Bug 1117804 - NPE causes LoginException in AbstractSTSLoginModule
Summary: NPE causes LoginException in AbstractSTSLoginModule
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ER10
: EAP 6.3.0
Assignee: Anil Saldhana
QA Contact: Hynek Mlnarik
Russell Dickenson
URL:
Whiteboard:
Depends On: 1118283
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-09 12:25 UTC by Hynek Mlnarik
Modified: 2015-09-01 03:34 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-08-06 14:40:25 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Hynek Mlnarik 2014-07-09 12:25:37 UTC 
The following exception is thrown in EAP 6.3.0.ER9, not seen in 6.3.0.ER8:

13:46:30,166 DEBUG [org.jboss.security] (http-localhost/127.0.0.1:8080-1) PBOX000206: Login failure: javax.security.auth.login.LoginException: java.lang.NullPointerException
        at org.picketlink.identity.federation.bindings.stspool.STSClientPoolInternal.putInInternal(STSClientPoolInternal.java:245)
        at org.picketlink.identity.federation.bindings.stspool.STSClientPoolInternal.putIn(STSClientPoolInternal.java:181)
        at org.picketlink.identity.federation.bindings.stspool.STSClientPoolFactory.returnClient(STSClientPoolFactory.java:119)
        at org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule.login(AbstractSTSLoginModule.java:422)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:408)
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345)
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:333)
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146)
        at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:216)
        at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:178)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)
        at java.lang.Thread.run(Thread.java:745)

        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:864) [rt.jar:1.7.0_55]
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_55]
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) [rt.jar:1.7.0_55]
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) [rt.jar:1.7.0_55]
        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_55]
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) [rt.jar:1.7.0_55]
        at javax.security.auth.login.LoginContext.login(LoginContext.java:595) [rt.jar:1.7.0_55]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:408) [picketbox-infinispan-4.0.19.SP8-redhat-1.jar:4.0.19.SP8-redhat-1]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.19.SP8-redhat-1.jar:4.0.19.SP8-redhat-1]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:333) [picketbox-infinispan-4.0.19.SP8-redhat-1.jar:4.0.19.SP8-redhat-1]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) [picketbox-infinispan-4.0.19.SP8-redhat-1.jar:4.0.19.SP8-redhat-1]
        at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:216) [jboss-as-web-7.4.0.Final-redhat-18.jar:7.4.0.Final-redhat-18]
        at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:178) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.4.0.Final-redhat-18.jar:7.4.0.Final-redhat-18]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.4.8.Final-redhat-3.jar:7.4.8.Final-redhat-3]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_55]


The following related testcase in PicketLink integration testsuite started to fail due to this exception:
* Gateway2ServiceHttpUnitAS7TestCase
Comment 1 Peter Skopek 2014-07-10 18:13:39 UTC 
tag for PicketLink:
http://git.app.eng.bos.redhat.com/git/picketlink25.git/tag/?id=v2.5.3.SP10
tag for PicketLink Bindings:
http://git.app.eng.bos.redhat.com/git/picketlink-bindings-25.git/tag/?id=v2.5.3.SP10
Comment 2 Kabir Khan 2014-07-10 22:30:06 UTC 
Fixed by upgrade
Comment 3 Ondrej Lukas 2014-07-17 12:06:24 UTC 
Verified in EAP 6.3.0.ER10.
Note You need to log in before you can comment on or make changes to this bug.