SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.7.1
Threshold is medium
Effort is default
Summary
Classes |
Bugs |
Errors |
Missing Classes |
49 |
31 |
0 |
0 |
org.mycore.user2.MCRRealmFactory
Bug |
Category |
Details |
Line |
Priority |
Public static org.mycore.user2.MCRRealmFactory.getLocalRealm() may expose internal representation by returning MCRRealmFactory.localRealm |
MALICIOUS_CODE |
MS_EXPOSE_REP |
232 |
Medium |
Public static org.mycore.user2.MCRRealmFactory.listRealms() may expose internal representation by returning MCRRealmFactory.realmsList |
MALICIOUS_CODE |
MS_EXPOSE_REP |
206 |
Medium |
org.mycore.user2.MCRRoleManager
Bug |
Category |
Details |
Line |
Priority |
Public static org.mycore.user2.MCRRoleManager.listSystemRoles() may expose internal representation by returning MCRRoleManager.rolesList |
MALICIOUS_CODE |
MS_EXPOSE_REP |
157 |
Medium |
org.mycore.user2.MCRRoleServlet
Bug |
Category |
Details |
Line |
Priority |
Class org.mycore.user2.MCRRoleServlet defines non-transient non-serializable instance field categoryDao |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
Medium |
org.mycore.user2.MCRTransientUser
Bug |
Category |
Details |
Line |
Priority |
org.mycore.user2.MCRTransientUser doesn't override MCRUser.equals(Object) |
STYLE |
EQ_DOESNT_OVERRIDE_EQUALS |
1 |
Medium |
org.mycore.user2.MCRUser
Bug |
Category |
Details |
Line |
Priority |
org.mycore.user2.MCRUser.clone() does not call super.clone() |
BAD_PRACTICE |
CN_IDIOM_NO_SUPER_CALL |
753-760 |
High |
org.mycore.user2.MCRUser.getExternalRoleIDs() may expose internal representation by returning MCRUser.externalRoles |
MALICIOUS_CODE |
EI_EXPOSE_REP |
581 |
Medium |
org.mycore.user2.MCRUser.getOwner() may expose internal representation by returning MCRUser.owner |
MALICIOUS_CODE |
EI_EXPOSE_REP |
345 |
Medium |
org.mycore.user2.MCRUser.getSystemRoleIDs() may expose internal representation by returning MCRUser.systemRoles |
MALICIOUS_CODE |
EI_EXPOSE_REP |
572 |
Medium |
org.mycore.user2.MCRUser.setOwner(MCRUser) may expose internal representation by storing an externally mutable object into MCRUser.owner |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
355 |
Medium |
Class org.mycore.user2.MCRUser defines non-transient non-serializable instance field attributes |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
High |
org.mycore.user2.MCRUserAttributeMapper
Bug |
Category |
Details |
Line |
Priority |
Load of known null value in org.mycore.user2.MCRUserAttributeMapper.mapAttributes(Object, Map) |
STYLE |
NP_LOAD_OF_KNOWN_NULL_VALUE |
157 |
Medium |
org.mycore.user2.MCRUserAttributeMapper.getAttributeNames() makes inefficient use of keySet iterator instead of entrySet iterator |
PERFORMANCE |
WMI_WRONG_MAP_ITERATOR |
206 |
Medium |
org.mycore.user2.MCRUserAttribute_
org.mycore.user2.MCRUserCommands
Bug |
Category |
Details |
Line |
Priority |
Dead store to password in org.mycore.user2.MCRUserCommands.login(String) |
STYLE |
DLS_DEAD_LOCAL_STORE |
106 |
Medium |
Possible null pointer dereference in org.mycore.user2.MCRUserCommands.batchLoadFromDirectory(String, String) due to return value of called method |
STYLE |
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE |
388 |
Medium |
org.mycore.user2.MCRUserManager
Bug |
Category |
Details |
Line |
Priority |
Unused field: org.mycore.user2.MCRUserManager.table |
PERFORMANCE |
UUF_UNUSED_FIELD |
Not available |
Medium |
org.mycore.user2.MCRUserServlet
Bug |
Category |
Details |
Line |
Priority |
Redundant nullcheck of user, which is known to be non-null in org.mycore.user2.MCRUserServlet.doGetPost(MCRServletJob) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
93 |
Medium |
org.mycore.user2.MCRUser_
org.mycore.user2.login.MCRLogin
Bug |
Category |
Details |
Line |
Priority |
The class name org.mycore.user2.login.MCRLogin shadows the simple name of the superclass org.mycore.frontend.support.MCRLogin |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
55-101 |
High |
org.mycore.user2.login.MCRShibbolethLoginServlet
Bug |
Category |
Details |
Line |
Priority |
Redundant nullcheck of realmId, which is known to be non-null in org.mycore.user2.login.MCRShibbolethLoginServlet.doGetPost(MCRServletJob) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
60 |
High |
org.mycore.user2.login.MCRShibbolethUserInformation
Bug |
Category |
Details |
Line |
Priority |
new org.mycore.user2.login.MCRShibbolethUserInformation(String, String, Map) may expose internal representation by storing an externally mutable object into MCRShibbolethUserInformation.attributes |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
54 |
Medium |