(Scott Phillips) Added protection against NPEs during authentication.

git-svn-id: http://scm.dspace.org/svn/repo/branches/dspace-1_5_x@2851 9c30dcfa-912a-0410-8fc2-9e0234be79fd

dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java

@@ -145,6 +145,10 @@ public class LDAPAuthentication
     {
         log.info(LogManager.getHeader(context, "auth", "attempting trivial auth of user="+netid));
 
+        // Skip out when no netid or password is given.
+        if (netid == null || password == null)
+        	return BAD_ARGS;
+        
         // Locate the eperson
         EPerson eperson = null;
         try

dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/eperson/AuthenticateAction.java

@@ -97,6 +97,10 @@ public class AuthenticateAction extends AbstractAction
         String password = request.getParameter("login_password");
         String realm = request.getParameter("login_realm");
 
+        // Skip out if no email or password is given.
+        if (email == null || password == null)
+        	return null;
+        
         try
         {
             Context context = AuthenticationUtil.Authenticate(objectModel, email,password, realm);

dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/eperson/LDAPAuthenticateAction.java

@@ -92,9 +92,12 @@ public class LDAPAuthenticateAction extends AbstractAction {
 		String password = request.getParameter("ldap_password");
 		String realm = request.getParameter("login_realm");
 
+		// Skip out of no name or password given.
+		if (username == null || password == null)
+			return null;
+		
 		try {
-			Context context = AuthenticationUtil.Authenticate(objectModel,
-					username, password, realm);
+			Context context = AuthenticationUtil.Authenticate(objectModel,username, password, realm);
 
 			EPerson eperson = context.getCurrentUser();