[JBoss JIRA] (SECURITY-913) NPE if use LdapExtLoginModule in j2se

Monday, 27 February 2017

     [
https://issues.jboss.org/browse/SECURITY-913?page=com.atlassian.jira.plug...
]

Stefan Guilhen resolved SECURITY-913.
-------------------------------------
    Fix Version/s: PicketBox_5_0_0.Beta1
                       (was: PicketBox_5_0_0.Alpha1)
       Resolution: Done

...
 NPE if use LdapExtLoginModule in j2se
 -------------------------------------

                 Key: SECURITY-913
                 URL: https://issues.jboss.org/browse/SECURITY-913
             Project: PicketBox 
          Issue Type: Enhancement
          Components: JBossSX
    Affects Versions: PicketBox_5_0_0.Alpha1
            Reporter: Kylin Soong
            Assignee: Kylin Soong
             Fix For: PicketBox_5_0_0.Beta1

         Attachments: picketbox-j2se.zip

 Use LdapExtLoginModule in j2se with condifg:
 {code}
 <?xml version='1.0'?> 

 <policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
          xsi:schemaLocation="urn:jboss:security-config:5.0"
          xmlns="urn:jboss:security-config:5.0"
          xmlns:jbxb="urn:jboss:security-config:5.0">

     <application-policy name = "Sample-Ldap"> 
        <authentication>
           <login-module code =
"org.jboss.security.auth.spi.LdapExtLoginModule" flag = "required">

               <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
               <module-option
name="java.naming.provider.url">ldap://10.66.218.46:389</module-option>
               <module-option
name="java.naming.security.authentication">simple</module-option>
               <module-option
name="bindDN">cn=Manager,dc=example,dc=com</module-option>
               <module-option
name="bindCredential">redhat</module-option>
               <module-option
name="baseCtxDN">ou=Customers,dc=example,dc=com</module-option>
               <module-option
name="baseFilter">(uid={0})</module-option>
               <module-option
name="rolesCtxDN">ou=Roles,dc=example,dc=com</module-option>
               <module-option
name="roleFilter">(uniqueMember={1})</module-option>
               <module-option
name="roleAttributeID">cn</module-option>
           </login-module> 
        </authentication> 
     </application-policy>  

 </policy> 
 {code}
 authentication parse section code [1]  line 123:
 {code}
 AuthenticationInfo authInfo = new AuthenticationInfo();
 {code}
 which this cause null set as AuthenticationInfo name, then cause
'jboss.security.security_domain=null' as options be passed to LdapExtLoginModule,
this null value finally cause NPE in LdapExtLoginModule line around 840
 {code}
 Entry entry = (Entry) iter.next();
 env.put(entry.getKey(), entry.getValue());
 {code}
 [1]
https://github.com/picketbox/picketbox/blob/master/security-jboss-sx/jbos...
 [2]
https://github.com/picketbox/picketbox/blob/master/security-jboss-sx/jbos...

--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006