spring-boot

History

Andy Wilkinson 8e6b4629d4 Tolerate AuthenticationSwitchUserEvent with null target user When Spring Security is misconfigured it's possible to switch from an anonymous user to a normal user. When switching back again, the corresponding AuthenticationSwitchUserEvent will have a null target user. Previously, Actuator's AuthenticationAuditListener would throw a NullPointerException when it received such an event. This commit updates the audit listener to defensively handled events with a null target user. Closes gh-15767	2019-02-12 16:26:19 +00:00
..
main/java/org/springframework/boot/actuate	Tolerate AuthenticationSwitchUserEvent with null target user	2019-02-12 16:26:19 +00:00
test	Tolerate AuthenticationSwitchUserEvent with null target user	2019-02-12 16:26:19 +00:00

Andy Wilkinson 8e6b4629d4 Tolerate AuthenticationSwitchUserEvent with null target user

When Spring Security is misconfigured it's possible to switch from an anonymous user
to a normal user. When switching back again, the corresponding
AuthenticationSwitchUserEvent will have a null target user. Previously, Actuator's
AuthenticationAuditListener would throw a NullPointerException when it received such an
event.

This commit updates the audit listener to defensively handled events with a null target
user.

Closes gh-15767

2019-02-12 16:26:19 +00:00

main/java/org/springframework/boot/actuate

Tolerate AuthenticationSwitchUserEvent with null target user

2019-02-12 16:26:19 +00:00

test

Tolerate AuthenticationSwitchUserEvent with null target user

2019-02-12 16:26:19 +00:00