[jboss-jira] [JBoss JIRA] Created: (JBAS-4343) NullPointerException causing bad password exception in LdapLoginModule when the role attribute is not set for a given entry
pgillis (JIRA)
jira-events at lists.jboss.org
Tue Apr 17 15:20:30 EDT 2007
NullPointerException causing bad password exception in LdapLoginModule when the role attribute is not set for a given entry
---------------------------------------------------------------------------------------------------------------------------
Key: JBAS-4343
URL: http://jira.jboss.com/jira/browse/JBAS-4343
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Affects Versions: JBossAS-4.0.5.GA
Environment: Linux, kernel 2.6.20, i686
Reporter: pgillis
Priority: Minor
The org.jboss.security.auth.spi.LdapLoginModule class is throwing a NullPointerException that is causing authentication to fail in cases where, in my mind, it should be succeeding.
The NPE is thrown when a record is encountered that does not have the attribute listed in roleAttributeID. There are two issues here:
1. The error that shows up in the log is a BadPassword error. This is misleading, if anything it should be a configuration error.
2. The roles are for authorization not authentication. When this exception gets thrown, authentication is failing.
It seems reasonable for an LDAP attribute to be useful in identifying roles even if it isn't defined for every record. You can get around this problem with a more complex realm definition in login-config.xml, but shouldn't have to...thanks...
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list