Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-5902

Regression in parsing username in LdapExtLoginModule

XMLWordPrintable

    • Regression

      In case when customers using LdapExtLoginModule with option parseUsername=true but without option usernameBeginString (i.e. usernameBeginString=null) then all users cannot be successfully authenticated into application. Authentication failure is caused by hidden internal NPE.

      It is the same issue as was reported in [1], but fix is missing in current EAP 7.1 version of PicketBox (5.0.0.Alpha3).

      We request blocker flag because:

      • Valid configuration which works for 7.0.x becomes invalid after migration to 7.1.0
      • All users cannot authenticate to application despite of valid EAP configuration
      • Authetication failure caused by NPE is logged to server log

      Thrown NPE:

      java.lang.NullPointerException
        at org.jboss.security.auth.spi.LdapExtLoginModule.getUsername(LdapExtLoginModule.java:963)
        at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:342)
        at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:283)

      [1] https://issues.jboss.org/browse/JBEAP-364?focusedCommentId=13160168&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13160168

              rhn-support-ivassile Ilia Vassilev
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: