libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Prevent NPE in AuthenticationManager.backchannelLogout (#23306)

Browse source 
Previously, if the user was already removed from the userSession
and the log level was set to DEBUG, then an NPE was triggered by
the debug log statement during backchannelLogout.

Fixes #23306
This commit is contained in:
Thomas Darimont 2023-09-17 22:13:35 +02:00 committed by Alexander Schwartz
parent f684a70048
commit 04d16ed170
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
View file

@ -288,7 +288,8 @@ public class AuthenticationManager {
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
UserModel user = userSession.getUser(); UserModel user = userSession.getUser();
logger.debugv("Logging out: {0} ({1}) offline: {2}", user.getUsername(), userSession.getId(), String username = user == null ? null : user.getUsername();
logger.debugv("Logging out: {0} ({1}) offline: {2}", username, userSession.getId(),
userSession.isOffline()); userSession.isOffline());
} }