Details

      Description

      Use LdapExtLoginModule in j2se with condifg:

      <?xml version='1.0'?> 
       
      <policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
               xsi:schemaLocation="urn:jboss:security-config:5.0"
               xmlns="urn:jboss:security-config:5.0"
               xmlns:jbxb="urn:jboss:security-config:5.0">
               
          <application-policy name = "Sample-Ldap"> 
             <authentication>
                <login-module code = "org.jboss.security.auth.spi.LdapExtLoginModule" flag = "required">  
                    <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
                    <module-option name="java.naming.provider.url">ldap://10.66.218.46:389</module-option>
                    <module-option name="java.naming.security.authentication">simple</module-option>
                    <module-option name="bindDN">cn=Manager,dc=example,dc=com</module-option>
                    <module-option name="bindCredential">redhat</module-option>
                    <module-option name="baseCtxDN">ou=Customers,dc=example,dc=com</module-option>
                    <module-option name="baseFilter">(uid={0})</module-option>
                    <module-option name="rolesCtxDN">ou=Roles,dc=example,dc=com</module-option>
                    <module-option name="roleFilter">(uniqueMember={1})</module-option>
                    <module-option name="roleAttributeID">cn</module-option>
                </login-module> 
             </authentication> 
          </application-policy>  
           
      </policy> 
      

      authentication parse section code [1] line 123:

      AuthenticationInfo authInfo = new AuthenticationInfo();
      

      which this cause null set as AuthenticationInfo name, then cause 'jboss.security.security_domain=null' as options be passed to LdapExtLoginModule, this null value finally cause NPE in LdapExtLoginModule line around 840

      Entry entry = (Entry) iter.next();
      env.put(entry.getKey(), entry.getValue());
      

      [1] https://github.com/picketbox/picketbox/blob/master/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java
      [2] https://github.com/picketbox/picketbox/blob/master/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/LdapExtLoginModule.java

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  kylin Kylin Soong
                  Reporter:
                  kylin Kylin Soong
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: