[jboss-jira] [JBoss JIRA] (ELY-1371) NullPointerException within DigestSaslClient if username is null.

Fri Sep 22 07:01:00 EDT 2017

     [ https://issues.jboss.org/browse/ELY-1371?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse resolved ELY-1371.
-----------------------------------
    Fix Version/s: 1.1.3.CR1
                   1.2.0.Beta4
       Resolution: Done


> NullPointerException within DigestSaslClient if username is null.
> -----------------------------------------------------------------
>
>                 Key: ELY-1371
>                 URL: https://issues.jboss.org/browse/ELY-1371
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: SASL
>    Affects Versions: 1.1.2.Final
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>            Priority: Blocker
>             Fix For: 1.1.3.CR1, 1.2.0.Beta4
>
>
> When running an EJB client which uses scoped context or legacy jboss-remote-naming API to invoke secured EJBs, a NPE occurs.
> Additionally, in the case with jboss-remote-naming legacy API, after this exception is logged, the client thread freezes (in the scoped context case, the exception propagates to the client thread).
> Full stack trace for the case of scoped context:
> {noformat}
> 		Suppressed: java.lang.NullPointerException
> 			at java.nio.charset.CharsetEncoder.canEncode(CharsetEncoder.java:984)
> 			at org.wildfly.security.mechanism.digest.DigestUtil.userRealmPasswordDigest(DigestUtil.java:209)
> 			at org.wildfly.security.sasl.digest.AbstractDigestMechanism.getSaltedPasswordFromTwoWay(AbstractDigestMechanism.java:539)
> 			at org.wildfly.security.sasl.digest.DigestSaslClient.createResponse(DigestSaslClient.java:231)
> 			at org.wildfly.security.sasl.digest.DigestSaslClient.evaluateMessage(DigestSaslClient.java:364)
> 			at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:180)
> 			at org.wildfly.security.sasl.digest.DigestSaslClient.evaluateChallenge(DigestSaslClient.java:349)
> 			at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54)
> 			at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55)
> 			at java.security.AccessController.doPrivileged(Native Method)
> 			at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55)
> 			at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:650)
> 			at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:926)
> 			at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> 			at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)			at java.lang.Thread.run(Thread.java:748)
> {noformat}


--
This message was sent by Atlassian JIRA
(v7.2.3#72005)