[
https://jira.jboss.org/jira/browse/SECURITY-484?page=com.atlassian.jira.p...
]
Anil Saldhana updated SECURITY-484:
-----------------------------------
Fix Version/s: PicketBox_v3_0_beta5
Affects Version/s: PicketBox_v3_0_beta3
Assignee: Stefan Guilhen (was: Anil Saldhana)
Stefan, I think we should avoid the NPE.
Jeff, can you open a thread for this in the forums?
NPE causing authentication failure
----------------------------------
Key: SECURITY-484
URL:
https://jira.jboss.org/jira/browse/SECURITY-484
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public(Everyone can see)
Affects Versions: PicketBox_v3_0_beta3
Environment: JBoss AS trunk
Reporter: Jeff Mesnil
Assignee: Stefan Guilhen
Fix For: PicketBox_v3_0_beta5
when running TCK jms tests, tests starts to fail with authentication error.
The failing tests are doing nothing fancy with security, just authenticating JMS user.
I have 300+ tests with the same security settings which pass and then the following tests
start to fail because the JMS user can no longer be authenticated.
I enabled jboss security traces and got a NPE just before tests start to fail:
13:13:27,409 TRACE [org.jboss.security.integration.JNDIBasedSecurityManagement] Look up
of JNDI for cts/mappingMgr failed with null
13:13:27,410 TRACE [org.jboss.security.integration.JNDIBasedSecurityManagement] Exception
in getting MappingManager: java.lang.NullPointerException
at java.util.concurrent.ConcurrentHashMap.put(ConcurrentHashMap.java:881)
at
org.jboss.security.integration.JNDIBasedSecurityManagement.getMappingManager(JNDIBasedSecurityManagement.java:219)
at
org.jboss.security.plugins.JBossSecurityContext.getMappingManager(JBossSecurityContext.java:280)
at
org.jboss.security.plugins.JBossAuthorizationManager.getCurrentRoles(JBossAuthorizationManager.java:406)
at
org.jboss.security.plugins.JBossAuthorizationManager.getCurrentRoles(JBossAuthorizationManager.java:379)
at
org.jboss.security.plugins.JBossAuthorizationManager.doesUserHaveRole(JBossAuthorizationManager.java:185)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.doesUserHaveRole(JaasSecurityManagerBase.java:434)
at
org.jboss.security.plugins.JaasSecurityManager.doesUserHaveRole(JaasSecurityManager.java:195)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUserAndRole(JBossASSecurityManager.java:110)
at org.hornetq.core.security.impl.SecurityStoreImpl.check(SecurityStoreImpl.java:172)
...
13:13:27,414 ERROR [org.hornetq.core.protocol.core.ServerSessionPacketHandler] Caught
unexpected exception: java.lang.NullPointerException
at
org.jboss.security.plugins.JBossAuthorizationManager.getCurrentRoles(JBossAuthorizationManager.java:407)
at
org.jboss.security.plugins.JBossAuthorizationManager.getCurrentRoles(JBossAuthorizationManager.java:379)
at
org.jboss.security.plugins.JBossAuthorizationManager.doesUserHaveRole(JBossAuthorizationManager.java:185)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.doesUserHaveRole(JaasSecurityManagerBase.java:434)
at
org.jboss.security.plugins.JaasSecurityManager.doesUserHaveRole(JaasSecurityManager.java:195)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUserAndRole(JBossASSecurityManager.java:110)
at org.hornetq.core.security.impl.SecurityStoreImpl.check(SecurityStoreImpl.java:172)
...
13:13:57,453 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] logout
13:13:57,454 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin
getAppConfigurationEntry(cts), size=15
13:13:57,454 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End
getAppConfigurationEntry(cts), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag : required
Options:
name=usersProperties, value=cts-users.properties
name=unauthenticatedIdentity, value=cts-user
name=rolesProperties, value=cts-roles.properties
name=password-stacking, value=useFirstPass
13:13:57,456 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.cts] Login
failure: javax.security.auth.login.LoginException: classe LoginModule introuvable :
org.jboss.security.auth.spi.UsersRolesLoginModule
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at
org.hornetq.integration.jboss.security.JBossASSecurityManager.validateUser(JBossASSecurityManager.java:81)
at
org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:128)
...
This occurs only when I ran the full tests (which takes several hours).
Restarting the AS and running again the failing tests did not show the authentication
error.
I enabled traces for org.jboss.security. Tell me if you need more info
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira