[JBoss JIRA] (WFCORE-1281) NPE in principal-to-group group searching

Friday, 8 January 2016

     [
https://issues.jboss.org/browse/WFCORE-1281?page=com.atlassian.jira.plugi...
]

Ondrej Lukas moved WFLY-5958 to WFCORE-1281:
--------------------------------------------

              Project: WildFly Core  (was: WildFly)
                  Key: WFCORE-1281  (was: WFLY-5958)
          Component/s: Domain Management
                       Security
                           (was: Domain Management)
                           (was: Security)
    Affects Version/s: 2.0.5.Final
                           (was: 10.0.0.CR5)

...
 NPE in principal-to-group group searching
 -----------------------------------------

                 Key: WFCORE-1281
                 URL: https://issues.jboss.org/browse/WFCORE-1281
             Project: WildFly Core
          Issue Type: Bug
          Components: Domain Management, Security
    Affects Versions: 2.0.5.Final
            Reporter: Ondrej Lukas
            Assignee: Darran Lofthouse
         Attachments: groupsearch.ldif

 In case when ldap authorization with principal-to-group group searching is used in
security realm and LDAP entry found by value of 'group-attribute' does not include
attribute mentioned in 'group-name-attribute' then it causes authentication fail.
It is caused by missing null check for groupNameAttr and hidden NPE thrown from [1].
 [1]
https://github.com/wildfly/wildfly-core/blob/18393273a1c9e464fb0cc9597951...

--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006