[jboss-jira] [JBoss JIRA] (SECURITY-912) LdapExtLoginModule fails to load roles when a Custom Principal is specified
Derek Horton (JIRA)
issues at jboss.org
Wed Sep 16 16:54:00 EDT 2015
[ https://issues.jboss.org/browse/SECURITY-912?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Derek Horton moved WFLY-889 to SECURITY-912:
--------------------------------------------
Project: PicketBox (was: WildFly)
Key: SECURITY-912 (was: WFLY-889)
Workflow: classic default workflow (was: GIT Pull Request workflow )
Component/s: JBossSX, Security-SPI
(was: Security)
> LdapExtLoginModule fails to load roles when a Custom Principal is specified
> ---------------------------------------------------------------------------
>
> Key: SECURITY-912
> URL: https://issues.jboss.org/browse/SECURITY-912
> Project: PicketBox
> Issue Type: Bug
> Components: JBossSX, Security-SPI
> Reporter: Jess Sightler
> Assignee: Anil Saldhana
>
> LdapExtLoginModule.addRole(String) calls:
> super.createIdentity(roleName);
> This attempts to get the current context classloader for the current thread. Unfortunately, this fails as the context classloader is null.
> The callchain is:
> createLdapInitContext->rolesSearch->addRole
> Lines 432 and 433 of LdapExtLoginModule are:
> if (currentTCCL != null)
> SecurityActions.setContextClassLoader(null);
> This clears the classloader, so the principal class cannot be loaded.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list