[jboss-jira] [JBoss JIRA] (WFLY-3416) NPE in Undertow Extension if login module doesn't set Principal
Darran Lofthouse (JIRA)
issues at jboss.org
Thu May 29 05:33:16 EDT 2014
[ https://issues.jboss.org/browse/WFLY-3416?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12971532#comment-12971532 ]
Darran Lofthouse commented on WFLY-3416:
----------------------------------------
I will take this but the best you are going to get is an error message saying there is no Principal and the authentication attempt will be rejected.
The JAAS authentication if successful must add a Principal to the Subject.
> NPE in Undertow Extension if login module doesn't set Principal
> ---------------------------------------------------------------
>
> Key: WFLY-3416
> URL: https://issues.jboss.org/browse/WFLY-3416
> Project: WildFly
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Web (Undertow)
> Affects Versions: 8.1.0.CR2
> Reporter: Josef Cacek
> Assignee: Darran Lofthouse
>
> NPE is thrown during authentication if a LoginModule doesn't set any principal to the Subject.
> The problem comes from {{org.wildfly.extension.undertow.security.AccountImpl}} constructor call {{principal.getName()}}.
> {code}
> Caused by: java.lang.NullPointerException
> at org.wildfly.extension.undertow.security.AccountImpl.<init>(AccountImpl.java:61)
> at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verifyCredential(JAASIdentityManagerImpl.java:123)
> ...
> {code}
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
More information about the jboss-jira
mailing list