766d90
@@ -33,6 +33,7 @@
import org.wildfly.swarm.undertow.descriptors.WebXmlAsset;
 
 /**
  * @author Heiko Braun
+ * @author Ken Finnigan
  */
 @ApplicationScoped
 public class HttpSecurityPreparer implements ArchivePreparer {
@@ -65,42 +66,44 @@
public class HttpSecurityPreparer implements ArchivePreparer {
 
         Map<String, Object> deploymentConfig = (Map<String, Object>) matchingConfig.get("web");
 
+        WARArchive war = archive.as(WARArchive.class);
+        WebXmlAsset webXml = war.findWebXmlAsset();
+        JBossWebAsset jbossWeb = war.findJbossWebAsset();
+
         // unsupported auth method
         Map<String, Object> loginConfig = (Map<String, Object>) deploymentConfig.get("login-config");
-        String authMethod = (String)loginConfig.getOrDefault("auth-method", "NONE");
-        boolean isSupported = false;
-        for (String supported : SUPPORTED_AUTH_METHODS) {
-            if (authMethod.equals(supported)) {
-                isSupported = true;
-                break;
+        if (loginConfig != null) {
+            String authMethod = (String)loginConfig.getOrDefault("auth-method", "NONE");
+            boolean isSupported = false;
+            for (String supported : SUPPORTED_AUTH_METHODS) {
+                if (authMethod.equals(supported)) {
+                    isSupported = true;
+                    break;
+                }
             }
-        }
-
-        if (!isSupported) {
-            LOG.warn("Ignoring unsupported auth-method: " + authMethod);
-            return;
-        }
 
-        WARArchive war = archive.as(WARArchive.class);
-        WebXmlAsset webXml = war.findWebXmlAsset();
-        JBossWebAsset jbossWeb = war.findJbossWebAsset();
+            if (!isSupported) {
+                LOG.warn("Ignoring unsupported auth-method: " + authMethod);
+                return;
+            }
 
-        // Setup web.xml
-        webXml.setLoginConfig(authMethod, "ignored");
+            // Setup login-config
+            webXml.setLoginConfig(authMethod, "ignored");
 
-        // security domain
-        if (loginConfig.containsKey("security-domain")) {
-            jbossWeb.setSecurityDomain((String)loginConfig.get("security-domain"));
-        }
+            // security domain
+            if (loginConfig.containsKey("security-domain")) {
+                jbossWeb.setSecurityDomain((String)loginConfig.get("security-domain"));
+            }
 
-        // form login
-        if (loginConfig.containsKey("form-login-config")) {
-            Map<String, Object> formLoginConfig = (Map<String, Object>) loginConfig.get("form-login-config");
-            webXml.setFormLoginConfig(
-                    "Security Realm",
-                    (String)formLoginConfig.get("form-login-page"),
-                    (String)formLoginConfig.get("form-error-page")
-                    );
+            // form login
+            if (loginConfig.containsKey("form-login-config")) {
+                Map<String, Object> formLoginConfig = (Map<String, Object>) loginConfig.get("form-login-config");
+                webXml.setFormLoginConfig(
+                        "Security Realm",
+                        (String)formLoginConfig.get("form-login-page"),
+                        (String)formLoginConfig.get("form-error-page")
+                );
+            }
         }
 
         // security constraints
