From 33c65b3c6eb26e65c04e8176ae73ffeb43d40c23 Mon Sep 17 00:00:00 2001
From: Mathieu Baudier <mbaudier@argeo.org>
Date: Wed, 7 Feb 2018 12:16:07 +0100
Subject: [PATCH] Make retrieval of secret keys more robust

---
 org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
index aa313ee0a..e6c63a4de 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/CmsAuthUtils.java
@@ -145,7 +145,8 @@ class CmsAuthUtils {
 								+ " for existing CMS session " + cmsSession);
 					}
 					// keyring
-					subject.getPrivateCredentials().addAll(cmsSession.getSecretKeys());
+					if (cmsSession != null)
+						subject.getPrivateCredentials().addAll(cmsSession.getSecretKeys());
 				} else {// anonymous
 					if (cmsSession.getAuthorization().getName() != null) {
 						cmsSession.close();
-- 
2.30.2