|Title|NullPointerException in Upload when jspwiki security is off
|Date|12-Jan-2007 16:26:55 EET
|Version|2.4.87
|Submitter|83.138.0.70
|[Bug criticality]|LightBug
|Browser version|ie, firefox
|[Bug status]|NotReallyBug
|[PageProvider] used|VersioningFileProvider
|Servlet Container|resin 2.1.16
|Operating System|win XP
|URL|
|Java version|1.4.2


Uploading a newer version of an attachtment while jspwiki.securiry=off 
results in a NullPointerException. Apparently a check is done for 
non-existent admin permissions.

The stacktrace is:
{{{
java.lang.NullPointerException
	at com.ecyrd.jspwiki.auth.AuthorizationManager.checkPermission(AuthorizationManager.java:160)
	at com.ecyrd.jspwiki.WikiContext.hasAdminPermissions(WikiContext.java:784)
	at com.ecyrd.jspwiki.attachment.AttachmentServlet.executeUpload(AttachmentServlet.java:611)
	at com.ecyrd.jspwiki.attachment.AttachmentServlet.upload(AttachmentServlet.java:545)
	at com.ecyrd.jspwiki.attachment.AttachmentServlet.doPost(AttachmentServlet.java:412)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:165)
	at com.ecyrd.jspwiki.dav.WebdavServlet.service(WebdavServlet.java:152)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:103)
	at com.caucho.server.http.FilterChainServlet.doFilter(FilterChainServlet.java:96)
	at com.ecyrd.jspwiki.ui.WikiServletFilter.doFilter(WikiServletFilter.java:99)
	at com.caucho.server.http.FilterChainFilter.doFilter(FilterChainFilter.java:88)
}}}


----

Setting JSPWiki's security to {{off}} is neither supported nor tested. We provided the option to help system administrators to get their wikis up and running, but not to be used in regular operations. This particular issue is not something we will investigate or fix.

--Andrew Jaquith, 13-Jan-2007