Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1390: NullPointerException in OpenID4JavaConsumer.endConsumption #1633

spring-issuemaster opened this Issue Jan 26, 2010 · 1 comment


None yet
1 participant

Pedro Teixeira (Migrated from SEC-1390) said:


INFO YadisResolver - Yadis discovered 0 endpoints from: http:///openid?id=11001259674714705...
INFO Discovery - No OpenID service endpoints discovered through Yadis; attempting HTML discovery...
INFO HttpCache - Cached GET response does not match the required content type, removing.
INFO HttpCache - Removing cached GET for http:///openid?id=11001259674714705...
INFO HttpCache - Removing cached GET response for http:///openid?id=11001259674714705...
INFO HtmlResolver - HTML discovery completed on: http:///openid?id=11001259674714705...
INFO Discovery - Discovered 0 OpenID endpoints.
ERROR ConsumerManager - No service element found to match the ClaimedID / OP-endpoint in the assertion.
ERROR ConsumerManager - Discovered information verification failed.

at org.springframework.security.openid.OpenID4JavaConsumer.endConsumption(OpenID4JavaConsumer.java:172)
at org.springframework.security.openid.OpenIDAuthenticationFilter.attemptAuthentication(OpenIDAuthenticationFilter.java:152)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)


call to discovered.getClaimedIdentifier() returns null in the following lines:

return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE,
"Verification status message: [" + verification.getStatusMsg() + "]", attributes);

Luke Taylor said:

Added null check to prevent NPE.

@spring-issuemaster spring-issuemaster added this to the 3.0.2 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment