CASC-137

fix null pointer exception when the anyhostname verifier is used.

cas-client-core/src/main/java/org/jasig/cas/client/ssl/AnyHostnameVerifier.java

@@ -17,11 +17,6 @@
  * under the License.
  */
 
-/*
-  @author Marvin Addison
-  @version $Revision$ $Date$
-  @since 3.1.10
-*/
 package org.jasig.cas.client.ssl;
 
 import javax.net.ssl.HostnameVerifier;
@@ -31,11 +26,11 @@ import javax.net.ssl.SSLSession;
  * Hostname verifier that performs no host name verification for an SSL peer
  * such that all hosts are allowed.
  *
- * @author Middleware
- * @version $Revision$
- *
+ * @author Marvin Addison
+ * @version $Revision$ $Date$
+ * @since 3.1.10
  */
-public class AnyHostnameVerifier implements HostnameVerifier {
+public final class AnyHostnameVerifier implements HostnameVerifier {
 
     /** {@inheritDoc} */
     public boolean verify(final String hostname, final SSLSession session) {

cas-client-core/src/main/java/org/jasig/cas/client/ssl/RegexHostnameVerifier.java

@@ -16,20 +16,6 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-
-/*
-  $Id$
-
-  Copyright (C) 2008-2009 Virginia Tech.
-  All rights reserved.
-
-  SEE LICENSE FOR MORE INFORMATION
-
-  Author:  Middleware
-  Email:   middleware@vt.edu
-  Version: $Revision$
-  Updated: $Date$
-*/
 package org.jasig.cas.client.ssl;
 
 import java.util.regex.Pattern;
@@ -41,11 +27,13 @@ import javax.net.ssl.SSLSession;
  * Validates an SSL peer's hostname using a regular expression that a candidate
  * host must match in order to be verified.
  *
- * @author Middleware
- * @version $Revision$
+ * @author Marvin Addison
+ * @version $Revision$ $Date$
+ * @since 3.1.10
  *
  */
-public class RegexHostnameVerifier implements HostnameVerifier {
+public final class RegexHostnameVerifier implements HostnameVerifier {
+
     /** Allowed hostname pattern */
     private Pattern pattern;
     

cas-client-core/src/main/java/org/jasig/cas/client/ssl/WhitelistHostnameVerifier.java

@@ -17,19 +17,6 @@
  * under the License.
  */
 
-/*
-  $Id$
-
-  Copyright (C) 2008-2009 Virginia Tech.
-  All rights reserved.
-
-  SEE LICENSE FOR MORE INFORMATION
-
-  Author:  Middleware
-  Email:   middleware@vt.edu
-  Version: $Revision$
-  Updated: $Date$
-*/
 package org.jasig.cas.client.ssl;
 
 import javax.net.ssl.HostnameVerifier;
@@ -38,11 +25,13 @@ import javax.net.ssl.SSLSession;
 /**
  * Verifies a SSL peer host name based on an explicit whitelist of allowed hosts.
  *
- * @author Middleware
- * @version $Revision$
+ * @author Marvin Addison
+ * @version $Revision$ $Date$
+ * @since 3.1.10
  *
  */
-public class WhitelistHostnameVerifier implements HostnameVerifier {
+public final class WhitelistHostnameVerifier implements HostnameVerifier {
+
     /** Allowed hosts */
     private String[] allowedHosts;
 

cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java

@@ -87,7 +87,11 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
         final String config = getPropertyFromInitParams(filterConfig, "hostnameVerifierConfig", null);
         log.trace("Using hostnameVerifierConfig parameter: " + config);
         if (className != null) {
-            return ReflectUtils.newInstance(className, config);
+            if (config != null) {
+                return ReflectUtils.newInstance(className, config);
+            } else {
+                return ReflectUtils.newInstance(className);
+            }
         }
         return null;
     }