From e9b446e3bd65a7a91eac968ae1d4d3679e281ff9 Mon Sep 17 00:00:00 2001
From: Kelven Yang <kelven@cloud.com>
Date: Fri, 14 Jan 2011 10:28:00 -0800
Subject: [PATCH] Bug 6905: explicitly deny access when management server is
 not fully up for service

---
 .../com/cloud/servlet/ConsoleProxyServlet.java    | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/server/src/com/cloud/servlet/ConsoleProxyServlet.java b/server/src/com/cloud/servlet/ConsoleProxyServlet.java
index 6b599037f69..cf6514311c2 100644
--- a/server/src/com/cloud/servlet/ConsoleProxyServlet.java
+++ b/server/src/com/cloud/servlet/ConsoleProxyServlet.java
@@ -75,6 +75,12 @@ public class ConsoleProxyServlet extends HttpServlet {
 				sendResponse(resp, "Service is not ready");
 				return;
 			}
+			
+			if(_ms.getHashKey() == null) {
+	        	s_logger.info("Console/thumbnail access denied. Ticket service is not ready yet");
+				sendResponse(resp, "Service is not ready");
+	        	return;
+			}
 				
             String userId = null;
             String account = null;
@@ -361,10 +367,15 @@ public class ConsoleProxyServlet extends HttpServlet {
 	
 	private boolean checkSessionPermision(HttpServletRequest req, long vmId, Account accountObj) {
 
+        VMInstanceVO vm = _ms.findVMInstanceById(vmId);
+        if(vm == null) {
+        	s_logger.debug("Console/thumbnail access denied. VM " + vmId + " does not exist in system any more");
+        	return false;
+        }
+		
 		if(accountObj.getType() == Account.ACCOUNT_TYPE_ADMIN)
     		return true;
-
-        VMInstanceVO vm = _ms.findVMInstanceById(vmId);
+        
         switch(vm.getType())
         {
         case User :