Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-944

AdvancedLdapLoginModule with rolesCtxDN=null leads to authentication failure

    Details

      Description

      In case when AdvancedLdapLoginModule is correctly configured for authentication, but its attribute rolesCtxDN is not set (i.e. is null), then authentication with correct username and password fails. It is caused be internal NPE for searching roles.

      Expected behavior is that user should be authenticated but no roles should be assigned to them.

      Internal NPE:

      java.lang.NullPointerException: 
          at org.jboss.as.naming.InitialContext.getURLScheme(InitialContext.java:160)
          at org.jboss.as.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:128)
          at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:106)
          at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
          at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule.rolesSearch(AdvancedLdapLoginModule.java:720)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule.innerLogin(AdvancedLdapLoginModule.java:403)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule$AuthorizeAction.run(AdvancedLdapLoginModule.java:967)
          at org.jboss.security.negotiation.AdvancedLdapLoginModule.login(AdvancedLdapLoginModule.java:326)
          sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          ...
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  thofman Tomas Hofman
                  Reporter:
                  olukas Ondrej Lukas
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: