hampos
commented
9 years ago This internal error is really an NPE that happens in: https://github.com/alphaville/jaqpot3/blob/master/jaqpot3-standalone/src/main/java/org/opentox/jaqpot3/www/guard/OpenSSOAuthorizer.java
More specifically, if the guard does not find a token inside the headers, as url parameter, or in cookies, it returns null: https://github.com/alphaville/jaqpot3/blob/master/jaqpot3-standalone/src/main/java/org/opentox/jaqpot3/www/guard/OpenSSOAuthorizer.java#L156
Then it tries to use the token unchecked. Thats where the NPE is fired: https://github.com/alphaville/jaqpot3/blob/master/jaqpot3-standalone/src/main/java/org/opentox/jaqpot3/www/guard/OpenSSOAuthorizer.java#L214
The check happens afterwards: https://github.com/alphaville/jaqpot3/blob/master/jaqpot3-standalone/src/main/java/org/opentox/jaqpot3/www/guard/OpenSSOAuthorizer.java#L223
alphaville
Users that are not logged in get an Internal Server Error (500) when they try to access models.
To reproduce the error: What I did is that I logged in with my credentials and created a model, namely, http://enanomapper.ntua.gr:8080/model/d751fab1-1160-476c-b5e8-1a930a12df1e and I then logged out. I attempted to access the model I had previously created (of course this should fail because of insufficient access rights and return a status code 403 and an error report). However, I got a 500.