Uploaded image for project: 'Application Server 3  4  5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-4343

NullPointerException causing bad password exception in LdapLoginModule when the role attribute is not set for a given entry

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Done
    • Affects Version/s: JBossAS-4.0.5.GA
    • Fix Version/s: JBossAS-4.2.3.GA
    • Component/s: Security
    • Labels:
      None
    • Environment:

      Linux, kernel 2.6.20, i686

      Description

      The org.jboss.security.auth.spi.LdapLoginModule class is throwing a NullPointerException that is causing authentication to fail in cases where, in my mind, it should be succeeding.

      The NPE is thrown when a record is encountered that does not have the attribute listed in roleAttributeID. There are two issues here:

      1. The error that shows up in the log is a BadPassword error. This is misleading, if anything it should be a configuration error.

      2. The roles are for authorization not authentication. When this exception gets thrown, authentication is failing.

      It seems reasonable for an LDAP attribute to be useful in identifying roles even if it isn't defined for every record. You can get around this problem with a more complex realm definition in login-config.xml, but shouldn't have to...thanks...

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  mmoyses Marcus Moyses
                  Reporter:
                  pgillis pgillis
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: