Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-4247

(7.0.z) AdvancedLdapLoginModule with rolesCtxDN=null leads to authentication failure

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 7.0.2.CR1
    • 7.0.0.CR1
    • Security
    • None
    • EAP 7.0.2

      In case when AdvancedLdapLoginModule is correctly configured for authentication, but its attribute rolesCtxDN is not set (i.e. is null), then authentication with correct username and password fails. It is caused be internal NPE for searching roles.

      Expected behavior is that user should be authenticated but no roles should be assigned to them.

      Internal NPE:

      java.lang.NullPointerException: 
          at org.jboss.as.naming.InitialContext.getURLScheme(InitialContext.java:160)
          at org.jboss.as.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:128)
          at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:106)
          at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
          at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule.rolesSearch(AdvancedLdapLoginModule.java:720)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule.innerLogin(AdvancedLdapLoginModule.java:403)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule$AuthorizeAction.run(AdvancedLdapLoginModule.java:967)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule.login(AdvancedLdapLoginModule.java:326)
          sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          ...
      

              thofman Tomas Hofman
              olukas Ondrej Lukas (Inactive)
              Ondrej Lukas Ondrej Lukas (Inactive)
              Ondrej Lukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: