[jboss-jira] [JBoss JIRA] (WFLY-6533) AdvancedLdapLoginModule with rolesCtxDN=null leads to authentication failure

Ondrej Lukas (JIRA) issues at jboss.org
Tue Apr 19 02:04:00 EDT 2016


Ondrej Lukas created WFLY-6533:
----------------------------------

             Summary: AdvancedLdapLoginModule with rolesCtxDN=null leads to authentication failure
                 Key: WFLY-6533
                 URL: https://issues.jboss.org/browse/WFLY-6533
             Project: WildFly
          Issue Type: Bug
          Components: Security
            Reporter: Ondrej Lukas
            Assignee: Darran Lofthouse


In case when AdvancedLdapLoginModule is correctly configured for authentication, but its attribute rolesCtxDN is not set (i.e. is null), then authentication with correct username and password fails. It is caused be internal NPE for searching roles.

Expected behavior is that user should be authenticated but no roles should be assigned to them.

Internal NPE:
{code}
java.lang.NullPointerException: 
    at org.jboss.as.naming.InitialContext.getURLScheme(InitialContext.java:160)
    at org.jboss.as.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:128)
    at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:106)
    at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
    at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
    at org.jboss.security.negotiation.AdvancedLdapLoginModule.rolesSearch(AdvancedLdapLoginModule.java:720)
    at org.jboss.security.negotiation.AdvancedLdapLoginModule.innerLogin(AdvancedLdapLoginModule.java:403)
    at org.jboss.security.negotiation.AdvancedLdapLoginModule$AuthorizeAction.run(AdvancedLdapLoginModule.java:967)
    at org.jboss.security.negotiation.AdvancedLdapLoginModule.login(AdvancedLdapLoginModule.java:326)
    sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ...
{code}



--
This message was sent by Atlassian JIRA
(v6.4.11#64026)


More information about the jboss-jira mailing list