NullPointerException when authenticating WebSocket connection

Hi,

I have an issue with what appears to be the XWikiContext not being initialised properly when the incoming request/connection is for a WebSocket. I think this is different to the mention of the WebSocket Context on the Extension Page.

I have an extension which implements a Dynamic WebSocket endpoint using the new functionality introduced in v13; although I admit it’s not using the AbstractXWikiEndpoint class. I’m seeing a NullPointerException before it hits my WebSocket endpoint and it’s happening when authentication is done for that incoming connection/request.

I have a custom authentication extension which extends XWikiAuthServiceImpl and overrides the checkAuth(XWikiContext context) method. That method first calls the super checkAuth and if that returns null (I.e. so no default/pre-existing/established credentials via Basic auth), my code then goes on to do our own custom auth. As part of that custom auth, we attempt to create or update a User (document) in xwiki for the user logging in. When my code tries to check if the User already exists using…

final UserReference userRef = userResolver.resolve(userInfo.getId(), new WikiReference(wikiId));
boolean userExists = xwikiUserManager.exists(userRef);

The xwikiUserManager.exists(userRef); line throws an NullPointerException; the stop of the stack trace being…

java.lang.NullPointerException: null
    at org.xwiki.user.internal.document.DocumentUserManager.exists(DocumentUserManager.java:68)
    at org.xwiki.user.internal.DefaultUserManager.exists(DefaultUserManager.java:65)
...

Looking at DocumentUserManager.java:68 it looks like the xcontext returned from XWikiContext xcontext = this.xwikiContextProvider.get(); is null.

Is there something my auth code is doing wrong to not properly establish the Context maybe? It is calling the checkAuth on XWikiAuthServiceImpl so if some setup is required then I’m assuming that should have happened anyway. I’ve looked at the checkAuth(XWikiContext context) implementation in XWikiAuthServiceImpl and not seen anything obvious, to me at least.

For now I’ve trapped the NPE as the User info does not actually need to be updated in this scenario; however, I’d like to be more confident that this is not highlighting some problem in my auth code. Any help would be much appreciated.

Thanks in advance,
Alex

WebSocketContext is responsible for initializing the “XWiki context” for a WebSocket end-point. This is exactly the XWikiContext that is null in your stack trace. So if your end-point needs the XWiki context, directly on indirectly (e.g. for authentication), then you should inject the WebSocketContext component.

Ah ok, thanks @mflorea. I’d made some wrong assumptions and your explanation makes sense. My WebSocket code does now need the WebSocketContext and ModelContext for other reasons so that has solved the problem I was having as well (I.e. I didn’t need to have unused @Inject’ed contexts).

What I think I may need to do is review the my authentication code as it seems unfortunate that it needs a context established by something “down stream”. I’ll re-review what the XWikiAuthServiceImpl is doing to see if it uses a context at all, and if so, what it does to avoid having to rely on something else initialising that context.

Thanks for your help.