki]$ svn ci -m "Bugzilla BZ 472654" redhat
Sending        redhat/common-ui/redhat-pki-common-ui.el4sol9.spec
Sending        redhat/common-ui/redhat-pki-common-ui.spec
Sending        redhat/common-ui/shared/admin/console/config/adminpanel.vm
Sending        redhat/common-ui/shared/admin/console/config/databasepanel.vm
Transmitting file data ....
Committed revision 15377.
Comment 7 Kashyap Chamarthy 2009-06-11 09:06:17 EDT
Verified (on RHEL 5.3, June-8-build). No code is thrown when a valid email is not given, instead an "invalid email address" error is thrown

Note You need to log in before you can comment on or make changes to this bug.