+++ This bug was initially created as a clone of Bug #1067610 +++ Description of problem: If the DatabaseRolesMappingProvider's rolesQuery returns an empty set, then the authentication attempts will fail. Seems like it should not cause the authentication attempt to fail, since this is about mapping/adding roles. It looks like the code detects that the result set is empty, but then it tries to get the role from the empty set. This causes an exception which in turn causes the authentication attempt to fail. Steps to Reproduce: 1. Configure the security-domain to use the DatabaseRolesMappingProvider 2. Login as a user that authenticates correctly, but the role query should return an empty set Actual results: The authentication request will fail. Expected results: The authentication request should succeed, but the DatabaseRolesMappingProvider should not apply any roles
Fix committed to: https://svn.jboss.org/repos/picketbox/branches/eap62 https://svn.jboss.org/repos/picketbox/trunk
Derek Horton <dhorton> updated the status of jira SECURITY-797 to Resolved
Verified on EAP 6.2.2.CR2.
Derek, Please provide draft Release Notes text for this ticket. Thank you