Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-993

SimpleRole.hashCode NPE when a principal has the roles set to null

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Minor Minor
    • PicketBox_5_1_1.Beta1
    • PicketBox_5_1_0.Final
    • Identity
    • None

      If a principal is created with the roles set to null then NPE is reported back to the user during the authentication process:

      java.lang.RuntimeException: java.lang.NullPointerException
	at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verifyCredential(JAASIdentityManagerImpl.java:140)
	at org.wildfly.extension.undertow.security.JAASIdentityManagerImpl.verify(JAASIdentityManagerImpl.java:94)
	at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:167)
	at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:245)
....

Caused by: java.lang.NullPointerException
	at org.jboss.security.identity.plugins.SimpleRole.hashCode(SimpleRole.java:106)

              rhn-support-ivassile Ilia Vassilev
              sbiarozk Sergey Beryozkin
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: