Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-21852

(7.4.z) ELY-2120 - Avoid an NPE in ServerAuthenticationContext when the peer's IP address is not known

    XMLWordPrintable

Details

    Description

      ELY-1894 introduced the ability to make use of the IP address of the client that's connecting to the server to determine what roles should be assigned to the client.

      As part of this change, the callback handler in ServerAuthenticationContext was updated to be able to handle the SocketAddressCallback:

      https://github.com/wildfly-security/wildfly-elytron/blob/1.x/auth/server/base/src/main/java/org/wildfly/security/auth/server/ServerAuthenticationContext.java#L1059-L1061

      If the client's IP address cannot be determined for some reason, it's possible that SocketAddressCallback.getAddress() will be null on line 1060. We should update this to avoid an NPE here.

      We should also avoid an NPE in the case that ((InetSocketAddress) socketAddressCallback.getAddress()).getAddress() is null.

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. ELY-2120 Avoid an NPE in ServerAuthenticationContext when the peer's IP address is not known

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-21472 (7.4.z) Upgrade Elytron from 1.15.3.Final-redhat-00001 to 1.15.5.Final-redhat-00001

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              rhn-support-ivassile Ilia Vassilev
              rhn-support-ivassile Ilia Vassilev
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: