Home/ Questions/Q 6037853
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T06:08:03+00:00

I’m developing a web service using Play Framework. My next step is to log

  • 0

I’m developing a web service using Play Framework. My next step is to log in using module secure. However, Im getting a nullpointer exception as the following:

play.exceptions.JavaExecutionException
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:227)
at Invocation.HTTP Request(Play!)
Caused by: java.lang.NullPointerException
at play.utils.Java.invokeStaticOrParent(Java.java:146)
at controllers.Secure$Security.invoke(Secure.java:193)
at controllers.Secure$Security.access$0(Secure.java:184)
at controllers.Secure.authenticate(Secure.java:61)
at play.mvc.ActionInvoker.invokeWithContinuation(ActionInvoker.java:540)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:498)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:474)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:469)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:157)
... 1 more

According to Playframework Secure module: how do you "log in" to test a secured controller in a FunctionalTest? it’s possible to do a post to /login, which I also have tested and it works perfectly in a test-case.

To recreate nullpointer exception do the following:

  1. List item
  2. Create a new project
  3. Add the module secure as a dependency
  4. install the dependencies ‘play dependencies’
  5. Restart web app.
  6. Send a post to /login. I have added two request headers (username and password), but the exception occurs both with and without any headers. The post is (in my case) sent using REST Client for Firefox.

Thankful for any help!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It looks like either your username or password is null. Since you’re POSTing to the login action, you should be sending the username and password as part of the encoded request body, but it sounds like you may be doing something different (or I misunderstood what you meant by adding the request headers).

    This is might be a bit of a bug in the Secure module too, as I imagine this case should be handled a bit more gracefully. The reason you get the NullPointerException is because invokeStaticOrParent needs to determine the types of the arguments to figure out which method to invoke, and in the case of a null argument an exception is thrown when trying to call getClass().

    The authenticate action in the Secure module should probably mark the password parameter as @Required, and perform a check against validation.hasErrors() before trying to invoke the underlying authentify/authenticate method, instead of after like it does now.

    There’s actually even an existing ticket related to this, but I don’t know what progress has been made. I’ll check sometime later to see if there’s a pending commit to address this, and if not I’ll see what I can do about submitting a patch.

    • 0