问题
I have an certificate based authentication:
import java.security.cert.X509Certificate;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.inject.Named;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
@Named
public class UsernameService {
private static final String MISSING_NAME = null;
private static final Logger LOG = Logger.getLogger(UsernameService.class.getCanonicalName());
@Inject
private final Optional<X509Certificate> cert = null;
public String currentRequestUsername() {
if (cert.isPresent()) {
try {
LOG.finest("Check Certificate: " + cert); // <- exception!
for (Rdn rdn : new LdapName(cert.get().getSubjectDN().getName()).getRdns()) {
LOG.finest("Check RDN entry for Common name(cn): " + rdn);
if (rdn.getType().equals("CN")) {
LOG.finer("Found Username: " + rdn.getValue().toString());
return rdn.getValue().toString();
}
}
} catch (InvalidNameException e) {
LOG.log(Level.CONFIG, "Parse DName impossible: " + cert.get().getSubjectDN().getName() + ".", e);
} catch (NullPointerException e) {
LOG.log(Level.FINE, e.getMessage(), e);
}
}
return MISSING_NAME;
}
}
As you can see in the code above, if a value is "present" print the optional to the logger. What does it mean present? Are null values valid values? The answer is in the javadoc:
If a value is present in this Optional, returns the value,otherwise throws NoSuchElementException.
Ok, so returing values are "present". Is null a possible returning value? We read more:
Returns: the non-null value held by this Optional
So no, null values are not identified as present.
The App-Config does the request-scoped certificate bean:
@Bean
@Autowired
@Scope(value = "request", proxyMode = ScopedProxyMode.TARGET_CLASS)
public X509Certificate getCertificate(HttpServletRequest r) {
X509Certificate[] certs = (X509Certificate[]) r.getAttribute("javax.servlet.request.X509Certificate");
if (certs == null || certs.length == 0) {
return null;
}
return certs[0];
}
But I get an exception in the console:
org.springframework.aop.AopInvocationException: AOP configuration seems to be invalid: tried calling method [public abstract java.lang.String java.security.cert.Certificate.toString()] on target [null]; nested exception is java.lang.IllegalArgumentException: object is not an instance of declaring class
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:351)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:752)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:136)
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)
at $java.security.cert.X509Certificate$$EnhancerBySpringCGLIB$$96797f0e.toString(<generated>)
at java.util.Formatter$FormatSpecifier.printString(Formatter.java:2886)
at java.util.Formatter$FormatSpecifier.print(Formatter.java:2763)
at java.util.Formatter.format(Formatter.java:2520)
at java.util.Formatter.format(Formatter.java:2455)
at java.lang.String.format(String.java:2940)
at java.util.Optional.toString(Optional.java:346)
at java.lang.String.valueOf(String.java:2994)
at java.lang.StringBuilder.append(StringBuilder.java:131)
at XXX.UsernameService.currentRequestUsername(UsernameService.java:27)
...
Caused by: java.lang.IllegalArgumentException: object is not an instance of declaring class
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Any idea?
回答1:
Now I created a breakpoint in the constructor of the IllegalArgumentException.
Then I steped back 2 traces and inspect the CDI invocation.
I see an NullBean having an instance of org.springframework.beans.factory.support.NullBean.
So the optional seems not to be null but the bean is a null bean.
My solution is to simply catch the Exception that a NullBean is not a Certificate.
import java.security.cert.X509Certificate;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.inject.Named;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
@Named
public class UsernameService {
private static final String MISSING_NAME = null;
private static final Logger LOG = Logger.getLogger(UsernameService.class.getCanonicalName());
@Inject
private final Optional<X509Certificate> cert = null;
public String currentRequestUsername() {
if (cert.isPresent()) {
try {
LOG.finest("Check Certificate: " + cert);
for (Rdn rdn : new LdapName(cert.get().getSubjectDN().getName()).getRdns()) {
LOG.finest("Check RDN entry for Common name(cn): " + rdn);
if (rdn.getType().equals("CN")) {
LOG.finer("Found Username: " + rdn.getValue().toString());
return rdn.getValue().toString();
}
}
} catch (InvalidNameException e) {
LOG.log(Level.CONFIG, "Parse DName impossible: " + cert.get().getSubjectDN().getName() + ".", e);
} catch (NullPointerException e) {
LOG.log(Level.FINE, e.getMessage(), e);
} catch (RuntimeException e) {
LOG.log(Level.FINE, e.getMessage(), e);
}
}
return MISSING_NAME;
}
}
来源:https://stackoverflow.com/questions/56439401/broken-tostring-of-optional-without-value