AdvancedLdapLoginModule with rolesCtxDN=null leads to authentication failure ---------------------------------------------------------------------------- Key: SECURITY-944 URL: https://issues.jboss.org/browse/SECURITY-944 Project: PicketBox Issue Type: Bug Components: Negotiation Affects Versions: Negotiation_3_0_2_Final Reporter: Ondrej Lukas Assignee: Tomas Hofman Fix For: Negotiation_3_0_3_CR1 In case when AdvancedLdapLoginModule is correctly configured for authentication, but its attribute rolesCtxDN is not set (i.e. is null), then authentication with correct username and password fails. It is caused be internal NPE for searching roles. Expected behavior is that user should be authenticated but no roles should be assigned to them. Internal NPE: {code} java.lang.NullPointerException: at org.jboss.as.naming.InitialContext.getURLScheme(InitialContext.java:160) at org.jboss.as.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:128) at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:106) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286) at org.jboss.security.negotiation.AdvancedLdapLoginModule.rolesSearch(AdvancedLdapLoginModule.java:720) at org.jboss.security.negotiation.AdvancedLdapLoginModule.innerLogin(AdvancedLdapLoginModule.java:403) at org.jboss.security.negotiation.AdvancedLdapLoginModule$AuthorizeAction.run(AdvancedLdapLoginModule.java:967) at org.jboss.security.negotiation.AdvancedLdapLoginModule.login(AdvancedLdapLoginModule.java:326) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ... {code}