Most references to the domain-scoped password alias store (looked up using hk2) in this class use the get... method which populates the field if necessary, but two references in one method do not, referring directly to the field itself, and those references can lead to NPEs.
- What is the impact on the customer of the bug?
This is a regression. Diagnosing a connector devtest error led to this.
- What is the cost/risk of fixing the bug?
Very low risk. Two call sites in one class need to invoke a method (which is already used in other places in the class) instead of referring directly to a field.
- Is there an impact on documentation or message strings?
- Which tests should QA (re)run to verify the fix did not destabilize GlassFish?
- Which is the targeted build of 4.0 for this fix?
- If this an integration of a new version of a component from another project,
what are the changes that are being brought in?