Uploaded image for project: 'Spring Framework'
  1. Spring Framework
  2. SPR-16842

"Want" two-way-ssl not containing SSL-Certificate is not checkable due to contract violation

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Complete
    • Affects Version/s: 5.0.5
    • Fix Version/s: 5.0.7, 5.1 RC1
    • Component/s: Web
    • Labels:
      None
    • Last commented by a User:
      true

      Description

      Hi,
      If two-way-ssl is on "want" mode (as opposed to the stricter "need"), and client does not deliver a certificate, getSslInfo() does not work, since init method fails:

      java.lang.IllegalArgumentException: No SSL certificates
      	at org.springframework.util.Assert.notNull(Assert.java:193)
      	at org.springframework.http.server.reactive.DefaultSslInfo.<init>(DefaultSslInfo.java:44)
      	at org.springframework.http.server.reactive.ServletServerHttpRequest.initSslInfo(ServletServerHttpRequest.java:190)
      	at org.springframework.http.server.reactive.AbstractServerHttpRequest.getSslInfo(AbstractServerHttpRequest.java:162)
      

      ...but according to the description, it's supposed to work:

      /**
       * Return the SSL session information if the request has been transmitted
       * over a secure protocol including SSL certificates, if available.
       * @return the session information, or \{@code null} if none available
       * @since 5.0.2 */
       @Nullable default SslInfo getSslInfo() \{ return null; }
      

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rstoya05-aop Rossen Stoyanchev
                Reporter:
                vogthenn Henning Vogt
                Last updater:
                Stéphane Nicoll
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  20 weeks, 6 days ago