[jboss-jira] [JBoss JIRA] (SECURITY-912) LdapExtLoginModule fails to load roles when a Custom Principal is specified
Derek Horton (JIRA)
issues at jboss.org
Thu Sep 17 11:15:02 EDT 2015
[ https://issues.jboss.org/browse/SECURITY-912?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13110080#comment-13110080 ]
Derek Horton commented on SECURITY-912:
---------------------------------------
Submitted a pull request to resolve this issue:
https://github.com/picketbox/picketbox/pull/49
> LdapExtLoginModule fails to load roles when a Custom Principal is specified
> ---------------------------------------------------------------------------
>
> Key: SECURITY-912
> URL: https://issues.jboss.org/browse/SECURITY-912
> Project: PicketBox
> Issue Type: Bug
> Components: JBossSX, Security-SPI
> Reporter: Jess Sightler
> Assignee: Stefan Guilhen
>
> LdapExtLoginModule.addRole(String) calls:
> super.createIdentity(roleName);
> This attempts to get the current context classloader for the current thread. Unfortunately, this fails as the context classloader is null.
> The callchain is:
> createLdapInitContext->rolesSearch->addRole
> Lines 432 and 433 of LdapExtLoginModule are:
> if (currentTCCL != null)
> SecurityActions.setContextClassLoader(null);
> This clears the classloader, so the principal class cannot be loaded.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list