From 38b28838fe0fa53d82e96c2852548526e2e49981 Mon Sep 17 00:00:00 2001 From: anhefti Date: Thu, 12 May 2022 08:29:40 +0200 Subject: [PATCH] handle connection with deleted Connection Configs --- .../session/impl/SEBClientConnectionServiceImpl.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/SEBClientConnectionServiceImpl.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/SEBClientConnectionServiceImpl.java index 4e326223..ab4ddcea 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/SEBClientConnectionServiceImpl.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/session/impl/SEBClientConnectionServiceImpl.java @@ -25,6 +25,7 @@ import org.slf4j.LoggerFactory; import org.springframework.cache.Cache; import org.springframework.cache.CacheManager; import org.springframework.context.annotation.Lazy; +import org.springframework.security.access.AccessDeniedException; import org.springframework.stereotype.Service; import ch.ethz.seb.sebserver.gbl.Constants; @@ -120,7 +121,13 @@ public class SEBClientConnectionServiceImpl implements SEBClientConnectionServic final SEBClientConfig clientConfig = this.sebClientConfigDAO .byClientName(principal.getName()) - .getOrThrow(); + .getOr(null); + + if (clientConfig == null) { + log.error("Illegal client connection request: requested connection config name: {}", + principal.getName()); + throw new AccessDeniedException("Unknown or illegal client access"); + } if (!clientConfig.institutionId.equals(institutionId)) { log.error("Institutional integrity violation: requested institution: {} authenticated institution: {}",