commit f4bda6d6a41049d1e2dc6fdb617efb620cdf8b2e
author Nes Cohen <ncohen@galois.com> Thu Jul 18 10:58:49 2019 -0700
committer Nes Cohen <ncohen@galois.com> Fri Jul 19 14:29:52 2019 -0700
tree 7c65abadc9fad940a03cf1cdd3d78145ee475e49
parent e1dcb03e22f78ac6eb853e817b1067c09235c6f7

STORM-3470: fix null dereference in SimpleSaslServer authentication

storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java

diff --git a/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java b/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java
index 2bb153f..5962eda 100644
--- a/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java
+++ b/storm-client/src/jvm/org/apache/storm/security/auth/sasl/SimpleSaslServerCallbackHandler.java
@@ -16,6 +16,7 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Objects;
 import java.util.Optional;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
@@ -178,9 +179,9 @@
                 ac.setAuthorizedID(zid);
             }
 
-            //When zid and zid are not equal, nid is attempting to impersonate zid, We
+            //When nid and zid are not equal, nid is attempting to impersonate zid, We
             //add the nid as the real user in reqContext's subject which will be used during authorization.
-            if (!nid.equals(zid)) {
+            if (!Objects.equals(nid, zid)) {
                 LOG.info("Impersonation attempt  authenticationID = {} authorizationID = {}",
                          nid, zid);
                 if (!allowImpersonation) {