Hi,
When using a basic async servlet, where the request processing is transferred to an @Asynchronous method, there's a NPE at the end of the request:
Exception in thread "default task-107" java.lang.NullPointerException
at org.wildfly.extension.undertow.security.jaspi.JASPIAuthenticationMechanism.wasAuthExceptionThrown(JASPIAuthenticationMechanism.java:164)
at org.wildfly.extension.undertow.security.jaspi.JASPIAuthenticationMechanism.access$100(JASPIAuthenticationMechanism.java:72)
at org.wildfly.extension.undertow.security.jaspi.JASPIAuthenticationMechanism$1.wrap(JASPIAuthenticationMechanism.java:240)
at org.wildfly.extension.undertow.security.jaspi.JASPIAuthenticationMechanism$1.wrap(JASPIAuthenticationMechanism.java:234)
at io.undertow.server.HttpServerExchange$WrapperStreamSinkConduitFactory.create(HttpServerExchange.java:2017)
at io.undertow.server.HttpServerExchange.getResponseChannel(HttpServerExchange.java:1167)
at io.undertow.servlet.spec.ServletOutputStreamImpl.close(ServletOutputStreamImpl.java:619)
at io.undertow.servlet.spec.HttpServletResponseImpl.closeStreamAndWriter(HttpServletResponseImpl.java:451)
at io.undertow.servlet.spec.HttpServletResponseImpl.responseDone(HttpServletResponseImpl.java:525)
at io.undertow.servlet.spec.AsyncContextImpl$3.run(AsyncContextImpl.java:294)
at io.undertow.servlet.spec.AsyncContextImpl$6.run(AsyncContextImpl.java:432)
The direct cause is that JASPIAuthenticationMechanism#wasAuthExceptionThrown tries to access the security context as-in the following line:
SecurityContextAssociation.getSecurityContext().getData().get(AuthException.class.getName()) != null