[jboss-jira] [JBoss JIRA] (WFLY-3416) NPE in Undertow Extension if login module doesn't set Principal

Thursday, 29 May 2014

    [
https://issues.jboss.org/browse/WFLY-3416?page=com.atlassian.jira.plugin....
] 

Darran Lofthouse commented on WFLY-3416:
----------------------------------------

I will take this but the best you are going to get is an error message saying there is no
Principal and the authentication attempt will be rejected.

The JAAS authentication if successful must add a Principal to the Subject.

...
 NPE in Undertow Extension if login module doesn't set Principal
 ---------------------------------------------------------------

                 Key: WFLY-3416
                 URL: https://issues.jboss.org/browse/WFLY-3416
             Project: WildFly
          Issue Type: Bug
      Security Level: Public(Everyone can see) 
          Components: Web (Undertow)
    Affects Versions: 8.1.0.CR2
            Reporter: Josef Cacek
            Assignee: Darran Lofthouse

 NPE is thrown during authentication if a LoginModule doesn't set any principal to the
Subject.
 The problem comes from {{org.wildfly.extension.undertow.security.AccountImpl}}
constructor call {{principal.getName()}}.
 {code}
 Caused by: java.lang.NullPointerException
 at org.wildfly.extension.undertow.security.AccountImpl.<init>(AccountImpl.java:61)
 at
org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verifyCredential(JAASIdentityManagerImpl.java:123)
 ...
 {code} 

--
This message was sent by Atlassian JIRA
(v6.2.3#6260)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (WFLY-3416) NPE in Undertow Extension if login module doesn't set Principal