Details
-
Bug
-
Resolution: Done
-
Major
-
7.0.0.CR1
-
None
Description
In case when AdvancedLdapLoginModule is correctly configured for authentication, but its attribute rolesCtxDN is not set (i.e. is null), then authentication with correct username and password fails. It is caused be internal NPE for searching roles.
Expected behavior is that user should be authenticated but no roles should be assigned to them.
Internal NPE:
java.lang.NullPointerException:
at org.jboss.as.naming.InitialContext.getURLScheme(InitialContext.java:160)
at org.jboss.as.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:128)
at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:106)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
at org.jboss.security.negotiation.AdvancedLdapLoginModule.rolesSearch(AdvancedLdapLoginModule.java:720)
at org.jboss.security.negotiation.AdvancedLdapLoginModule.innerLogin(AdvancedLdapLoginModule.java:403)
at org.jboss.security.negotiation.AdvancedLdapLoginModule$AuthorizeAction.run(AdvancedLdapLoginModule.java:967)
at org.jboss.security.negotiation.AdvancedLdapLoginModule.login(AdvancedLdapLoginModule.java:326)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
...
Attachments
Issue Links
- clones
-
-
- Resolved
-
- is cloned by
-
-
- Verified
-
- is incorporated by
-
JBEAP-5349 (7.1.0) Upgrade jboss-negotiation to 3.0.3
-
- Verified
-
- relates to
-
-
- Verified
-
