Bug 485674 AuthorizedUserFilter assumes Authentication service is active

eclipse-archived · Jan 12, 2016 · 5dc0ee7 · 5dc0ee7
1 parent 24a3a76
commit 5dc0ee7
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 10 deletions.
diff --git a/...lipse.orion.server.servlets/src/org/eclipse/orion/internal/server/servlets/Activator.java b/...lipse.orion.server.servlets/src/org/eclipse/orion/internal/server/servlets/Activator.java
@@ -1,5 +1,5 @@
 /*******************************************************************************
- * Copyright (c) 2009, 2015 IBM Corporation and others 
+ * Copyright (c) 2009, 2016 IBM Corporation and others 
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the Eclipse Public License v1.0
  * which accompanies this distribution, and is available at
@@ -144,7 +144,10 @@ private void unregisterServices() {
 	}
 
 	public IAuthenticationService getAuthService() {
-		return authServiceTracker.getService();
+		if (authServiceTracker != null) {
+			return authServiceTracker.getService();
+		}
+		return null;
 	}
 
 	String getAuthName() {

diff --git a/...pse.orion.server.servlets/src/org/eclipse/orion/server/servlets/AuthorizedUserFilter.java b/...pse.orion.server.servlets/src/org/eclipse/orion/server/servlets/AuthorizedUserFilter.java
@@ -50,21 +50,25 @@ public void init(FilterConfig filterConfig) throws ServletException {
 			// the singleton for the activator will return null if the bundle
 			// is not yet active. We can wait for it in this filter.
 			String msg = "Authentication service is not active. AuthorizedUserFilter is waiting."; //$NON-NLS-1$
-			LogHelper.log(new Status(IStatus.INFO, Activator.PI_SERVER_SERVLETS, msg, null));
+			LogHelper.log(new Status(IStatus.WARNING, Activator.PI_SERVER_SERVLETS, msg, null));
 			try {
 				Thread.sleep(500);
 			} catch (InterruptedException e) {
 				break;
 			}
 		}
-		authenticationService = Activator.getDefault().getAuthService();
-		// treat lack of authentication as an error. Administrator should use
-		// "None" to disable authentication entirely
-		if (authenticationService == null) {
-			String msg = "Authentication service is missing. The server configuration must specify an authentication scheme, or use \"None\" to indicate no authentication"; //$NON-NLS-1$
-			LogHelper.log(new Status(IStatus.ERROR, Activator.PI_SERVER_SERVLETS, msg, null));
-			throw new ServletException(msg);
+		while (Activator.getDefault().getAuthService() == null) {
+			// the authentication service will be null if the bundle
+			// is not yet active. We can wait for it in this filter.
+			String msg = "Authentication service is not active. AuthorizedUserFilter is waiting. The server configuration must specify an authentication scheme, or use \"None\" to indicate no authentication"; //$NON-NLS-1$
+			LogHelper.log(new Status(IStatus.WARNING, Activator.PI_SERVER_SERVLETS, msg, null));
+			try {
+				Thread.sleep(500);
+			} catch (InterruptedException e) {
+				break;
+			}
 		}
+		authenticationService = Activator.getDefault().getAuthService();
 	}
 
 	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {