From 486190f1829b1fa56ec1b4bedc22279e70500788 Mon Sep 17 00:00:00 2001
From: inosh-perera <inoshperera@gmail.com>
Date: Sat, 30 Apr 2016 14:44:22 +0530
Subject: [PATCH] adding more error logs for client certificate not present
 scenario

---
 .../framework/authenticator/CertificateAuthenticator.java    | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java
index 879efecd80..6b40e2022b 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java
@@ -60,7 +60,7 @@ public class CertificateAuthenticator implements WebappAuthenticator {
             if (request.getHeader(MUTUAL_AUTH_HEADER) != null) {
                 X509Certificate[] clientCertificate = (X509Certificate[]) request.
                                                                         getAttribute(CLIENT_CERTIFICATE_ATTRIBUTE);
-                if (clientCertificate[0] != null) {
+                if (clientCertificate != null && clientCertificate[0] != null) {
                     CertificateResponse certificateResponse = AuthenticatorFrameworkDataHolder.getInstance().
                             getCertificateManagementService().verifyPEMSignature(clientCertificate[0]);
                     if (certificateResponse == null) {
@@ -86,6 +86,9 @@ public class CertificateAuthenticator implements WebappAuthenticator {
                                                       "but the serial number is missing in the database.");
                     }
 
+                } else {
+                    authenticationInfo.setStatus(Status.FAILURE);
+                    authenticationInfo.setMessage("No client certificate is present");
                 }
             } else if (request.getHeader(CERTIFICATE_VERIFICATION_HEADER) != null) {