Server-to-Server: IQHandler.process() - UnauthorizedException leads to NPE

Description

The IQHandler.handleIQ()-method is allowed to throw a UnauthorizedException. The IQHandler.process() method catches this, creates an error IQ and sends the error IQ.

The problem: sessionManager.getSession(iq.getFrom()).process(response); is used the send the error IQ (line 73 and 87). But getSession() returns null for a client on a remote server of a Server-to-Server connection. Therefore, a NullPointerExeption occurs and fills the error log.

Environment

None

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen

Labels

None

Expected Effort

None

Components

Priority

Major