Reported from Futurelab:

We just wanted to add a bypass rule to the uriSecurity config node. We added the class name parameter and wanted to add the pattern parameter next, but since the rule was already active, we could not get that far. There is a missing null check in some Magnolia code, resulting in an NPE that causes the entire request to fail, instead of just the offending rule.

Of course that means we have no way to complete or revert our broken config in the JCR so we are effectively locked out and the system is down because every request now fails.

ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/magnoliaAuthor].[default] 14.07.2008 15:58:57 – Servle
t.service() for servlet default threw exception
java.lang.NullPointerException
at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:97)
at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:199)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)

This seems to be the offending code:

public void init() {
if(autoTrueValue){
if(!isInverse())

else

}
}