From e5dca51d7e60a6e98c6eddbb4b5d4b5dfc4666a1 Mon Sep 17 00:00:00 2001
From: Jeff Burke <Jeff.Burke@nrc-cnrc.gc.ca>
Date: Fri, 18 Mar 2016 11:38:12 -0700
Subject: [PATCH] s1890: get a not null principal for logging in
 CreateUserAction

---
 .../src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java    | 10 +++++++---
 .../nrc/cadc/ac/server/web/users/CreateUserAction.java |  9 ++++++++-
 .../cadc/ac/server/web/users/UserActionFactory.java    |  2 +-
 3 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
index aeb81ba6..ff228707 100755
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -281,21 +281,25 @@ public class LdapUserDAO extends LdapDAO
         {
             throw new IllegalArgumentException("No user identities");
         }
-        Principal idForLogging = principals.iterator().next();
 
         if (user.posixDetails != null)
         {
             throw new UnsupportedOperationException("Support for users PosixDetails not available");
         }
 
+        Set<X500Principal> x500Principals = user.getIdentities(X500Principal.class);
+        if (x500Principals.isEmpty())
+        {
+            throw new IllegalArgumentException("No user X500Principals found");
+        }
+        X500Principal idForLogging = x500Principals.iterator().next();
+
         // check current users
         for (Principal p : principals)
         {
             checkUsers(p, null, config.getUsersDN());
         }
 
-        Set<X500Principal> x500Principals = user.getIdentities(X500Principal.class);
-
         try
         {
             long numericID = genNextNumericId();
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java
index eb82732f..e983a9ca 100644
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java
@@ -70,8 +70,10 @@ package ca.nrc.cadc.ac.server.web.users;
 
 import ca.nrc.cadc.ac.User;
 
+import javax.security.auth.x500.X500Principal;
 import java.io.InputStream;
 import java.security.AccessControlException;
+import java.util.Set;
 
 public class CreateUserAction extends AbstractUserAction
 {
@@ -95,7 +97,12 @@ public class CreateUserAction extends AbstractUserAction
         userPersistence.addUser(user);
 
         syncOut.setCode(201);
-        logUserInfo(user.getHttpPrincipal().getName());
+        Set<X500Principal> x500Principals = user.getIdentities(X500Principal.class);
+        if (!x500Principals.isEmpty())
+        {
+            X500Principal x500Principal = x500Principals.iterator().next();
+            logUserInfo(x500Principal.getName());
+        }
     }
 
 }
diff --git a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java
index b8b28d02..dc3cdc25 100644
--- a/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java
+++ b/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserActionFactory.java
@@ -258,7 +258,7 @@ public abstract class UserActionFactory
         }
         else
         {
-            throw new IllegalArgumentException("Unregonized userid");
+            throw new IllegalArgumentException("Unrecognized userid");
         }
     }
 
-- 
GitLab